supply chain Tag

Broken Security Promises and the Big Threat from Smaller Partners

Broken Security Promises and the Big Threat from Smaller Partners

When two companies are directly connected to each other, they need to believe that the other is doing all it can to shore up its defenses. What happens, though, when the relationship between two companies is distinctively different and imbalanced because of size. Enterprises, while often the target of sophisticated actors, have a sizable IT and security budget that allows them to build defense in depth. That’s not always the case for small businesses, which leaves them vulnerable to cyberattacks.  The US Small Business Administration recently reported, “88% of small business...

Share Post

An Apple A Day Won’t Keep Malware Away

When researchers at Independent Security Evaluators published its 2016 report, Hacking Hospitals, the idea that vulnerabilities in medical devices could result in patient harm seemed like a serving of FUD (fear, uncertainty and doubt). Four years later, as we debate how and whether to return to life as we knew it before quarantine, there is irrefutable evidence that the health care sector is highly vulnerable to attack.  From daily news stories to scholarly articles, security experts continue to warn of the cyber threats the health care sector is facing, yet they...

Share Post

How Effective Are Your Security Investments?

According to the annual ESG survey, 60% of companies said they were targeted with a ransomware attack in 2019. Not surprisingly, those organizations are looking to augment their cybersecurity tools and processes. Defense in depth has long been touted as a reliable approach to securing the enterprise, and the strategy of adding layers has led to increased security spend. Notably, “62% of organizations will increase their security spending in 2020, continuing a multi-year boom in security technology investments,” the report said.  The Risks of Too Many Layers Spending more money on security...

Share Post

Visibility is Key to Securing Election Infrastructure

While many feel that they are living in Groundhog Day, the days and weeks do continue to pass us by, bringing the 2020 Presidential election closer with still no clear path for securing the election process. Recognizing the risks, the National Institute of Standards and Technology (NIST) published a document of risk management for election security. NIST certainly isn’t the only government (or non-government) agency to offer such guidance because the issue of election security is complex and further complicated by more than old technology. What are the risks? That’s not...

Share Post