Page 141 - Cyber Defense eMagazine September 2023
P. 141
Can we trust our software?
The reliance of companies on the MOVEit file transfer system to exchange highly sensitive information
amplifies the significance of the recent hack and the security patch issue. Organisations placed their trust
in MOVEit as a secure solution for their data transfers, making the breach in its security infrastructure
particularly alarming. The fact that the loophole went unnoticed due to a security patch issue raises
concerns about the effectiveness of their security practices and the thoroughness of their assessments.
When companies entrust a third-party vendor with their sensitive data, they are entitled to expect a higher
level of security and protection. The occurrence of a hack within a trusted system like MOVEit raises
questions about the reliability of vendor systems and their diligence in detecting vulnerabilities.
Organisations should engage in rigorous vendor assessments before implementing third-party software
solutions. Evaluating the vendor's security history, conducting penetration testing of the software, and
reviewing third-party security certifications can provide insights into the vendor's commitment to cyber
security. Establishing clear security requirements in vendor contracts and conducting regular security
reviews can help maintain a high standard of cyber security across all vendor relationships.
The time to act is now
This unfortunate incident also underscores the need for organisations, regardless of their size, to prioritise
cyber security. Investing in advanced threat detection and prevention technologies, employing regular
employee training programmes, implementing robust access controls, and conducting regular security
audits are vital steps to defend against evolving cyber threats.
The recent wave of vendor-related cyber-attacks serves as a wakeup call for organisations to fortify their
cyber security measures. Through comprehensive and frequent security assessments, and stronger
access controls, businesses can bolster their resilience against cyber threats. Collaborating with vendors
and actively engaging in risk assessments can enhance the overall security posture. By assuming greater
ownership of their cyber security, organisations can protect sensitive data, preserve customer trust, and
ensure a safer digital future. The collaboration between businesses and cyber security experts is crucial
in combating the growing menace of cyber-attacks and securing the digital landscape for all.
About the Author
Jack Viljoen is Head of Prodinity Cyber Solutions.
Jack can be reached via email, on LinkedIn, and at our company website:
www.prodinity.com
Cyber Defense eMagazine – September 2023 Edition 141
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.