Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Risk Assessment. Show all posts
Slack
Company Security CrowdStrike Cyber risks Cyber Security Cyber Security Vendor Cybersecurity Crisis Risk Assessment Slack

Managing Vendor Cyber Risks: How Businesses Can Mitigate Third-Party Failures

 

On Wednesday, businesses worldwide experienced disruptions when Slack, a popular workplace communication tool, went offline due to a technical issue. The outage, which lasted several hours, forced teams to rely on alternative communication methods such as emails, phone calls, or in-person discussions. While the incident was quickly resolved, it highlighted a broader issue—businesses’ growing dependence on third-party software providers and the risks associated with their failures. 

While Slack’s downtime was inconvenient, other recent outages have had more severe consequences. In early 2024, Change Healthcare, a payment processing provider under UnitedHealth Group, suffered a ransomware attack that disrupted medical billing nationwide. Healthcare providers struggled to process insurance claims, delaying patient care and, in some cases, resorting to handwritten billing records. A few months later, CDK Global, a software provider used by car dealerships, was hacked, causing widespread operational shutdowns across the auto sales industry. 

In July, a major issue with cybersecurity firm CrowdStrike led to massive flight cancellations, grounding thousands of travelers worldwide. These incidents demonstrate how companies, even with strong internal security measures, remain vulnerable to the weaknesses of their vendors. Cyber insurance and risk management company Resilience reported that in 2024, nearly one-third of the claims it processed were related to vendor-based cyber incidents, including outages and ransomware attacks. 

The company’s CEO, Vishaal “V8” Hariprasad, noted that many organizations overlook the risks posed by third-party providers, despite the potential for significant financial losses. While businesses cannot completely eliminate third-party risks, they can take steps to reduce their exposure. Conducting thorough security assessments before partnering with vendors is crucial. Many organizations assume that if a company offers a widely used service, it must be secure, but that is not always the case. 

Companies should verify whether vendors carry cyber insurance covering third-party risks and review their security protocols, especially for remote access. Cybersecurity rating services such as Security Scorecard and BitSight can help businesses monitor vendor vulnerabilities in real time, allowing them to respond quickly to potential threats. Developing a robust incident response plan can help minimize the impact of vendor failures. Businesses should conduct risk assessments to identify critical systems and outline alternative solutions in case of outages. 

For example, if a primary communication platform becomes unavailable, having a backup system in place can prevent workflow disruptions. Regular cybersecurity drills can also help companies prepare for worst-case scenarios, ensuring that employees know how to respond to a vendor-related cyber incident. Strengthening internal security measures is another essential step. Multi-factor authentication, zero-trust architecture, and network monitoring can help prevent attackers from exploiting vendor weaknesses to gain access to a company’s systems. 

Subscribing to dark web monitoring services can also help detect stolen credentials, allowing businesses to take preventive action before cybercriminals can exploit compromised accounts. A single cyber incident does not necessarily indicate that a vendor is unreliable, but how they respond to the crisis matters. CrowdStrike’s software update issue in July led to thousands of flight cancellations, but some cybersecurity experts argue that the company’s overall security offerings remain strong. Knee-jerk reactions, such as immediately abandoning a vendor after an incident, can sometimes do more harm than good. 

While vendor-related cyber risks are an unavoidable part of doing business in a digital world, preparation and proactive security measures can make the difference between a minor disruption and a full-blown crisis. Companies that invest in due diligence, response planning, and internal security improvements are better positioned to withstand third-party failures and recover quickly when issues arise.
Read more »
Threat Intelligence
Corporate Cyber Security Organization security Risk Assessment Threat Intelligence

Beyond Prioritization: Security Journey for Organizations

Prioritization tools typically rely on factors like severity, exploitability, and potential impact. While these criteria are valuable, they don't provide the full picture.

Organizations face an overwhelming number of vulnerabilities, and deciding which ones to address first can be a challenge for many. However, it's essential to recognize that prioritization is merely the beginning of a more comprehensive security journey.

The Limitations of Prioritization

Prioritization tools typically rely on factors like severity, exploitability, and potential impact. While these criteria are valuable, they don't provide the full picture. Here are some limitations:
  1. Context Matters: Prioritization tools often lack context. They don't consider an organization's unique environment, business processes, or specific threats. A high-severity vulnerability might be less critical if it doesn't align with an organization's risk profile.
  2. Dynamic Threat Landscape: Threats evolve rapidly. A vulnerability that seems low-risk today could become a weaponized exploit tomorrow. Prioritization models need to account for this dynamic nature.
  3. Resource Constraints: Organizations have finite resources—time, budget, and personnel. Prioritization doesn't address how to allocate these resources effectively.

The Holistic Approach

To move beyond prioritization, consider the following steps:
  • Risk Assessment: Start by understanding your organization's risk appetite. Conduct a risk assessment that considers business impact, regulatory compliance, and threat intelligence. This assessment informs your vulnerability management strategy.
  • Asset Inventory: Create a comprehensive asset inventory. Knowing what you're protecting allows you to prioritize vulnerabilities based on critical assets. Not all systems are equal; some are more vital to your operations.
  • Threat Intelligence: Stay informed about emerging threats. Collaborate with industry peers, subscribe to threat feeds, and monitor security forums. Threat intelligence helps you contextualize vulnerabilities.
  • Attack Surface Reduction: Minimize your attack surface. Remove unnecessary services, close unused ports, and segment your network. Fewer entry points mean fewer vulnerabilities to manage.
  • Patch Management: Prioritize patching based on risk. Critical systems should receive immediate attention, while less critical ones can follow a staggered schedule.
  • Security Hygiene: Regularly review configurations, permissions, and access controls. Misconfigurations often lead to vulnerabilities. Implement security baselines and automate hygiene checks.
  • Incident Response Readiness: Prepare for incidents. Develop an incident response plan, conduct tabletop exercises, and ensure your team knows how to respond effectively.

Transparency and Communication

Transparency is crucial. Communicate with stakeholders—executives, IT teams, and end-users. Explain the rationale behind vulnerability management decisions. Transparency builds trust and ensures everyone understands the risks.

Vulnerability prioritization is essential, but it's not the destination—it's the starting point. Embrace a holistic approach that considers context, risk, and resource constraints. By navigating the security journey with diligence and transparency, organizations can better protect their digital assets.
Read more »
Subscribe to: Posts (Atom)