Security Vendors: The Trojan Horse of the 21st Century

essidsolutions

Given the recent high-profile breaches at several prominent companies, including Ubiquiti and T-Mobile, security vendors are set to become the Trojan horse for hackers today. This article by Heather Gantt-Evans, CISO, SailPoint, shares how in today’s world, organizations can avoid the fate of the city of Troy’s downfall in the 11th century BC by adopting a ‘defense in depth’ approach.

In the 11th century BC, the Greeks built a towering wooden sculpture famously known as the Trojan horse. This simple, singular structure allowed them to successfully infiltrate and destroy an entire city, ending months of siege overnight due to one stealthy tactic. 

In more recent times, the Trojan horse has transformed from a tangible piece of warfare artistry to seemingly invisible code known as malware, concealed as a regular file that users perceive as harmless, only to wreak havoc as the delivery vehicle for a variety of critical threats. While this idea is widely known, particularly in the cybersecurity space, many did not anticipate security vendors themselves falling prey to its subversiveness. 

The SolarWinds Hack took the business world by storm as one of the largest successful data breaches in recent history since NotPetya. Although security experts have long warned of this type of software supply chain vulnerability, it is only now starting to be perceived as a major threat across all enterprises and industries. Now, businesses are on edge and eager to validate their security posture, moving quickly to close any and all vulnerability gaps within their corporate infrastructures. 

But it’s important to underscore that, unlike the Trojan horse that took down Troy, this trend of vendors becoming more prominent risks in recent years did not happen overnight. There are ways that organizations can best manage their vendors, technology and workforce to protect against these threats for the rest of the 21st century. 

Learn More: Survived the Pandemic? Don’t Risk Your Business to a Cyberattack Now

The Previous Lack of Preparation for Software Supply Chain Attacks 

Where security vendors build trust, malicious actors are chomping at the bit to exploit a potential vulnerability. Bad actors are taking advantage of client trust and are working to access machine-to-machine communication channels via malware concealed as software updates — SolarWinds serving as a prime example. 

The IT management and monitoring company involved caused an uproar in the industry after they discovered a breach in their systems one year after it had initially been hacked. Access to their network was achieved, and their application monitoring platform was used to produce and distribute “trojanized” updates to SolarWinds’ user base. 

In response to the increase in these threats, a 2021 Gartner reportOpens a new window highlights that organizations are now prioritizing vendor consolidation as an avenue for reduced costs and better security, with 80% interested in a vendor consolidation strategy. While security solutions become more sophisticated to prevent these attacks, cybercriminals are working to outmatch them and find more vulnerabilities via third parties. Organizations are feeling the pressure to simplify their complex security operations, decrease vendor headcounts and choose better-integrated products to address all their needs. 

Learn More:  Why Cyber Risk Should Be a Top Consideration During Mergers and Acquisitions

Preventing Security Breaches Moving Forward

Despite their interest in a vendor consolidation strategy, today, most organizations still do not have a detection or prevention plan of action should they need to respond to a Trojan horse vendor situation. One surefire way to prevent this from occurring is with a strong identity strategy. It is vital that organizations have visibility into who has access to what, who should have access, and how they are utilizing that access. Security teams should apply zero-trust architecture principles as part of this strategy and implement role-based access controls to ensure their supply chain is not being exploited. 

By applying both of these foundational layers, businesses can apply a ‘defense in depth’ approach — fewer vendors and more layers of defense within the organization serve as vital protection measures. It is imperative that organizations balance their innovation and growth with security, especially at a time when the economy is reopening, and workers will continue in a “work from anywhere” capacity. 

With identity security and additional layers of defense, organizations can avoid Troy’s destiny and continue to keep their businesses safe, armed to combat the rise in sophistication and vendor Trojan horse scenarios in the 21st century.

Did you find this article helpful? Tell us what you think on LinkedInOpens a new window , TwitterOpens a new window , or FacebookOpens a new window . We’d be thrilled to hear from you.

Contact ESSID Solutions

    By clicking Send Message, you agree to our Terms of Use and Privacy Policy.

    Reach out to us for a free consultation on big data consultancy and development services.

    Contact

    Rua Alexandre de Sa Pinto 143
    1300-034 Lisbon
    Portugal

    [email protected] +351927159955
    Privacy Policy Terms of Service Refund and Returns Policy

    © 2024 ESSID SOLUTIONS LDA