It’s Time Organizations Stop Blaming Others for Their Bad Security Posture
Our Head of Product, Marco Figueroa wrote an article for Toolbox.com
Security should be an internal responsibility, but all too often, organizations trust third-party solutions to protect their systems. With cybercriminals able to penetrate most company networks, addressing security-related blind spots is now more critical than ever. Marco Figueroa, Head of Product, at BreachQuest discusses.
Throughout my experience in incident response, it really only takes one user to click on one corrupted file to be phished, resulting in the organization being compromised.
With all of the stories in the media around the increase in ransomware attacks, it is alarming to me how unprepared companies are for such situations. Then again, most companies think they are adequately prepared for attack until a breach occurs because they trust external software that permeates the organization. This has become a common blindspot across industries.
The Need for Regular Audits
With supply chain attacks grabbing headlines over the last couple of years, we are finally seeing more organizations auditing the small to mid-sized vendors they are working with. For example, many Fortune 2000 companies conduct in-depth auditing of anyone they bring into the supply chain. Yet there are still situations where a breach occurs. The business is not aware of it for days or even weeks afterward. Moreover, companies still invest in security practices minimally, opting only to spend money on security when flaws and vulnerabilities are found at an internal level. For these reasons, it is imperative that the enterprise take full responsibility for securing itself against attacks and understanding how to do this correctly.