Cyber Defense Magazine Special Annual Edition for RSA Conference 2021
Cyber Defense Magazine Special Annual Edition for RSA Conference 2021 - the INFOSEC community's largest, most popular cybersecurity event in the world. Hosted every year in beautiful and sunny San Francisco, California, USA. This year, post COVID-19, virtually with #RESILIENCE! In addition, we're in our 9th year of the prestigious Global InfoSec Awards. This is a must read source for all things infosec.
Cyber Defense Magazine Special Annual Edition for RSA Conference 2021 - the INFOSEC community's largest, most popular cybersecurity event in the world. Hosted every year in beautiful and sunny San Francisco, California, USA. This year, post COVID-19, virtually with #RESILIENCE! In addition, we're in our 9th year of the prestigious Global InfoSec Awards. This is a must read source for all things infosec.
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
any legacy/near-end-of-life products which may no longer be receiving the expected vulnerability testing<br />
ef<strong>for</strong>ts.”<br />
Sometimes M&A activity can have security implications on a scale well beyond the product level.<br />
Consider the scenario hospitality giant Marriott International faced after acquiring the Starwood Hotel<br />
chain. What Marriott didn’t know was that Starwood’s IT systems had been compromised by hackers<br />
be<strong>for</strong>e the acquisition took place. In this case the hackers laid low, choosing to passively monitor their<br />
victim <strong>for</strong> many months and so the breach went undetected. After the two organizations were integrated,<br />
however, the hackers began siphoning off data, resulting one of the largest breaches of consumer data<br />
to date.<br />
While customers might expect to be in<strong>for</strong>med of major changes to the products and services they use, it<br />
doesn’t always happen, and so the responsibility is ultimately on the enterprise to take ownership of their<br />
own security, even if that means assuming that any component, software, or application that it does not<br />
have complete control over is likely already compromised. From there, the organization must exercise<br />
diligent, continuous testing of all systems in order to ensure changes in status are detected, security gaps<br />
are identified, and proper action is taken to close those gaps quickly.<br />
It can be easy to think that, because a vendor or service provider markets their offerings on security, you<br />
don’t have to worry about it. But as the lessons of cybertheory tell us, organizations can’t rely on others<br />
to address their data security needs. Trust not in third-parties. Do your due diligence when making<br />
purchasing decisions, and keep the conversation going. Pay attention to changes and, if one of your<br />
partners or vendors is involved in any market deals—directly or indirectly—find out what the implications<br />
are <strong>for</strong> your organization.<br />
Vendors and service providers should regard their customers and subscriber relationships as more than<br />
merely transactional. But just because you’ve invested your trust in them doesn’t mean they will continue<br />
to earn that trust. No organization is perfect; adversaries are counting on it.<br />
About the Author<br />
Gregory Hoffer is CEO of Coviant Software, maker of the secure,<br />
managed file transfer plat<strong>for</strong>m Diplomat MFT. Greg’s career spans two<br />
decades of successful organizational leadership and award-winning<br />
product development. He was instrumental in establishing groundbreaking<br />
technology partnerships that helped accomplish Federal<br />
In<strong>for</strong>mation Processing Standards (FIPS), the DMZ Gateway,<br />
OpenPGP, and other features essential <strong>for</strong> protecting large files and<br />
data in transit.<br />
For more in<strong>for</strong>mation visit Coviant Software online, or follow Coviant<br />
Software on Twitter.<br />
36