When Your Vendors Become A Cyber Liability
If It’s Digital, It’s Hackable
Customs and Border Protection failed to keep their photographic database of vehicular traffic crossing through US border crossings safe. It involved a single lane at one border crossing covering two months.
How did they let this happen?
Well, they contracted their database services to a third party and trusted the third party to protect those databases. Third parties are probably one of the weakest links due to their poor cybersecurity.
The Importance of Security Brass Tacks
There have been many significant breaches at companies and organizations, and they all boil down to one thing — failure to institute or enforce proper security procedures and protocols. These include doing updates, installing security patches, having full, verified backups, preventing unauthorized access, and stolen credentials.
Hackers are becoming more sophisticated and seem to find every instance of improper security to exploit.
Is there any Accountability?
Unfortunately, no. Many regulations have been put in to help companies improve their information security. Without having a security professional available to explain how to implement the requirements, it is challenging for the average business professional to understand what conditions and regulations apply to their particular business because not all rules apply to each industry.
Some businesses are required to comply with many sets of regulations. That means deciding the most critical to meet with first and then a determine the security controls that must be satisfied for each compliance regulation.
We are at war, and that war is in cyberspace. That war will end with the failure of many businesses, and the economic damage will be incalculable. We can no longer give any company, organization, or government agency a free pass. Until we enforce with severe fines and penalties — non-compliance will continue to be an issue.