Supply chain attacks are a launch pad for emerging automated, active-adversary attacks: Sophos study

0
Sunil Sharma, Managing Director – Sales, India & SAARC, Sophos
Read Article

Sophos has announced the findings of its global survey, The Impossible Puzzle of Cybersecurity, which reveals IT managers are inundated with cyberattacks coming from all directions as cybercriminals exploit weak links in security that are leading to supply chain (third party vendor) compromises. The survey polled 3,100 IT decision makers from mid-sized businesses in the US, Canada, Mexico, Colombia, Brazil, UK, France, Germany, Australia, Japan, India, and South Africa.

Based on the responses, it’s not surprising that 27 percent of Indian IT managers consider IoT threats while 21 percent consider internal staff as the top security risks. Alarmingly, only 24 percent of Indian IT managers consider supply chain as a top security risk, exposing an additional weak spot that cybercriminals will likely add to their repertoire of attack vectors.

“Cybercriminals are always looking for a way into an organization, and supply chain attacks are ranking higher now on their list of methods. IT managers should prioritize supply chain as a security risk, but don’t because they consider these attacks perpetrated by nation states on high profile targets. While it is true that nation states may have created the blueprints for these attacks, once these techniques are publicized, other cybercriminals often adopt them for their ingenuity and high success rate,” said Sunil Sharma, managing director sales, Sophos India & SAARC. “Supply chain attacks are also an effective way for cybercriminals to carry out automated, active attacks, where they select a victim from a larger pool of prospects and then actively hack into that specific organization using hand-to-keyboard techniques and lateral movements to evade detection and reach their destination.”

Synchronized Security Solves the Impossible Puzzle of Cybersecurity
With cyberthreats coming from supply chain attacks, phishing emails, software exploits, vulnerabilities, insecure wireless networks, and much more, businesses need a security solution that helps them eliminate gaps and better identify previously unseen threats. Sophos Synchronized Security, a single integrated system, provides this much needed visibility to threats by integrating Sophos endpoint, network, mobile, Wi-Fi, and encryption products to share information in real-time and automatically respond to incidents. More information about Synchronized Security is available at Sophos.com.


If you have an interesting article / experience / case study to share, please get in touch with us at editors@expresscomputeronline.com

LEAVE A REPLY

Please enter your comment!
Please enter your name here