CyberSecutirybanner

Cybersecurity and the SEC lawsuit: The vital role of observability in safeguarding your organization

Cybersecurity remains a priority for technology users - and regulators.
News that the US Securities and Exchange Commission (SEC) is suing SolarWinds for “hiding cybersecurity weaknesses” during a major hack targeted at the US government is a massive wake-up call for technology companies.

In my opinion, the real issue in this case was the cyber risk posed by SolarWinds’ automated updates, which were “pushed” out to customers on a regular basis, often through public networks.

Many of their customers’ security models were built like a castle and a moat: The entrance to the castle was heavily fortified but, once someone is cleared to enter inside, no one challenges them to go about their business. This is where SolarWinds fell down. The automated “push” updates to its software meant that each customer’s castle was already open to the hackers who entered through the backdoor. 

Once inside, the hackers injected malware into the SolarWinds Orion platform and compromised the data of more than 30,000 organizations. These included the US Departments of State, Treasury, Homeland Security, Commerce, and Energy, as well as other international targets.
Events like this have unsurprisingly prompted a swift shift in mindset when it comes to cyber security: Trust no one. That includes your technology provider, especially when it comes to software updates.

At ITRS, software updates rely on your IT team going to a secure site to upload the updates. The question for your IT team is: How many of your software providers are pushing updates through? How secure is this? It’s worth a look. After all, better safe than sorry.

Conclusion

Observability and monitoring platforms play a crucial role in cybersecurity, helping your teams detect to authentication vulnerabilities, weaknesses in access control, and external dependencies - as well as brute force attacks. 


Learn how ITRS provides the visibility to detect and prevent cyberattacks


ITRS GeneosITRS infrastructure monitoring


 

Related posts

Boston Office

ITRS opens new US office in Boston

ITRS is excited to announce the opening of a new office in Boston, Massachusetts, one of the top three SaaS technology centers in the United States. The Boston office, along with our NYC location, will help us to connect with our US customers more closely.

Read full post
EcoVadis 2023 Silver Award

ITRS earns a 2023 EcoVadis silver medal for strong sustainability performance

We're thrilled to share that ITRS has been recognized with a Silver Medal from EcoVadis in its 2023 Silver Sustainability Rating.

Read full post
great place to work itrs

ITRS is STILL a Great Place To Work!

ITRS’s London office has been accredited as a Great Place to Work once again for 2023. Last year, the well-known authority on workplace culture – Great Place To Work® – recognized ITRS as one of the UK's Best Workplaces in Tech 2022®.

Read full post
smi_world_connected_blog

Regulators call for action on operational resilience

Black Swan events – the things you think will never happen - can and do happen. No matter how resilient your firm is, there are always unexpected external threats and risks beyond your control.

Read full post
SEE MORE