While data breaches are commonplace, occasionally there’s an attack so audacious that its impact reverberates long after the initial jolt. Such was the case with the SolarWinds supply chain breach, in which a nation-state surreptitiously inserted eavesdropping malware into an Oklahoma software maker’s IT performance management solution used by governments and major enterprises.
While IT security teams scrambled to determine and limit their own exposure, the SolarWinds breach had a detrimental downstream impact since the attackers also accessed users’ customer data. Thus, organizations — from small businesses to huge government agencies — were reminded of how vulnerable they are to cyberattacks through service providers and software with privileged access.
This report, based on a study conducted by the Cyber Risk Alliance and sponsored by Trava, reveals insights