Serviceteam IT Security News

Third-party libraries, container components and even remote workers represent a major supply chain risk to organizations as they head into a new decade, according to Trend Micro.

The security giant’s new 2020 predictions report, The New Norm, warned of a growing cloud attack surface, as hackers focus their efforts on code injection attacks to steal sensitive information — either directly or via third-party libraries.

Continued user misconfigurations will exacerbate cloud security challenges, while developers’ reliance on third-party code could expose countless organizations, it continued.

The report highlighted shared container components containing vulnerabilities as exposing organizations to attacks across the IT stack.

The supply chain risk will extend to managed service providers (MSPs), especially those with multiple SMB customers, the report claimed.

Interestingly, Trend Micro also defined home and remote working environments as potential hotspots for supply chain attacks. This could cover everything from weak Wi-Fi security in public workspaces to smart home challenges posed by unsecured smart TVs, speakers and digital assistants.

“Connected home devices serving as a gateway for enterprise attacks is an unavoidable development considering how employees may find these convenient for work use as well,” the report noted. “Enterprises will have to decide on what information security policies to implement to deal with such scenarios.”

The security vendor recommended a cross-generational blend of tools and techniques to enable key controls including: behavioral monitoring; endpoint security; intrusion detection/prevention; managed detection and response; threat prevention and improved visibility.

This should be complemented by a renewed focus on due diligence of cloud providers, regular vulnerability scans of third-party code and components, and revised security policies for remote workers, it said.

“As we enter a new decade, organizations of all industries and sizes will increasingly rely on third-party software, open-source, and modern working practices to drive the digital innovation and growth they crave,” said Jon Clay, director of global threat communications for Trend Micro.

“Our threat experts predict that this fast growth and change will bring new risks of supply chain attacks. From the cloud layer all the way down to the home network, IT security leaders will need to reassess their cyber risk and protection strategy in 2020.”

Join Infosecurity on 9th January as we take an overall look at predictions for the new year and next decade. Register here

Source: Infosecurity Magazine

With over 20 years of experience, Serviceteam IT design and deliver sophisticated connectivity, communication, continuity, and cloud services, for organisations that need to stay connected 24/7. We take the time to fully understand your current challenges, and provide a solution that gives you a clear understanding of what you are purchasing and the benefits it will bring you.

To find out how we can help you, call us on 0121 468 0101, use the Contact Us form, or why not drop in and visit us at 49 Frederick Road, Edgbaston, Birmingham, B15 1HN.

We’d love to hear from you!