Personal security opinion: most orgs should not shift all their focus to supply chain hacks next year.
Most orgs are still haven’t got decent enough detection and response, backups, asset management etc.
That’s a far greater risk of actually impacting them than supply chain.
Most orgs are still haven’t got decent enough detection and response, backups, asset management etc.
That’s a far greater risk of actually impacting them than supply chain.
Some security vendors are going to ambulance chase recent events next year, and there’s a very real risk will defocus existing challenges.
My personal take is vendors need to be better at looking at product updates - put machine learning models around popular enterprise software updates. Look for oddities in large data sets.
Let orgs focus back on getting on with things.
Let orgs focus back on getting on with things.