To Source or Not to Outsource Support, Wiper: The Totally Clean Sweep, Mitigating Remote Working Risks, Tech Skills Outstripping Education, and Defense Needing Defense. It's the Friday 3rd January 2025 Edition of CISO Intelligence!

Table of Contents

1. New IT Support in Town: The Perils of Cyber Over-Reliance on Outsourcing
2. Wiper Malware: Clean Sweep or Unwelcome Guest?
3. Remote Work: Hold the Security Breach, Please!
4. Schools of Hack: The State of University Cybersecurity in 2025
5. The Acronym for Danger: Acronis Vulnerability Unveiled

New IT Support in Town: The Perils of Cyber Over-Reliance on Outsourcing

"When IT support finds a new town, hackers are the first to send a welcoming committee."

What You Need to Know

In response to emerging cyber threats associated with increased dependence on outsourced IT support, executive management must evaluate current partnerships and ensure robust in-house data protection strategies. Immediate action involves revisiting risk assessments, enhancing in-house cybersecurity training, and conducting thorough audits of third-party vendor protocols in line with updated compliance standards. The executive management will need to ensure budget allocation for these critical evaluations and enhancements, focusing squarely on prevention over remediation.

CISO Focus: Third-Party Risk Management
Sentiment: Strong Negative
Time to Impact: Immediate

Outsourcing IT support has become the quintessential corporate measure for cost efficiency and access to expertise, but a recent report highlights that this practice could be a double-edged sword with severe cybersecurity implications. The research underscores the vast and unexplored vulnerabilities that enterprises may inherit when outsourcing IT functions, potentially leading to breaches of unprecedented impact.

A Growing Problem

Recent studies, such as Kudelski Security's analysis, reveal that as organizations continue to partner with IT support vendors, the complexity of securing data and maintaining robust cybersecurity postures has soared. The potential for breaches is exacerbated by the sheer volume of partners—which increases the attack surface—and the varying security standards across different vendors.

A watershed moment came with several high-profile breaches that traced back to third-party flaws exploited by malicious entities. These incidents underscore the necessity for a more discerning approach to managing vendor relationships, particularly when customer data and internal systems interconnected via outsourced solutions are at stake.

Why Now?

The urgency to address these cybersecurity challenges stems from the rapidly shifting landscape of threats and the evolving tactics of cyber adversaries. One particular aspect that has drawn attention is the delayed discovery of breaches facilitated by outsourced providers. The latency between breach occurrence and discovery often leaves organizations scrambling to mitigate damage, by which time sensitive data could already be compromised.

It's imperative for businesses to consider not only the benefits but also the inherent risks of their outsourcing arrangements. The reality is, even as external support can optimize operations, it can concurrently serve as Trojan horses if not diligently managed.

Steps for Mitigation

Effective mitigation starts with a holistic, architectural view of IT infrastructure that includes potential risks introduced by external partners. Here are several critical strategies:

• Vendor Risk Management (VRM): Establish a comprehensive VRM approach that includes ongoing risk assessments, and deeper engagement with partners about their security measures and compliance protocols.
• Network Segmentation and Access Controls: Limit the scope of vendor access to only what is absolutely necessary for their functional role, implementing stringent access controls and monitoring any data traffic between the internal network and vendors.
• Real-Time Threat Intelligence: Develop a structure for real-time threat sharing and collaboration with vendors, enabling faster detection and response to potential threats.

The Cautionary Tale

As companies move forward in their digital transformation journey, understanding and managing third-party risks can't be an afterthought. Bolstering in-house defenses and scrutinizing third-party cybersecurity hygiene go hand-in-hand in safeguarding today's interconnected enterprises. So next time your board considers hopping on the outsourcing bandwagon, remember: look for partners, not just providers.

Vendor Diligence Questions

1. How does your organization monitor and mitigate zero-day vulnerabilities within your system components?
2. Can you provide documentation of your most recent third-party security audits and the measures taken to address noted vulnerabilities?
3. How do you ensure continuous compliance with international cybersecurity standards as they evolve?

Action Plan

1. Risk Assessment Refresh: Conduct a thorough internal and external audit of IT support roles and responsibilities, particularly those outsourced, to identify potential vulnerabilities.
2. Cybersecurity Training: Implement compulsory cybersecurity workshops for all employees, focusing on phishing, social engineering, and data protection protocols.
3. Vendor Contracts Review: Immediately reassess existing vendor contracts to ensure they include clauses for regular security updates, compliance checks, and real-time threat intelligence sharing.
4. Incident Response Drills: Conduct simulated cyber-attack drills to test incident response readiness, ensuring rapid and effective team mobilization.

Source: Kudelski Security Report