The Third-Party Hack of 2020 and the Decade That Led to It

When the SolarWinds supply chain attack was revealed, it made headlines as one of the biggest attacks of the last decade, perhaps in the history of supply chain attacks. The sheer size of it alone (over 18,000 potentially affected entities) and the fact that it was likely carried out by a sophisticated nation-state actor means that organizations will be cleaning up from this one for months or years. However, we didn’t get to this point of being this vulnerable to third-party hacks overnight. Throughout the past decade there has been an increasing dependency on vendors for key IT functions and their integration into the sensitive operations and accounts; this means we are more exposed to these kinds of attacks than ever and will probably see more of them. In this webinar, we will review the major third-party breaches of the last ten years, starting with the massive Target breach in 2013 and how each one advanced the state of the art of third-party attacks, while seeing what lessons we can learn from each attack. Hopefully, if we can follow these lessons and improve our third party risk management, the 2020s will have fewer of these blockbuster hacks. To learn more, download the webinar where we will discuss these topics including: • An overview of the SolarWinds supply chain breach. • The major third-party hacks of the decade that led to the blockbuster SolarWinds attack. • Lessons learned from those events and how we can protect ourselves going forward.