Organizations around the globe began 2021 grappling with two significant supply-chain attacks. First, the SVR, Russia’s foreign intelligence service, planted malicious code in Orion, SolarWinds’ flagship network management suite. When 18,000 Orion customers updated their software, they also unwittingly installed the SVR’s malicious code, giving the Russian intelligence agency direct access to the customers’ networks. … Continue Reading
In our 2017 Data Security Incident Response Report, we found that of the 450+ incidents we worked on last year, network attacks that succeeded due to vendor wrongdoing were significantly more common (15 percent) than those due to employee wrongdoing (9 percent). Vendors were also found to be the cause of technical and security failures and … Continue Reading
Editor’s Note: We recently launched a graphic illustrating our Cyber Risk Mitigation Services. This week, our attorneys will be writing about specific examples of those services. Vendor contract review—what does that mean to you? Does it bring back bad memories? A last minute scramble to close a deal? Capitulating to oppressive limits on liability to meet … Continue Reading
Posted in Supply Chain
