DevOps, Cloud and Remote Workers Dominate 2020 Risks

Third-party libraries, container components and even remote workers represent a major supply chain risk to organizations as they head into a new decade, according to Trend Micro.

The security giant’s new 2020 predictions report, The New Norm, warned of a growing cloud attack surface, as hackers focus their efforts on code injection attacks to steal sensitive information — either directly or via third-party libraries.

Continued user misconfigurations will exacerbate cloud security challenges, while developers’ reliance on third-party code could expose countless organizations, it continued.

The report highlighted shared container components containing vulnerabilities as exposing organizations to attacks across the IT stack.

The supply chain risk will extend to managed service providers (MSPs), especially those with multiple SMB customers, the report claimed.

Interestingly, Trend Micro also defined home and remote working environments as potential hotspots for supply chain attacks. This could cover everything from weak Wi-Fi security in public workspaces to smart home challenges posed by unsecured smart TVs, speakers and digital assistants.

“Connected home devices serving as a gateway for enterprise attacks is an unavoidable development considering how employees may find these convenient for work use as well,” the report noted. “Enterprises will have to decide on what information security policies to implement to deal with such scenarios.”

The security vendor recommended a cross-generational blend of tools and techniques to enable key controls including: behavioral monitoring; endpoint security; intrusion detection/prevention; managed detection and response; threat prevention and improved visibility.

This should be complemented by a renewed focus on ..

Support the originator by clicking the read the rest link below.