Early last week we wrote about SolarWinds and the potential for another leg to drop. SolarWinds has a long road to recovery. Cyberbreaches of that sort don’t engender customer trust and often lead to significant customer churn. What other companies may be at risk of a cyberbreach?
Tickers mentioned: AMZN, AVGO, CERN, EFX, EXPGF, FICO, GOOG, MA, MSFT, NOW, ORCL, PYPL, ROP, SPLK, SQ, SWI, TRU, TYL, V
- Earlier this month we wrote about “CyberSecurity As A Competitive Differentiator“. It is insufficient to license a cybersecurity vendor’s services and to consider the subject “mission accomplished”. Companies ought to take a proactive approach to cybersecurity with dedicated C-Level executives and cybersecurity teams.
- Threats are becoming increasingly sophisticated. Nefarious actors simply require one weak spot to exploit. It doesn’t help when companies make it easy for bad actors. For example, AWS had a configuration problem that led to a breach at Capital One last year. SolarWinds suffered from a variant of the all too common administrative “password123” phenomenon. This lazy, risky approach to password protection is common among IT professionals.
- Healthcare providers and Government agencies (State & Local, including public schools) are obvious targets for hackers. Both industry verticals are rich with PII data and often lack robust cybersecurity protocols. Cerner, Epic, Deltek/Roper Tech and Tyler Tech are a few examples of the many potential entry points for hackers within these verticals.
- Infrastructure Software firms are obvious cyberbreach targets. Infrastructure offerings underpin many third-party applications and therefore provide access to treasure troves of data. AWS, Azure, BMC, CA/ Broadcom, GCP, Oracle, ServiceNow and Splunk to name a few.
- Fintech companies are targets. Companies including Mastercard, PayPal, Square, Stripe and Visa (we recently wrote about hacks at Square).
- Identity Management firms are ripe for attack. These firms store PII data and are therefore obvious targets. They include Equifax (breach suffered in 2017), TransUnion, Experian and FICO among others.