The SolarWinds attack went undetected for months, virtually undetected. Security strategies shouldn’t be based on point-in-time trends, says Julian Zelizer. Leaders must be constantly looking for evergreen ways to reduce risk, he says. Zelizer: Don’t rely on cloud to make up for poor process (many don’t) and make the most of smart policy enforcement. He says many organizations assume they carry less security risk than they do, but supply chain attacks are still managed via buyer-beware requirements.
Source: https://www.helpnetsecurity.com/2021/03/05/reduce-security-risk-2021/