What action can you take post Kaseya

The Kaseya supply chain attack (also known as the fourth of July attack) is the hottest cyber topic these past few days. How can it affect your business and what can you do about it? Kobi Freedman, Findings CEO, provides answers as well as an actionable solution.

Recently, numerous cyber attacks have been targeting supply chains, affecting hundreds of thousands of vendors globally, impacting large numbers of companies, putting them at major risk in terms of supply chain disruption and cyber exposure. Past incidents which include SolarWinds, Accelion, MS Exchange, Fortinet as well as the current Kaseya indicate a steep future risk trajectory, with major implications.

What happened to Kaseya?

Kaseya IT group provides financial management software tools for medium and large organizations, used by a massive number of customers.

On July 4th Kaseya disclosed a compromise by the REvil group – a cardinal cybercrime syndicate, resulting in a breach that allowed attackers to deploy ransom malwares to Kaseya customers. Kaseya claims only the VSA product line (a unified IT management tool) was exposed and that only 1500 (!!!) customers were breached – however, due to the fact that Kaseya’s wider circle of influence is estimated in 1 million businesses, the announcement should be considered with a grain of salt.

The attack caused business disruption to thousands of companies, impacting over 1 million users. While the US Govt is actively pursuing the REvil group, so far, no one has been arrested. The attack’s economic and full damage extent is yet to be determined as the incident is still in progress.

Third-party attacks have been fundamental for cybercriminal groups due to its effectiveness, financial return, and the ability to simultaneously extort multiple organizations.

The extent of these attacks is astonishing; Findings customers’ long-tail assessments indicate on average 15-20% exposure rate to SolarWinds, Accelion and other attacks – a risk currently not being reviewed by traditional vendor risk assessments lifecycle – whether upon onboarding or periodically performed.

What can you do?

    1. Ensure your organization has entire supply chain visibility and continuous risk exposure of every business continuity vendor.
    2. Have the capability to rapidly act upon current and future events to review any potential exposure.

Findings long-tail monitoring protocol provides customers the ability to continuously map their entire vendor-space risk. In the case of a supply-chain incident, Findings enables 3rd and 4th tier vendor rapid assessment, detection and mitigation. This will allow you to prioritize risk mitigation as well as efficient and timely action tracking.

Contact us to initiate your long tail solution. Don’t be a victim of the next supply chain attack. 

Supply Chain Risk Monitoring as a Service
Join us today
Supply Chain Risk Monitoring as a Service
Join us today
Waitlist signup

Welcome to Findings

Let's go over some details to setup your tailor-made account


Please fill your details below and click "Next" to create your account:

Payment

Feature
Startup
Business
Enterprise
Price
$10 / Month
$10 / Month
$25 / Month
VDPaaS
Alerts
Assessments
Integrated Apps
API
Join today and scan ALL YOUR VENDORS for FREE*
* FREE VENDOR SCAN for all of your vendors during your first month.
Feature
Startup
Business
Enterprise
Price
$25 / Month
$200 / Month*
Contact Us
Free vendors scan for 1 month
Findings search engine
Rapid security and compliance profile
Profile/showcase engagements per year
5
40
Unlimited
Multi/unlimited showcase use cases
Showcase compliance badge for your website
Best practice self-assessment
1 Findings or 1 BYOC
Assessment response automation
Personalizable, branded security & compliance showcase page
File/evidence repository
OKTA
DKIM
Out-of-the-box TPRM
20 vendors +
20 rating scans
50 vendors +
50 rating scans
Support
Email
Priority via Phone / Email
Internal Workflows (SO/BO)
Onboarding and customization account setup
*Price for every 40 engagements
Automate assessment response and showcase your cybersecurity posture
Supply Chain Risk Monitoring as a Service
Join us today
.
.
.
.

Thank you for signing up!

Supply Chain Risk Monitoring as a Service
Join us today
.
.
.
.

Thank you for signing up!