Today, there are many suppliers of different information security solutions. But do you know how future-proof the solution you choose to invest in actually is? Who is responsible if your solution is hacked in a few years?
Weaknesses are exploited by hackers
Recently, Cisco, a major provider of various IT solutions, agreed to pay a large sum in fines for having sold a video surveillance software that they knew contained a critical vulnerability. According to the indictment, Cisco continued to sell the software for four years, without addressing a major security vulnerability that a whistleblower warned them about as early as 2008.
Hospitals, airports, schools, and state governments were among the customers and Cisco is now forced to pay $ 8.6 million.
The weakness meant that hackers not only could spy on the video recordings, but they could also turn on or off surveillance cameras, remove recordings and even break into other connected physical security systems such as alarms or locks. All without being discovered. According to the indictment, the weakness was also easy to find and exploit.
The lawsuit against Cisco is the first in the United States where a company has been forced to pay for having marketed and sold products without adequate cybersecurity protection. The question this arises is: Who has the digital responsibility?
In order to take your digital responsibility, you need to work with information management and digital security in a proactive and sustainable way. This applies today to all companies and especially organisations that handle sensitive and or secret information. But of course, this also applies to businesses that sell different solutions to manage information security and for them it is also important to work with a longer commitment, future-proof solutions.
Future-proof security solutions
To ensure that the solutions you offer your customers are future-proof, you must watch out for published vulnerabilities that might affect the security of the solution. If something is discovered, the incident must be handled and measures that reduce or remove the risk should be developed. Therefore, to ensure that your information security solution is future-proof, it is important that you ensure that your supplier has a working method that means that they will continue to be digitally responsible. Do they provide security updates throughout the product life cycle? Is their product/solution future proof? These are important questions you need to ask your supplier.
Advenica offers cyber security solutions that meet the highest security requirements and our product development therefore differs from traditional development work in different ways. With us, future-proof is an important part of what we call "Product development with high assurance" and is something that is self-evident to us.
Feel free to contact us to hear more about how we can make your information security future proof.
If you want to read more about how our product development helps us take our digital responsibility, you can download our White Paper # 08 "High assurance product development".
You can also read more about how we look at digital responsibility here and in our White Paper # 05 "Digital responsibility - the only viable way forward".