3rd Party Risk Management , Application Security , Critical Infrastructure Security

Defending Against Open-Source Supply Chain Attacks

Steve King of CyberTheory on Getting Serious With Our Defense Strategy
Steve King, director, CyberTheory

Findings from CyberTheory's 2021 Third Quarter Review indicate that criminals are exploiting the open-source supply chain, and those exploits are proving much more difficult to identify, defend and stop in terms of complexity and depth than we've seen before, says CyberTheory's director, Steve King.

See Also: The State of Organizations' Security Posture as of Q1 2018

"We see that with the recent attacks on critical infrastructure with Colonial Pipeline, JBS and NEW Cooperative in Iowa, adversaries are ratcheting their game up to demonstrate their cybersecurity superiority in ways that we're simply unable to defend against," he says.

King advises organizations to "pump the brakes a bit and reset our architectural goals around a different way to construct our networks, a different way to rebuild our identity detection, authentication and proofing so that we can eliminate this excessive trust that is built into every one of our cyber defense systems."

In a video interview with Information Security Media Group, King discusses:

  • Highlights from the research;
  • The rise of open-source supply chain attacks and what we can do to protect against them;
  • Predictions for 2022.

King is director of cybersecurity advisory services at Information Security Media Group. He has served in senior leadership roles in technology development for the past 19 years and has founded nine startups, including Endymion Systems and SeeCommerce. King has held leadership roles in marketing and product development, operating as CEO, CTO and CISO for several startups, including Netswitch Technology Management. He also served as CIO for Memorex, was the co-founder of the Cambridge Systems Group and has been granted numerous engineering patents.


About the Author

Anna Delaney

Anna Delaney

Director, ISMG Productions

An experienced broadcast journalist, Delaney conducts interviews with senior cybersecurity leaders around the world. Previously, she was editor-in-chief of the website for The European Information Security Summit, or TEISS. Earlier, she worked at Levant TV and Resonance FM and served as a researcher at the BBC and ITV in their documentary and factual TV departments.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.