Cybersecurity and Breaches at Security Firms
You know it’s not going to be a good day when a cybersecurity company is breached. Cybersecurity companies are supposed to be the top tier and subject matter experts of cybersecurity. Since they are selling and marketing their services to other companies, one would infer their stance and defensive posture is without reproach. A recent issue with Sophos recently shown light on this. Sophos is a cybersecurity company, selling many services, located in the UK. The company is well-known in the industry, for good reasons. In mid-November of this year, the company experienced an attack and subsequent breach. The attackers were able to exfiltrate data during the attack, including user names, emails, and contact numbers. Fortunately, per Sophos, only a small number of customers were affected by the issue. This is an example of why we need to maintain vigilance with cybersecurity. This field changes frequently and is not static. The lack of regular updates and monitoring provides for too many viable attack points to try.