US Treasury data breach via CyberSecurity Provider BeyondTrust

The recent breach at the US Treasury Department serves as a stark reminder that even organisations with robust cybersecurity measures can be vulnerable to sophisticated attacks. In this case, Chinese state-sponsored hackers exploited a vulnerability not within the Treasury itself, but within a third-party cybersecurity provider, BeyondTrust.

This incident highlights a critical issue in today’s interconnected world: your data is only as safe as the weakest link in your cybersecurity chain. Increasingly, cyber attackers are targeting third-party vendors and service providers as a means to indirectly access their ultimate targets. Why? Because it’s often easier to exploit vulnerabilities in smaller organisations with potentially weaker security postures.

What does this mean for you?

It means that when choosing a cybersecurity company, you need to look beyond their own defences and scrutinise their entire ecosystem. Here are some key questions to ask:

  • What security measures do they have in place to protect their own systems and data? Look for certifications like ISO 27001 and SOC 2, and inquire about their incident response plans.
  • How do they vet and manage their own third-party vendors? The Treasury incident demonstrates that a single compromised vendor can have cascading effects.
  • What is their track record? Have they experienced any security breaches in the past? How did they handle them?
  • Do they offer transparency and communication? A good provider will keep you informed about potential threats and vulnerabilities, and will be proactive in addressing your concerns.
  • What percentage of staff is sales? A good provider will have 20% or less of their staff performing sales/marketing roles otherwise their priority is sales and growth and not Cyber Security.

The attack on the US Treasury is a wake-up call as too many third parties and Cyber companies spend more money on sales and marketing than their own cyber security. At Vertex Cyber Security we are ISO27001 certified and take cyber security very seriously which is why we have a 100% success rate in preventing breaches where our recommended security controls have been implemented.

CATEGORIES

- -

TAGS

-

SHARE

Follow Us!

Facebook Twitter Linkedin Instagram
Cyber Security by Vertex, Sydney Australia

Your partner in Cyber Security.

Terms of Use | Privacy Policy

Accreditations & Certifications

blank
blank
blank
blank
  • 1300 229 237
  • Suite 13.04 189 Kent Street Sydney NSW 2000 Australia
  • Level 4, 11 York Street Sydney NSW 2000 Australia
  • Goods Shed North, 710 Collins St Docklands, Melbourne, VIC 3008 Australia
  • Lot Fourteen, North Terrace Adelaide SA 5000 Australia
  • 44 Montgomery St San Francisco California USA
  • 9 Raffles Place #14-05 Republic Plaza Singapore 048619

(c) 2024 Vertex Technologies Pty Ltd.

download (2)
download (4)

We acknowledge Aboriginal and Torres Strait Islander peoples as the traditional custodians of this land and pay our respects to their Ancestors and Elders, past, present and future. We acknowledge and respect the continuing culture of the Gadigal people of the Eora nation and their unique cultural and spiritual relationships to the land, waters and seas.

We acknowledge that sovereignty of this land was never ceded. Always was, always will be Aboriginal land.