Lack of security in small companies means big risk for the enterprise
“I’ve been in the security business for 25-years. The industry spent the first 20 of those developing perimeter security products. Then five years ago, we simply let everybody in, building an ecosystem of third-party vendors and service providers that are now part of our federated enterprise,” says Mo Rosen, COO, Xceedium.
Once attackers enter these small organizations, they access the large enterprises those small companies serve. The trust relationship that big enterprise shares with these small vendors manifests itself in networking and communications technologies that bridge the organizations and pass data between them with a degree of acceptance and approval. The large enterprise network errantly trusts the manipulations of the hackers as though these are approved behaviors of the small business.