- Third-party libraries, container components and even remote workers represent a major supply chain risk to organizations as they head into a new decade.
- Continued user misconfigurations will exacerbate cloud security challenges, while developers’ reliance on third-party code could expose countless organizations, it continued.
- Shared container components containing vulnerabilities as exposing organizations to attacks across the IT stack.
- Supply chain risk will extend to managed service providers (MSPs), especially those with multiple SMB customers.
- Home and remote working environments are potential hotspots for supply chain attacks -- everything from weak Wi-Fi security in public workspaces to smart home challenges posed by unsecured smart TVs, speakers and digital assistants.
The security firm's 2020 predictions report, The New Norm, emphasizes the cloud as a likely attack objective, as near-do-wells focus efforts on code injection attacks to obtain sensitive information — either directly or via third-party incursions.