A Supply chain attack happens when attackers compromise a trusted program and use it as a gateway to attack computer networks.
As 2021 continues, more attackers will use trusted software as a vector to infect networks.
One way to increase security is to install a few programs and to remove as many as possible. That reduces the attack surface available to a bad actor.
An attacker cannot use Solar Winds to attack your network if you don’t use Solar Winds. Nor can they use Kaseya to attack you if you don’t use Kaseya. They cannot use your Exchange server to attack you if you don’t have an Exchange server.
Talk to your IT Professionals and remove all software that is not essential to your business. Explain to them that you are eager for their input and feedback when someone expects them to add a new program to your network. As an executive responsible for security, you should make the ultimate decision of what software is installed on your network.
Please forward this to your friends so they can re-think having non-essential programs installed on their network.