Anydesk breach
Last year Barracuda had an exploit issue that could not be fixed and required replacement hardware. Same with Ivanti now (https://lnkd.in/epxtpa9c). Although in the case of Ivanti it’s a comprehensive rebuild that’s required.
Then last night Anydesk confirmed a breach. As an aside - breach notifications late on a Friday night are what you’d term ‘not cool’. Especially as it was suspected nearly a week ago.
Personally I think we’re beyond vendor lists, DR/BCP just holding a ‘What if?’ risk status and one of them being ‘Highly unlikely’. There’s a need for a thought out plan for each Hardware and SaaS vendor that addresses “What do we need to do to remove and replace this? What’s the Business impact and what is the financial cost?”
Absolute headache I know, but a bit of calm thought before you have to do something is always good insurance.
I can’t remember if I read it on here or elsewhere, but somebody suggested that perhaps there’s going to be a drive for the return to onprem? I’m not so sure, but this kind of thing would give any drive extra fuel.