Snowflake taking it seriously
June is going to be an interesting month.
At the end of the week we saw two huge breaches. Ticketmaster and Santander. Over the weekend they are being linked to the Snowflake platform (Santander not confirmed). Snowflake have immediately engaged Mandiant and Crowdstrike to help investigate and a joint statement has been released
Brad_Jones
Fair play, that’s taking it seriously.
With Cloud or Software as a Service (SaaS) you’re on the ‘Shared Responsibility Model’. Especially when it comes to security. My view is you need to take care of it and question a provider deeply. If anyone in your organisation says “Don’t worry, it’s on XX” then be suspicious. Because that model gives a false sense of security. If something did happen, it’s good for the provider.
Apparently more organisations have been breached…so we’ll see this coming week. Most likely due to single factor authentication. MFA isn’t the default. Snowflake had a demo account breached that way, on their own platform.
My gut feeling. in general, is there’s too much chasing the ‘Shiny Stuff’ going on in the industry. Or the promise of what the shiny stuff can deliver. Basics have been ignored.
MFA is a three letter acronym…two letters are way cooler right now.
I was also reading about a potential bubble in the S&P 500 as prices have grown 26% but earnings only 6%. I’m no market specialist, I’m an IT Guy, but that smells of promises not being delivered on.
Every bubble goes pop sometime.
Matthew Fox