Introduction:

• In this episode, we delve into the often overlooked vulnerability of government agencies to cyber attacks, particularly through third-party connections.

Case Study: Cyber Attack on a New York County

• A county in New York experienced a crippling cyber attack targeting its real estate records at the clerk's office.
• The attack involved file deletion and holding records hostage, disrupting vital operations.
• Surprisingly, the source of the attack was traced back to a third-party records management vendor.

The Third-Party Vulnerability:

• Many cyber attacks on government agencies and private sector companies originate from vulnerabilities in their interconnected systems.
• Government agencies and businesses alike maintain numerous connections to vendors, CRM providers like Salesforce, and other entities for data exchange.
• Despite robust internal security measures, a single vulnerability in a third party's system can provide hackers with a gateway into the primary system.

Importance of Third-Party Protection:

• Third-party protection is paramount, whether through cyber insurance, specialized defense systems, or stringent vetting of vendors.
• Trusting and granting access to third parties on a daily basis increases the risk of indirect vulnerabilities.

Conclusion:

• The New York County Clerk's Office serves as a stark reminder of the critical importance of understanding and securing third-party connections.
• By implementing best practices and robust protective measures, government agencies and businesses can fortify themselves against cyber threats originating from third-party vulnerabilities.

If you have questions or want to delve deeper into today's topics, visit at RiskCoverage.com for additional resources. Until next time, stay insured and stay informed!