What We Learn from Tesla Hack?

What We Learn from Tesla Hack?

Teen's Tesla hack shows how vulnerable third-party apps may make cars, allowing him to lock the doors, turn the music on, and even track the location of the car.

This was a vulnerability sitting there waiting to be exploited, but it wasn't known to exist until it got hacked. That's the danger, and you don't want to be the one where it's discovered to exist the hard way.

This actually wasn't a Tesla breach, this was an app that could be installed in Teslas so it was actually a vulnerability down the supply chain. That's called Third Party Risk Management (TPRM). In this example, you didn't have the vulnerability that got exploited but a downstream service that you use as part of your service.

Problem is, when the exploit happens, it bubbles upstream back to you to be written up in the news, even though you didn't directly have the problem.

As a business leader, you have to stay on top of vulnerabilities. It's a jeopardy for your business, and also a responsibility for society. You've got to stay on top of your supply chain, how you do due diligence on them, understand the risks they pose.

That's the big lesson of this article: third-party risk management practice--How do you engage with your suppliers? How do you make sure they're doing security-wise what they need to be doing? We've got to be responsible for putting appropriate controls into place so we're not bearing exposure to the people who are trusting us with whatever data or service your provide in your company.

Watch the video for the full explanation.

Subscribe to the channel to get notifications of future videos.

#cybersecurity #soc2 #compliance #risk #grc #itrm #vciso