May 2024
Cyber report spotlight: Sisense hit by cyberattack
This month's cyber report spotlight looks at business analytics SaaS provider, Sisense, which was hit by a cyberattack, prompting CISA to warn of subsequent attacks.
What happened
On April 11th, the US Cybersecurity and Infrastructure Security Agency (CISA) released a warning about an attack on Sisense, which provides AI-driven business analytics for over 2,000 organisations worldwide, that could impact Critical National Infrastructure (CNI).
CISA warned organisations using Sisense to reset any credentials used to access the providers’ services, as well as any credentials or secrets that could have been exposed to a Sisense service.
While more specific details about the attack are unknown, the warning from CISA suggests the incident could be a significant breach, with the potential for further attacks on organisations using the platform.
Wider implications
Supply chain attacks continue to be one of the most challenging areas of cyber security for organisations.
Over the past few years, several major supply chain attacks - such as 3CX and MOVEit - have demonstrated to both organisations and threat actors the widespread impact of a single incident.
This continuing rise in supply chain compromises is forcing organisations to focus closely on their security, ensuring suppliers are regularly reviewed against their own standards, as well as monitoring the supplier for cyber incidents that would require a response.
Stay safe out there
So you can stay up to date on all things Cyber, why not sign up to our monthly Cyber Report, where you can gain access to more insightful cyber news, like this one.
Sign up here.
If you want to learn more about how you can improve your Cyber security, take a look at our recent article, Immutable backup storage - the last line of defence.