https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Technology Solutions Brokerages
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
  • MSP 501
    • Back
    • 2022 MSP 501 Rankings
    • 2022 NextGen 101 Rankings
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
  • Channel Futures TV
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Advertise
    • 2022 Editorial Calendar
  • Awards
    • Back
    • 2022 MSP 501
    • Channel Influencers
    • Circle of Excellence
    • DE&I 101
    • Channel Partners 101 (CP 101)
  • Events
    • Back
    • CP Conference & Expo
    • MSP Summit
    • Channel Partners Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • About Us
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

Security


Shutterstock

log4j on laptop

Post-Log4Shell: How Has the Channel Ecosystem Been Affected?

  • Written by Tom Herrmann
  • August 5, 2022
Security partners need to help secure the software supply chain and show companies how that tech works.
Synopsys' Tom Herrmann

Tom Herrmann

The discovery of Log4Shell late last December unearthed an uproar throughout industries as organizations scrambled to unveil whether their devices were alongside the hundreds of millions worldwide that utilized the Java-based logging utility, Log4j. Just weeks following the identification of the vulnerability, the Federal Trade Commission (FTC) issued a warning for businesses that all must apply patches or face legal action.

With the risk of legal action looming, the logical next step would be to apply the necessary patch. This would be enough in most scenarios, but Log4Shell presented a new set of challenges – it was extremely difficult for businesses to determine where the patch was necessary. The aftermath of this vulnerability left businesses scrambling to establish if the flaw was present within their systems so they could work to identify the quickest and most efficient course of action. A lot of organizations turned to their trusted advisers (partners) for guidance on solutions and services that could help.

When large-scale security threats emerge, it’s a stark reminder for partners that bad actors are always on the move, finding ways to cause tremendous business damage. Now, more than six months following the initial Log4Shell discovery, there’s been a shift within the channel environment. Businesses are in pursuit of security partners that enable them to remain protected against today’s inevitable enterprise threats.

What does this mean for the channel and how can organizations ensure their security expectations are met? Let’s take a look.

The Channel and Software Security

Software and application security (AppSec) have been brought to the forefront of partner discussions following Log4Shell and attacks like SolarWinds with far-reaching software supply chain impacts as organizations have become increasingly aware of the threats that exist within their digital environments. These types of vulnerabilities and attacks that impact businesses of all sizes, regardless of their industry, garners attention in a way that influences companies to re-examine their security profile.

These wide-ranging security threats have reminded organizations that — much like when a car engine is working it doesn’t mean a mechanic won’t lift the hood to examine what’s underneath during a regular checkup — they must also routinely examine the intricacies of their security tools to ensure everything is operating properly. When organizations take a deeper dive, most realize they’re largely unaware of what comprises the software they’re running. This is another opportunity for partners to offer advice and solutions.

There’s a concerning disconnect between users and their software. Open source has become a foundational component of software. In fact, 98% of software and internet codebases contain open source alongside 96% of enterprise software/software-as-a-service (SaaS). Despite open source being widely adopted within enterprise software used daily, 85% of codebases contain open source more than four years out of date and 88% utilized components that weren’t the latest available version. These numbers should raise alarms — there’s a lack of software maintenance pointing to most systems not remaining up to date.

These outdated systems place enterprises at higher risk of successful exploitation by cybercriminals. Arguably the most concerning part of outdated systems is the reality that most remain out-of-date due to the unfortunate fact that many don’t know what’s within their systems or that an updated version is available. Modern software requires unique oversight that many aren’t accustomed to or prepared to handle.

Software and application security have become core components to enable business continuity, but even the most dependable vendors aren’t …

  • Page 1
  • Page 2
Tags: MSPs VARs/SIs Best Practices Security Technologies

Most Recent


  • Go to market
    Lumen Channel Leaders Talk Program Evolution, C-Suite Sponsorship, TSD Consolidation
    "[We're] working really hard to represent the channel inside the company," Dave Young said.
  • Cyble Research: Exposed VNC Ports Threaten Critical Infrastructure
    Many of the exposed VNCs belonged to industrial control systems.
  • Stock Downgrade
    Analysts React to Rackspace Earnings with Downgrades
    Since the cloud MSP reported its second-quarter earnings, investment analysts have changed their ratings.
  • Microsoft Teams on laptop
    Microsoft Targeting Partners to Sell Teams, Windows 365 to SMBs, More
    Microsoft still sees a big opportunity for Teams among SMBs. Windows 365 is also growing in this market.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Black Hat logo
    Black Hat USA 2022: DNSFilter, NetWitness, BlackBerry, CrowdStrike, More
  • Business handshake
    Nexus IT Merges with Intelitechs, Advances 5-Year Growth Strategy
  • Disaster recovery ignition button
    IGEL Rolls Out New Disaster Recovery Program in Response to Malware, Ransomware
  • MSP Summit Preview Generic Freeze Larger
    ThreatLocker Preaches Zero Trust, Addresses Industry Competition

Upcoming Events

View all

MSP Summit

September 13, 2022 - September 16, 2022

Channel Partners Conference & Expo

May 1, 2023 - May 4, 2023

Galleries

View all

Lumen Channel Leaders Talk Program Evolution, C-Suite Sponsorship, TSD Consolidation

August 15, 2022

Kaseya’s Auto-Renewal Changes Bring Glimmer of Hope to Partners Amid Turmoil

August 15, 2022

Analysts React to Rackspace Earnings with Downgrades

August 15, 2022

Industry Perspectives

View all

How to Take Shared Responsibility for Securing Cloud

August 11, 2022

Seize the Application Modernization Opportunity

August 2, 2022

A Growth Mindset: Your Organization’s Strategic Differentiator

August 1, 2022

Webinars

View all

Outsmarting RaaS: Implementation Strategies To Help Your Clients Before, During, and After a Ransomware Attack

August 23, 2022

Why it is Important to Upgrade Aging Servers and How to use Live Optics to Upgrade Efficiently

August 25, 2022

Executives at Home are Not Alright: An Intro to Digital Executive Protection

September 8, 2022

White Papers

View all

Work Goes Remote – (and Other Top ITOps Trends)

May 25, 2022

The New Bottom Line: How MSPs Can Meet the Healthcare Crisis While Evolving Their Businesses

April 19, 2022

How to build a Security Operations Center (on a budget)

April 4, 2022

Channel Futures TV

View all

ThreatLocker Preaches Zero Trust, Addresses Industry Competition

Microsoft Targeting Partners to Sell Teams, Windows 365 to SMBs, More

August 15, 2022

ScienceLogic Debuts New Partner Portal

August 9, 2022

Vonage a ‘Single Communications Stack Provider’ for Partners, Customers

June 27, 2022

Twitter

ChannelFutures

.@LumenCPP partner leaders say private equity investment in the advisory channel is validating the space to Lumen l… twitter.com/i/web/status/1…

August 15, 2022
ChannelFutures

.@KaseyaCorp's auto-renewal changes bring glimmer of hope to partners amidst turmoil. Some of our #MSP501 and… twitter.com/i/web/status/1…

August 15, 2022
ChannelFutures

.@AuCyble research shows #criticalinfrastructure at risk from exposed VNC endpoints. dlvr.it/SWhGhJ https://t.co/oMhiYxCT9L

August 15, 2022
ChannelFutures

Investment analysts are responding to @Rackspace’s Q2 earnings with downgrades, new price objectives.… twitter.com/i/web/status/1…

August 15, 2022
ChannelFutures

In a new @juniperresearch study, @twilio ranked No. 1 for its flexible CCaaS product offering. Which companies plac… twitter.com/i/web/status/1…

August 15, 2022
ChannelFutures

A few more booths left! Join an industry-leading lineup of 100+ suppliers at THE channel event of the fall. Partner… twitter.com/i/web/status/1…

August 15, 2022
ChannelFutures

.@splunk vet Bill Hustad named @Okta's new #channelchief. dlvr.it/SWXmws https://t.co/ILQesul0Cz

August 12, 2022
ChannelFutures

The Gately Report: #BHUSA edition with @Hacker0x01, @Cisco, @SaltSecurity, @CISAgov, @ExtraHop, @IBMSecurity, more.… twitter.com/i/web/status/1…

August 12, 2022

MSP 501

The industry's largest and most comprehensive partner awards program.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X