
Vendor Failures, Ransomware Leverage, and Legacy Data Risk
From Security Squawk - The Business of Cybersecurity by Bryan Hornung Reginald Andre & Randy Bryan
March 3, 2026 · 31 min
About this episode
This episode discusses structural weaknesses in cybersecurity through three incidents across different industries, focusing on vendor risk and ransomware implications.
This week's Security Squawk episode isn't about phishing. It's about structural weakness. Three separate incidents. Three different industries. One uncomfortable pattern: the systems organizations trust most are expanding risk quietly — and in some cases, architecturally. First, a lawsuit that should make every board member pay attention. Marquis Software Solutions, a fintech serving 74 U.S. banks, is suing SonicWall. The allegation centers on SonicWall's cloud backup system, where firewall configuration backups were allegedly accessible and contained credentials — including MFA scratch codes. Those backups were reportedly used to compromise Marquis, leading to a ransomware incident and downstream exposure. What began as a scoped 5% customer exposure was later reported as potentially impacting all customers. This is not a misconfigured endpoint. This is a control-plane failure. For CEOs, this reframes vendor risk. It's no longer a questionnaire exercise. It's a litigation vector. If a security provider's design exposes authentication artifacts, your internal diligence may not matter. The liability chain now includes vendors and MSPs in a very direct way. For IT…
People in this episode
Hosts: Bryan Hornung, Reginald Andre, Randy Bryan
Topics covered
- vendor risk
- ransomware
- data security
- firewall configuration
- cybersecurity incidents
Keywords
- ransomware
- vendor risk
- firewall backups
- cybersecurity
- Marquis Software Solutions
- SonicWall
- data exposure
- authentication artifacts
Mentioned in this episode
Organizations: Marquis Software Solutions, SonicWall, U.S. banks
More episodes of Security Squawk - The Business of Cybersecurity
- DentaQuest Breach Exposes 2.6 Million — and Why "Confident" Small Businesses Keep Getting Hit · June 9, 2026 · 35 min
- The Biggest Cybersecurity Threat Isn't Malware Anymore | NYC Hospitals, Carnival & FBI Warning · June 3, 2026 · 35 min
- 7-Eleven Hacked, 143,000 Immigration Records Exposed, FBI Quietly Takes Over From CISA · May 26, 2026 · 35 min
- OpenAI Devices Hacked, Ozempic Supplier Offline & Change Healthcare Lawsuit · May 19, 2026 · 45 min
- AI Built Its First Zero-Day | 275M Student Records Stolen | 90% Hidden Ransomware · May 12, 2026 · 59 min
- TSYS Ransomware Attack, Canvas Data Breach & HIPAA Security Failures Explained · May 5, 2026 · 41 min
Explore listener stats, chart rankings, contacts and more on the Security Squawk - The Business of Cybersecurity podcast page.