Earlier this year, OPSWAT was notified by one of our third‑party communications vendors of a security incident on their side that had the potential to expose limited business contact information associated with our tenant. The notification came directly from the vendor and was followed by active coordination between their team and ours.
There was no indication of malicious activity inside OPSWAT systems, no evidence of data exfiltration from our tenant, and no ongoing threat at the time we were notified. Still, we treated the situation with the seriousness it deserved.
As a CISO, incidents like this reinforce several realities that are easy to discuss in theory and much harder to navigate in practice.
First, third‑party risk is no longer a secondary concern. Modern enterprises are deeply interconnected. Identity platforms, SaaS integrations, and customer engagement systems create real business value, but they also expand the surface area when something goes wrong outside your direct control. Even when your own security posture holds, the impact can still reach your organization.
Second, transparency inside your company matters just as much as containment. Once we had clarity on scope and impact, we chose to communicate directly with our employees. We didn't view it as an active threat, but we knew people make better decisions. Instead of creating uncertainty through silence, we decided to build trust through communication.
Third, response quality is defined by preparation, not panic. Our security, IT, and enterprise applications teams were able to move quickly because roles, escalation paths, and evidence‑handling processes were already in place. Logs were preserved. Access paths were reviewed. Threat intelligence was used to look for secondary risk. That discipline was built in time, before the incident even occurred, precisely because we knew discipline doesn't appear during an incident without previous groundwork.
Finally, incidents like this are often followed by phishing or social‑engineering attempts. Even when systems remain secure, people can still be targeted. Reinforcing vigilance, verifying unexpected requests, and reporting suspicious activity remain some of the most effective defenses we have.
I offer this perspective to emphasize a broader principle rather than highlight a particular vendor incident. Cybersecurity encompasses more than the prevention of breaches; it also involves the way an organization responds to incidents affecting its environment, the clarity of its communication, and the ongoing reinforcement of trust among stakeholders.
At OPSWAT, we will continue to treat security as an operational responsibility, not a background function. That means holding ourselves and our partners to high standards, communicating openly when it matters, and staying grounded in the reality that resilience is built through preparation and people, not perfection.
- Mike Barker
CISO & COO, OPSWAT
