< Return to News <

How the Hertz Data Breach Highlights the Need for Strong IT Security Solutions for Business

In a world increasingly reliant on digital ecosystems, many businesses—especially those in regulated industries—face a growing risk that doesn’t come from their internal systems but from the vendors they trust.

Take the Hertz data breach as a timely and important example. In April 2025, Hertz notified customers that their sensitive personal information—including credit card and driver’s license details—had been compromised. However, the actual breach occurred months earlier, in October and December 2024, through a zero-day vulnerability in Cleo Communications, a file transfer vendor used by Hertz.

This is a reminder that in today’s interconnected digital landscape, vulnerabilities in third-party services can ripple across organizations. From banks and retailers to hospitals and government agencies, supply chain security is a shared responsibility that demands constant attention.

Illustration of IT security team analyzing vendor risk and digital ecosystem vulnerabilities.

What This Means for Businesses in Regulated Industries

When it comes to IT security solutions for business, it’s critical to understand that cybersecurity doesn’t end at your network perimeter. Vendors, third-party platforms, and cloud-based integrations must all be considered part of your attack surface.

Whether you’re handling patient data, financial transactions, municipal records, or customer identities—the security of your vendors is the security of your business.

Lessons in Vendor Vulnerability: How to Strengthen Your IT Security Strategy

1. Third-Party Risk Is Enterprise Risk

Relying on a third party doesn’t offload accountability. In the eyes of customers, regulators, and stakeholders, the responsibility for protecting data remains with you.

2. Secure File Transfers Should Be a Standard, Not an Upgrade

Misconfigurations, outdated encryption standards, or vulnerable transfer tools are common points of entry. Ensure your file-sharing and data movement tools meet enterprise-grade security standards.

3. Include Vendor Oversight in Your Security Strategy

Comprehensive IT security solutions for business must include ongoing risk assessments of third-party providers. That means evaluating their controls, certifications, breach response readiness, and contract terms.

4. Incident Response Plans Should Cover Vendor Breaches

One critical—but often underestimated—element of your response plan is preparing for vendor failure. It’s not a matter of if, but when. The speed and clarity with which you detect, contain, and communicate that failure will ultimately define the impact on both your systems and your reputation.

Implementing IT Security Solutions That Account for Vendor Risk

As your trusted MSP, we work alongside you to ensure comprehensive security across your vendor ecosystem. Here’s how we help you proactively manage third-party risk with your collaboration and support:

Vendor Security Reviews: We perform regular due diligence, request SOC reports, and audit critical partners on your behalf, ensuring you’re always informed about their security posture.

Contractual Security Requirements: We guide you in incorporating cybersecurity language and indemnity clauses into vendor agreements, making these terms non-negotiable to protect your business.

Network Segmentation: We implement network segmentation strategies to isolate third-party systems from your critical data environments, minimizing the impact of a potential breach.

Continuous Monitoring: Using advanced security tools, we provide you with full visibility into external data flows, third-party access, and any suspicious or anomalous activity, helping you stay ahead of threats.

Staff Awareness: We partner with your internal teams to foster a culture of security, educating staff on the importance of managing third-party security risks.

Securing the Whole Picture: Why IT Security Solutions Must Include Your Vendor Ecosystem

The Hertz breach through Cleo Communications is a powerful reminder that IT security solutions for business must go beyond firewalls and passwords. They must account for the increasingly interconnected and vulnerable reality of digital operations.

If your organization hasn’t recently revisited its vendor risk strategy, now is the time. Even the strongest internal controls can be undone by a weak link in your supply chain. Contact us today to schedule a consultation and ensure your vendor ecosystem is fully secure—before it’s too late.

Get expert IT tips, industry insights, and updates on the latest managed IT solutions for your business. Stay ahead of the competition and ensure your IT systems are optimized with Louisville Geek’s trusted services.

Stay updated by signing up for our newsletter

Company Statement

Louisville Geek delivers comprehensive Managed IT Services, providing businesses with proactive support, expert solutions, and cutting-edge technology to ensure seamless operations and security.

Managed IT Services

Enterprise IT Services
Cloud Services
Network Management
IT Security Solutions
Incident Response
Business Intelligence Services
Disaster Recovery & Business Continuity
Low Voltage Services
VoIP Management
Web & Software Development
IT Project Management Services

soc2
EOS