Request A Consultation

Navigating the Shared Responsibility Model: Lessons Learned from the Snowflake Cybersecurity Incident

Jerry Dawkins, PhD

In the world of cybersecurity, the recent incident involving Snowflake has sparked a significant discussion around the shared responsibility between vendors and customers. The attacks, which targeted over 100 Snowflake customers, have highlighted vulnerabilities that arise not from the platform itself, but from how customers manage their security environments.


A Bold Stance: Snowflake’s Response

Snowflake’s response to the incident was a bold one—they pointed the finger at their customers, emphasizing that the breaches were a result of compromised credentials and a lack of proper security measures, like multi-factor authentication (MFA). While Snowflake’s stance might seem audacious, it’s partially true. Customers indeed bear the responsibility to secure their environments by implementing recommended security practices. However, this perspective raises an important question: Shouldn’t vendors also play a more active role in ensuring security by default?


The Case for Secure Defaults

If Snowflake strongly advocates for the use of MFA, why not make it a default setting? In today’s threat landscape, relying solely on customer diligence isn’t enough. According to the Verizon 2024 Data Breach Investigations Report, 77% of web-based application attacks involve stolen credentials. This statistic underscores the need for vendors to do more than just recommend best practices—they need to enforce them. By integrating secure defaults like mandatory MFA or seamless integration with Single Sign-On (SSO) providers, vendors can significantly reduce the risk of credential-based attacks.


The Case for Shared Responsibility

The Snowflake incident is a stark reminder of the importance of the shared responsibility model in cybersecurity. Vendors should not only provide secure platforms but also ensure that security features are easy to implement and, where possible, automatically enforced. On the other hand, customers need to demand a clear and robust shared responsibility model from their vendors. It’s crucial for enterprises to validate that their implementation of their vendors is holding up their end of the bargain when it comes to security.


A Call to Action

The Snowflake incident serves as a wake-up call for both vendors and customers. Vendors need to take proactive steps to ensure their platforms are secure by default, minimizing the risk of human error. Meanwhile, customers must take an active role in understanding and validating their shared responsibility with their vendors. By working together, we can create a more secure digital landscape where both parties contribute to safeguarding sensitive data.

CISO Global stands at the forefront of this conversation, advocating for stronger vendor-customer collaboration and helping organizations navigate the complexities of cybersecurity. It’s time to move beyond blame and work together to build a more resilient future.


Jerald Dawkins, PhD

About the Author 

Jerald Dawkins is the Chief Technology Officer (CTO) for CISO Global and has founded and exited several cybersecurity companies, including True Digital Security and TokenEx, LLC, both based in Oklahoma. (True Digital Security was acquired by CISO Global in January 2022.) He currently holds three (3) patents in the cybersecurity field. Additionally, Jerry has secured millions of dollars in over twenty-five (25) federal and industry research grants for cybersecurity research, in addition to having served as a cybersecurity advisor for Department of Homeland Security Inter-Agency Board supporting the First Responder community. As a tireless advocate for technological and skills development, Jerry has also held numerous board positions supporting STEM education and actively advises the technology innovation community in Tulsa, Oklahoma.

Jerry’s elite combination of security and technology expertise, business acumen, and creativity has positioned him as a thought leader in the field of information security and cyber resilience. 

He received his Bachelor of Arts degree in Computer Science from Fort Lewis College in Durango, Colorado, and his Master of Science degree from The University of Tulsa. His PhD dissertation, also from The University of Tulsa, focused on heuristics for scalable compound exposure analysis.