SEC Charges Against SolarWinds CISO Send Shockwaves Through Security Ranks
The legal actions may have a chilling effect on hiring CISOs, who are already in short supply, but may also expose just how budget-constrained most security executives are.
SolarWinds is associated with software supply-chain security, network management tools, and the 2020 compromise that affected public and private organizations.
Search across headline titles and summaries.
Background for this topic.
SolarWinds is a software company whose IT-management and network-monitoring products are used to administer systems and collect operational data. In security news, the tag commonly covers its products, vulnerabilities, and the 2020 Orion supply-chain compromise, in which attackers inserted malicious code into legitimate software updates; selected downstream customers were then targeted.
The central security concern is that management software often has broad network visibility and administrative access, making its build pipeline, update mechanism, and deployment environment high-value attack surfaces. Organizations should distinguish the Orion compromise from separately reported product vulnerabilities, maintain an inventory of affected versions, apply verified fixes, and restrict management servers’ privileges and outbound communications. Monitoring unusual authentication, remote administration, or connections from management infrastructure can support detection, while threat intelligence and incident response may be needed to assess whether a compromised update was installed and what systems it could reach.
The legal actions may have a chilling effect on hiring CISOs, who are already in short supply, but may also expose just how budget-constrained most security executives are.
Complaint alleges company overstated security posture and understated risks
The U.S. Securities and Exchange Commission (SEC) today charged SolarWinds with defrauding investors by allegedly concealing cybersecurity defense issues before a December 2020 linked to APT29, the Russian Foreign Intelligence Service (SVR) hacking division. [...]