The SolarWinds hack and the never-ending stream of revelations about the attackers’ tools, techniques and other targets has been occupying the minds of CISOs and organization’s cyber defenders since mid-December.
The breach announcement came as a shock to many, but Greg Touhill, President of Appgate Federal Group, says that he wasn’t surprised – just disappointed.
“When I retired from government service as the US government’s [first] Federal CISO, I was already ‘all-in’ on the zero trust security strategy and extremely concerned about the integrity of the supply chain of our products and services,” he told Help Net Security.
“I certainly wasn’t alone: in 2019, my colleagues in the Information Technology Sector Coordinating Council and I participated with the Communications Sector and the government in an Information & Communications Technology Supply Chain Risk Management Task Force that identified numerous risks to our supply chain. Many of us forecasted the risk of an adversary penetrating a supplier’s software development lifecycle and deliberately insert a backdoor. We thought it a feasible scenario we ought to plan for as part of our enterprise risk plans.”
Best practices and the best technology
CISOs of organizations that have been hit by the attackers (whether they’ve used the compromised SolarWinds Orion platform or not) are now mulling over how to make sure that they’ve eradicated the attackers’ presence from their networks, and those with very little risk tolerance may decide to “burn down” their network and rebuild it.
Whichever decision they end up making, Touhill believes that implem ..