/* ---- Google Analytics Code Below */

Tuesday, March 02, 2021

Spending in a Solarwinds and COVID Context

Interesting to see the specific implications of security and supply chain contexts. 

Breaking Analysis: How the SolarWinds Hack & COVID are Changing CISO Spending Patterns By David Vellante  FEBRUARY 13 2021  in WikiBon

Top security pros say that the SolarWinds hack and the pandemic have accelerated a change in their cyber security spending patterns. Not only must CISOs secure an increasingly distributed workforce, but they now must also be wary of software code coming from reputable vendors, including the very patches designed to protect them against cyber attacks. Organizations are increasingly prioritizing zero trust approaches including simplified identity access management, better endpoint protection and cloud security. While leading solutions in these sectors are gaining momentum, traditional legacy offerings are being managed down from a spending perspective. 

In this Breaking Analysis, we’ll summarize CISO sentiments from a recent ETR VENN session and provide our quarterly update of the cybersecurity sector. In an upcoming episode we’ll be inviting Erik Bradley of ETR to provide deeper analysis on these trends. Here we’ll give you a first look and our initial take on what’s happening in the information security sector as we kick off 2021. 

The SolarWinds Attack was “Like Nothing We’ve Ever Seen”

It’s been covered in the press but in case you don’t know the details, SolarWinds is a company that provides software to monitor many aspects of on-prem infrastructure, including network performance, log files, configuration data, storage, servers, etc. Like all software companies, SolarWinds sends out regular updates and patches. Hackers were able to infiltrate the update and “trojanize” the software. Meaning when customers installed the updates, the malware just went along for the ride.   ... ' 

No comments: