/* ---- Google Analytics Code Below */

Monday, April 26, 2021

Comments on Solar Winds Security Event

 Well done piece on the implications and future considerations for  the recent Solar Winds cybercriminal Data compromise.   Some good thoughts.  Below the introduction ....  and linkon for the detail.  Full coverage at the link.

The Winds of Change – What SolarWinds Teaches Us

Gary Hibberd is the ‘The Professor of Communicating Cyber’ at Cyberfort and is a Cybersecurity and Data Protection specialist with 35 years in IT. 

In December 2020, the world discovered that the SolarWinds’ Orion Platform had been compromised by cybercriminals, potentially affecting thousands of businesses the world over. Security groups such as the National Cyber Security Centre (NCSC) provided advice and guidance to security teams and IT companies on what actions they should take to minimize the impact on them and their customers.

But the Advanced Persistent Threat (APT) carries with it a worrying sub-text that requires further exploration as companies continue to tackle the ongoing issues of a global pandemic and an increasingly fatigued and remote workforce.

Knowledge is power

In the wake of the discovery of the breach, national security agencies such as the NCSC were prompt in providing advice and guidance. Using tools such as the Cyber Information Sharing Programme (CiSP), they shared technical information on how to assess if an organization was at risk and what actions they should take if they were. Following the announcement, SolarWinds provided comprehensive advice and information, which is well worth reviewing as it also provides a detailed ‘FAQ’ section. However, it’s easy for such information to get lost in the midst of the social media hysteria and noise that tends to follow any large-scale attack.

The advice offered by the CiSP includes the following steps;

No comments: