by Arik Solomon, November 06, 2023

time-icon 4 minutes read

In the wake of the Security and Exchange Commission (SEC) charging SolarWinds Corp with fraud over misreporting cyberattack readiness, it has become abundantly clear that we are standing at a crucial juncture in the realm of cybersecurity. The question is no longer only if security incidents will occur; they will, it’s only a question of time. It is now clear that security leaders are at the frontlines of cyberattacks facing both business and personal risks. In this climate, maintaining consistent, ongoing visibility and control over essential security measures has become more vital than ever.

In Brief: The SolarWinds Cyberattack and SEC Allegations

The charges stem from the cyberattack on SolarWinds in 2020, attributed to the Russian Foreign Intelligence Service, which inserted malware into the company’s Orion IT monitoring application, compromising high-value targets. This allowed Russian operatives to infiltrate numerous large companies and various U.S. government departments, including the Defense Department, Justice Department, Commerce Department, Treasury Department, Department of Homeland Security, State Department, Department of Energy, and more.

The SEC alleges that between SolarWinds’ initial public offering in October 2018 and the disclosure of the hack in December 2020, the company and its Chief Information Security Officer (CISO) Timothy G. Brown misled investors by downplaying cybersecurity risks despite being aware of specific deficiencies in their cybersecurity practices. Internal reports revealed vulnerabilities, such as a “not very secure” remote access setup, and Brown’s presentations acknowledged the vulnerability, indicating a lack of security for critical assets. The company’s disclosure of the cyberattack in December 2020 was considered incomplete.

SolarWinds’ unfortunate cyberattack serves as a poignant example of the devastation that can be wreaked when cybersecurity is compromised. This incident, which compromised multiple organizations, including prominent U.S. government agencies, underscores the gravity of the situation. Personal liability in this case also extends to Brown, who is alleged to have misled investors by downplaying cybersecurity risks despite being aware of specific deficiencies in their cybersecurity practices. Brown’s knowledge of the vulnerabilities, such as the “not very secure” remote access setup, and his acknowledgment of these vulnerabilities in presentations, suggests his potential personal liability in the alleged investor deception. If the allegations are proven, Brown could face legal consequences and personal financial liability, which may include fines, penalties, or even civil lawsuits from affected investors. This highlights the importance of personal accountability for executives and officers in matters related to cyber GRC, especially in cases where they are accused of misrepresenting critical information to investors and stakeholders.

Attaining Granular Configuration, Maintaining Ongoing Control

The challenge we face today is the rapidly expanding landscape of IT systems, applications, and data. This proliferation of digital assets creates gaps in fundamental security controls, making many organizations vulnerable. The truth is, in this digital age, an organization’s security is only as strong as its weakest link. Hence, it is imperative that we address this growing threat comprehensively.

Manual approaches to cybersecurity and governance, risk and compliance (GRC) are no longer sufficient. We must embrace advanced automation methods to fortify our defenses and protect our customers, companies, and stakeholders. The need for ongoing visibility and control has never been more critical. Let’s explore how this can be achieved.

Proactive Security Measures

To bolster cybersecurity, organizations must adopt proactive security measures. This includes running cyber risk analysis periodically, and implementing robust security controls to mitigate those risks, such as strong password policies that prevent unauthorized access and ensuring least privileged user access, limiting user permissions to the minimum necessary for their tasks. By doing so, we reduce the attack surface and make it more challenging for adversaries to exploit vulnerabilities.

The Power of Automation

Manual approaches to cybersecurity have become outdated. The evolving threat landscape demands a dynamic response. Cyber GRC automation (CGA) plays a pivotal role in maintaining ongoing visibility and control. By automating security controls, organizations can continuously monitor for emerging threats and vulnerabilities, responding rapidly to any security breaches. Automation allows us to stay one step ahead of cyber threats.

Integrating Security in the SDLC

Security should not be an afterthought; it should be ingrained in every step of the Software Development Life Cycle (SDLC). By ensuring robust security practices throughout the development process, we significantly reduce the likelihood of introducing vulnerabilities during software creation. This, in turn, makes it much harder for malicious actors to exploit weaknesses.

Conclusion

The SolarWinds case serves as a stark reminder of the profound repercussions that can result from insufficient cybersecurity measures. It’s not merely a matter of damaging one’s reputation; it extends to the potential compromise of national security. In light of these daunting challenges, it is crucial to underscore the paramount importance of maintaining continuous visibility and control to ensure a secure environment.

As we navigate the ever-evolving landscape of digital threats, it is our collective responsibility to adopt advanced automation methods and implement comprehensive security controls. This approach is necessary not only to safeguard our digital assets and protect our customers but also to secure our future in an increasingly perilous digital landscape. The SolarWinds incident is a vivid illustration of why proactive and ongoing security measures are paramount.

It’s essential to recognize that while we focus on the SolarWinds incident today, the reality is that, in the current state of affairs marked by sprawling IT environments, a lack of visibility and enforcement, and increasingly sophisticated threat actors, such an event could potentially befall virtually any company. This underscores the urgency and universality of the issue, making it imperative for all organizations to be proactive and vigilant in their cybersecurity efforts.

Cypago provides you with the Cyber GRC Automation (CGA) tools to catch and prevent security breaches. Schedule a demo with us today to find out how.