SolarWinds Breach

SpearTip | March 12th, 2021

 

The SolarWinds Breach has maintained headlines due to the impact on organizations across the market as court hearings begin heating up for the company. The breach has changed many opinions in cybersecurity since its discovery in December 2020. One of them is Congress’ viewpoint on mandatory breach reporting.

Mandatory Reporting Requirements

In March 2020, the Solarium Commission, a high-level study group, recommended federal law implement a mandate on notifications. This shows the direction the cyber industry was moving even before the breach. Now, the SolarWinds breach has shed new light on this topic and boosted its priority as the investigations uncover more information.

Earlier this year, a House bill passed requiring the Department of Homeland Security to create a cyber incident reporting program with oversight from the CISA (Cybersecurity & Infrastructure Security Agency). However, the Senate denied the bill after the Chamber of Commerce called for rejection. Their explanation for denying the bill was how it “undercuts public-private cybersecurity collaboration”.

An altruistic viewpoint is if incidents must be reported to a government agency, nothing will go undetected and it will allow full transparency on breaches. On the other hand, anything bringing awareness to the need for cybersecurity and how impactful breaches can be is beneficial.

Aspects of the SolarWinds Breach

Forcing the reporting of breach notifications is a customer-forward approach but brings up many concerns around the definition of a breach. A breach is a legal definition unique to different state and compliance frameworks and very well may take days/weeks to fully investigate the breach that would extend past mandatory reporting requirements. This is something at the federal level that has not yet been set in stone across the United States.

Another important aspect to cover in the situation regarding the SolarWinds breach is the fact third-party services can be a major concern for supply chain or vendor remote access. Threat actors are completely aware of the fact they can utilize third-party vendors to infiltrate many different organizations at once. This is exactly what happened in the SolarWinds breach. If your organization is utilizing a third-party management software or service, understand the risks that come along with it. Understand how third-party software interacts with your organization, or better yet, leverage the expertise of a trusted security monitoring firm to handle the relationship between your organization and the third-party vendor.

At SpearTip, we understand the need for outsourced IT, MSP, and third-party support. SpearTip has specifically created a security solution for these IT vendors to partner with that allows our ShadowSpear® Platform to protect their clients through SpearTip’s Channel program. As we previously mentioned, access to many different networks and organizations is what makes third-party vendors a prime target for malicious threat actors.

Since we haven’t seen the last of the fallout from the SolarWinds breach, it’s always reassuring when you’re engaged with the right security firms before a breach occurs. No executives want to be stuck in the spotlight for failing to notify affected customers or patients that their sensitive data was accessed and published by malicious threat actors. Enduring a cyberattack is already a large enough obstacle to overcome in itself, so don’t allow it to ruin the trust of your customers, patients, and supporters. Be responsible, be transparent, but most of all, be proactive.

Categories

Connect With Us

Featured Articles

Cuttlefish Malware
Cuttlefish Malware: A New Threat to Routers and Traffic Monitoring
24 May 2024
Security Awareness Training
Security Awareness Training Crucial Role
22 May 2024
Phishing Campaign Assessments
Phishing Campaign Assessments Can Be Effective For Companies
20 May 2024
Incident Response Planning
Incident Response Planning: Why It's Important
17 May 2024

See ShadowSpear in Action

Identify, neutralize, and counter cyberattacks - provide confidence in your security posture

Stay Connected With SpearTip

Inside the SOC Newsletter

View our articles that cover trending topics in cybersecurity with insights from our 24/7/365 Security Operations Center.

ShadowSpear Platform

Cybersecurity actors are working around the clock, shouldn’t your security team be too? Technology solutions and security controls fail for a number of reasons, poor deployment, improper implementation, or just no one monitoring the alerts.

ShadowSpear Demo

Experience ShadowSpear for yourself. Our lightweight, integrated solution will help you sleep easier at night and provide immediate confidence in your security posture.