SolarWinds hack turning into Pandora’s box of cyber-risk
By 
Jaclyn Jaeger2021-02-02T20:47:00
The more we learn about the SolarWinds hack, the more troubled compliance officers should be by the scope and breadth of the risks their companies might have incurred.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
PremiumShades of SolarWinds in lessons from MOVEit hack
A ransomware attack affecting some of the U.K.’s largest corporations has highlighted once again how exposed organizations can be if the levels of cybersecurity used by their third parties are not as strong as expected.
-
PremiumCISA strategist: What is an SBOM and why it matters to compliance
Cyberattacks on software are increasing, and the best chance organizations have of protecting themselves is to know about potential vulnerabilities through a software bill of materials, CISA Strategist Allan Friedman shared at CW’s virtual Cyber Risk & Data Privacy Summit.
-
ArticleSolarWinds under SEC probe for handling of 2020 cyberattack
SolarWinds revealed the Securities and Exchange Commission is examining cybersecurity disclosures and public statements the company and its executives made after its massive 2020 data breach caused by hackers backed by the Russian government.
More from Cybersecurity
-
ArticleRetail energy compliance must focus on resilience and reporting
Cybercrime and national critical infrastructure responsibilities are key concerns for retail energy sector compliance. Resilience is vital for companies that keep the lights on and power financial institutions and hospitals.
-
News BriefU.K. says company boards need to worry more about cybersecurity risks
The U.K. government wants directors and boards of directors to become more actively involved in cybersecurity risks facing public and private companies, as the world faces “alarming” threats from criminal gangs and malicious nation-states. Though many organizations take cybersecurity seriously, the U.K. government says they do not place management of ...
-
PremiumNavigating compliance: A guide for small teams to tackle CMMC
Many small organizations within the Defense Industrial Base are struggling to meet the rigorous requirements validated through the Cybersecurity Maturity Model Certification, writes Thomas Graham, CISO at Redspin. If you haven’t been tracking it closely, CMMC was finalized in October, with an effective date of December 16, 2024.