All SolarWinds articles
-
News BriefSolarWinds cries SEC ‘overreach’ in fraud lawsuit against company, CISO
SolarWinds will contest a lawsuit brought by the Securities and Exchange Commission against it and its chief information security officer alleging fraud and internal control failures related to the software company’s cyberattack reported in 2020.
-
PremiumShades of SolarWinds in lessons from MOVEit hack
A ransomware attack affecting some of the U.K.’s largest corporations has highlighted once again how exposed organizations can be if the levels of cybersecurity used by their third parties are not as strong as expected.
-
News BriefFive more board members resign in DOJ antitrust sweep
Five corporate board members resigned after being flagged by the Department of Justice for potentially violating the antitrust provisions of the Clayton Act.
-
PremiumCISA strategist: What is an SBOM and why it matters to compliance
Cyberattacks on software are increasing, and the best chance organizations have of protecting themselves is to know about potential vulnerabilities through a software bill of materials, CISA Strategist Allan Friedman shared at CW’s virtual Cyber Risk & Data Privacy Summit.
-
ArticleSolarWinds under SEC probe for handling of 2020 cyberattack
SolarWinds revealed the Securities and Exchange Commission is examining cybersecurity disclosures and public statements the company and its executives made after its massive 2020 data breach caused by hackers backed by the Russian government.
-
ArticlePandemic effect on TPRM practices here to stay, expert warns
With many businesses still sorting through the new layers of risk that have emerged over the last 16 months, Linda Tuck Chapman of the Third Party Risk Institute shared her top areas of focus and more at CW’s virtual TPRM event.
-
WebcastCPE Webcast: TPCRM best practices that reduce supply chain risk
Organizations are adopting digital transformation and, as a result, increasing their reliance on third parties faster than they can scale their third-party cyber-risk management programs.
-
ArticleU.S. sanctions Russia over SolarWinds hack
The Treasury Department announced sanctions against Russia implemented under an executive order from President Joe Biden in response to the SolarWinds hack and alleged election interference by the country.
-
ArticleData breach disclosures drop in 2020, report says
Cyber-breach disclosures in 2020 were down 19 percent from 2019—the first drop in the statistic in five years, according to a new report from Audit Analytics.
-
ArticleKroger joins victims of Accellion data breach
Two months after cloud service vendor Accellion first identified one of its legacy products was targeted by a sophisticated cyber-attack, users of the product continue to feel the impact, with grocery chain Kroger the latest to reveal its exposure.
-
ArticleSurvey: Firms enhanced cybersecurity in 2020, but not enough
Companies forced to pivot to remote work in a global health crisis spent the bulk of 2020 grappling with heightened cyber-security risks. A year later, compliance practitioners say their companies’ cyber-security postures are better for it—even in the wake of the stunning SolarWinds hack.
-
ArticleSolarWinds hack turning into Pandora’s box of cyber-risk
The more we learn about the SolarWinds hack, the more troubled compliance officers should be by the scope and breadth of the risks their companies might have incurred.
-
ArticleBiden names NSA cyber head to White House position
Anne Neuberger, currently the cyber-security director at the National Security Agency, has been appointed to fill a newly created cyber-security position on President-elect Joe Biden’s National Security Council.
-
ArticleLearning from SolarWinds: Five steps to fortify your cloud supply chain
For most companies, supply chain risk management traditionally focuses on managing physical third-party risks. But what the SolarWinds cyber-attack revealed is the catastrophic havoc fourth and fifth parties can also wreak in the often-ignored cloud supply chain.
-
ArticleCyber-security lessons from the SolarWinds hack
The lessons from the massive SolarWinds hack on where vulnerabilities still lurk in the third-party vendor supply chain cannot be grasped soon enough.