Will SolarWinds recover from this breach?

492 viewscircle icon1 Upvotecircle icon15 Comments
Sort by:
CIO in Education5 years ago

They might. How SolarWinds customers recover from this breach is also an interesting question. Who will you trust? How will you continue to patch? Is there a vendor who is any better or in whom you’d have more confidence that this can’t or won’t be repeated?

Senior Information Security Manager in Software5 years ago

Of course it will, as most companies do.

 

From Yahoo, Equifax, to Home Depot, Target and countless more. They all recovered from significant breaches.

CISO in Finance (non-banking)5 years ago

If JetBrains turns out to be the reason why SolarWinds happened, that could be a get-out-of-jail-free card for SolarWinds.

Lightbulb on1 circle icon1 Reply
no title5 years ago

Oh, that's true too. Although that CEO just came out recently and said they weren't behind it, there's no implications. So whether or not that's true, we'll see. But they've denied any connection to it.

Board Member, Advisor, Executive Coach in Software5 years ago

SolarWinds might be one of those companies that doesn't recover from it, depending upon the liability that gets across. There was just a class action lawsuit filed, which we all know how those go. Those end up being wonky things that take years. But I do know a bunch of people that have shut off SolarWinds and they're flying blind. The question becomes, "Is the next solution any less risky?" And if they come to the conclusion it's not and SolarWinds is at least operationally better because they've got the tooling and the experience, they're going to stay with SolarWinds, in which case, there's just going to be this blip.

Lightbulb on1 circle icon3 Replies
no title5 years ago

There’s been a 34% drop, so I'm waiting for it to pop back up. It was only a few days ago it came out that Microsoft's source code may have been compromised and it's a blip because they're like, "Well, it's Microsoft. They may have lost their source code, but you know what? Let's just not talk about that."

no title5 years ago

Well, to be honest, they had to give their source code to the Chinese years ago anyway. Right?

Managing Partner & CISO in Software5 years ago

Here's something to consider, and I think that we're going to see this across the supply-chain piece because when you look at the real executive ranks, the CFO, CEO, COO, they care and they pay attention to market activity and share price. What does that look like here? We study companies. FireEye had a 10% drop after it's breach and it's up 50% since then. Up 50% since before the breach. Literally, people didn't care. And you can say, "Well, FireEye did a great job..." But really, once people realize that it wasn't going to really impact the business of FireEye they said, "Okay, we're pretty good” You get the initial emotional sell-off and then within a few weeks, a couple of months, a couple of quarters in some cases, it's above where it was before. So when you look at it from a public company and if you go to the theory that the board and the CEO's sole responsibility is shareholder value, the data says cybersecurity is irrelevant to shareholder value other than in a temporary fashion. And if their job is to maximize long term shareholder value, they shouldn't care about information security. That’s one of the reasons why we have an issue in the industry. If you remember, a couple months ago United Health Services had that big breach. It went from 110 down to 104 and it sits at 142 today. The organization that is impacted but still has not recovered from its breach is SolarWinds and I believe that the reason why is because shareholders are actually waiting to see, "Are they going to lose customers over this?" Because once they realize they're not going to lose customers, because it's super-sticky and no CIO is going to rip out their whole network infrastructure monitoring, the shareholders won’t care.

6 Replies
no title5 years ago

That's been true for almost all breaches. I have an investment theory that I've mapped. I haven't spent the money, though I should've. It's called BOB, Buy On Breach.

no title5 years ago

That's what I mean. Plus, there's some actual interesting nationalism components at play in the SolarWinds situation. I had this conversation with somebody, actually, just last week. And they were like, "Hey, this is crazy. Can you believe this?" And I was like, "Tell me what the largest Russian company in the world is or any of their top 100 largest companies." And they're like, "Well, I don't know." And I'm like, "The same way that U.S. companies are collateral casualties of war for these nation-states, like Russia and China, we have to recognize that those Russian companies are collateral casualties of war for our NSA and CIA as well." And it's this interesting, "Oh my gosh, I can't believe they're doing this," but let's really forget about any of the nuclear reactors that we hypothetically may or may not have blown up. It's just this really, really interesting piece here.

Content you might like

AI-driven threats (deepfakes, automated attacks) 18%

Software supply chain risks 24%

Insider risk (both malicious & accidental) 13%

Regulatory compliance 13%

Cloud misconfigurations 13%

Shadow IT (or shadow AI) 8%

Ransomware 5%

Talent shortage in cybersecurity3%

Something else (comment to explain)3%

View Results

Full visibility7%

High visibility (most of my attack surface)55%

Partial visibility (at least half of my attack surface)24%

Low visibility (less than half of my attack surface)8%

No visibility2%

I'm not sure1%

View Results