The CISO’s soapbox
To be honest even I am tired of Solarwinds and I think that the employees of Solarwinds are equally tired of being used as the day’s bad example or by some other vendor “ohhhh look they did that wrong but if they used our kit then this would not have happened because we do it right”. I bet you they don’t…. I will bet you good money that any “vendors” network can be breached and used as the next example of how not to do it. I would also say that be careful when boasting about how good you are because you are just issuing a challenge to every hacker out there to prove you wrong.
So, if you don’t want to be the next “bad example” then start treating this like the war it is. You DON’T need all the best kit in the world to be “ok”, you need to do your basics right, you need to look at this like a battlefield and act accordingly.
Maybe its time to listen to the old warriors … they had their metal tested and survived their battles.
“If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.”
― Sun Tzu, The Art of War