Podcast: Experts laud SolarWinds post-attack efforts, but why’d it take a massive cyber incident to make changes?
“A lot of what they are doing is probably overkill. They are showing they are not just the basics, but changing everything and taking security into overdrive to re-establish that trust,” said Bryson Bort, a senior fellow for cybersecurity and emerging threats at R Street Institute, a think tank, in an interview.
R Street’s Bort said while these changes are important, the real question for SolarWinds and really all organizations is how fast can they detect, respond and mitigate future intrusions.
“At the end of the day a determined adversary will always win. If SolarWinds implemented all of these defensive measures two years ago, this still would’ve happened because a nation state that wants to get into a network will,” he said. “Your risk is an embodiment of every vendor in your environment and agencies have to look hard at detect and response. What is your ability to see what happened afterwards? That is the big question.”