The number of SolarWinds victims will likely grow in the upcoming months, but direct insured costs should remain close to the current estimate since many of the organizations hit – particularly federal agencies – do not carry insurance against cyber risks.
Government/Defense, Security News, Women in IT Security
NSA's Anne Neuberger will assume her new role on the heels of some other shifts among cyber leaders: John Costello resigned as deputy assistant secretary for intelligence and security at the Commerce Department, and ousted CISA director Chris Krebs is heading to SolarWinds.
Data Breach, Government, Government/Defense, Security News
The agency has found evidence of authentication token abuse in networks infected with corrupted versions of Orion software and say restoring integrity will require a full network rebuild in certain cases.
Featured, Government/Defense, Security News, Year in Review
The department formally confirmed the hackers' tentacles had reached into the agency, but that the malware injected had been isolated to its business networks. Some security experts argue, however, that visibility into the IT network may give hackers a path to the OT network.
The incoming Biden administration may see several opportunities to take up the cause, potentially devoting significant federal resources to researching and defending critical infrastructure and critical supply chain components like SolarWinds, and demanding more of vendors.
Sacramento began offering free, comprehensive cybersecurity training for workers displaced from jobs due to COVID-19. It's a model that could have legs for a national program, with the right government commitment.