The unique and sophisticated cyberattack saw the company start taking remedial actions even while investigations are still underway. A crucial step was involving SolarWinds’ cyber insurer and its brokers at Marsh immediately, said Jason Bliss, chief administrative officer and general counsel for SolarWinds. This enabled SolarWinds to understand the scope of additional services — beyond the coverage itself — that were available via the company’s cyber insurance policy.
During the webcast, Messrs. Ramakrishna and Bliss shared information about the unique attack, how it affected SolarWinds and its supply chain, and the actions the company took — and is still taking — to remediate and improve its security.
They also noted that cyber breaches will continue to happen. “If a nation-state attacker wants to compromise your network or assets, it’s going to be a matter of when — and not if,” Mr. Ramakrishna said. But companies can take action.
SolarWinds cyberattack: meeting the new cybersecurity bar
The timely sharing of information following a major cyberattack like the one on SolarWinds, a US information technology company, can be critical in helping other organizations prepare for similar threats.
Speaking during the second part of Marsh’s webcast series related to the cyberattack, SolarWinds chief information security officer Tim Brown noted that the targeted and sophisticated cyberattack the company experienced last year is not generally the type of attack organizations prepare for. “Now we need to prepare for more of these as a community.”