Eight months after the spectacular cyberattack, what can an IT software firm do to reassure customers of its renewed cybersecurity commitment?

To address the industry-wide ramifications of the SUNBURST cyberattack and help strengthen its own security posture going forward, SolarWinds has introduced an initiative to become “Secure by Design”.

Under this approach, SolarWinds is focused on further securing its internal environment, enhancing its product development environment, and ensuring the security and integrity of the products it delivers as it seeks to evolve into an industry-leading secure software development company.

According to the firm, the lessons gleaned from the SUNBURST investigation have also presented an opportunity for it to lead an industry-wide effort around transparency and collaboration, and to develop a new model for secure software environments, development processes, and products.

In partnership with former CISA leader Chris Krebs and former Facebook Chief Security Officer Alex Stamos (co-founders of the Krebs Stamos Group), the firm is developing best practices to enhance its security posture and policies, while also serving as a guide for other organizations as they work to prevent future attacks.

A timely report

In its eighth annual IT Trends Report, released eight months after the SUNBURST cyberattack, the firm has also analyzed the state of risk within the IT industry today and expects to provide guidance on workplace strategy, tool sets, preparedness, and leadership for companies as they work to construct an organization built to withstand risk.

The report findings uncover a reality in which exposure to enterprise IT risk is common across organizations but perceptions of apathy and complacency surrounding risk preparedness are high as businesses exit a year of pandemic-driven “crisis mode.” Some of the key findings include:

  • Security threats associated with external breaches and the internal impact of the pandemic IT policies emerged as the leading macro trends influencing enterprise IT risk in the survey.
  • Surveyed tech pros were confident in their risk management and mitigation preparedness strategies although enterprise IT risk exists within their organizations.
  • While tech pros in the study prioritized investments in security and compliance, network infrastructure, and cloud computing as core technologies to help manage risk, implementation was hampered by dwindling resources and access to personnel training. 
  • Tech pro respondents were capitalizing on an opportunity to foster greater alignment and collaboration with senior leaders who will best position their organizations to manage and mitigate risks in the future. 

This year’s study features an interactive component where visitors to the web experience can see how they compare to the results. All regions studied in the Mar/Apr 2021 research included 967 respondents across all geographies including North America, Australia, Germany, Hong Kong, Japan, Singapore, and the United Kingdom.

Said the firm’s President and CEO, Sudhakar Ramakrishna: “When it comes to risk management and mitigation, prioritizing intentional investments in technology solutions that meet business needs is critical. More than ever before, tech pros must partner closely with business leaders to ensure they have the resources and headcount necessary to proactively address security risks. More importantly, tech pros should constantly assess their risk management, mitigation, and protocols to avoid falling into complacency and being ‘blind’ to risk.”