By now, you’ve all read or heard about the SolarWinds cybersecurity breach. The story seems to be following what has become a familiar pattern: The breach began months ago, but wasn’t uncovered until recently. Moreover, the breach apparently was revealed by a secondary target, not by the primary target.
“Russia's hack of IT management company SolarWinds began as far back as March, and it only came to light when the perpetrators used that access to break into the cybersecurity firm FireEye, which first disclosed a breach on December 9. Since then, a cascading number of victims have been identified, including the US Departments of State, Homeland Security, Commerce, and the Treasury, as well as the National Institutes of Health,” writes Brian Barrett of Wired. “The nature of the attack—and the tremendous care taken by the hackers—means it could be months or longer before the extent of the damage is known.”
As an industry, we need a better system for pooling information about cyber risk. We need to share our collective wisdom and implement practical strategies for mitigating risk. We need to elevate our peer-to-peer networks and transform them into efficient engines for collaboration and continuous improvement.
Some security analysts are already downplaying the impact of the SolarWinds hack. But nobody knows what information – or which systems –the next attack might compromise. So far, it looks like the attackers mainly stole data and software tools. If future attacks target cyber-physical systems such as power grids or water treatment plants, the impact might be far more serious.
As technology leaders, we need to get more involved in the conversations around cybersecurity. Frankly, I believe it’s our duty and responsibility to share our collective expertise and real-world experience. We need to be in the room where it happens.