Summary
Security and risk pros should understand that SolarWinds’ Orion IT management and monitoring platform was successfully breached by threat actors and distributed weaponized updates to US government agencies and commercial organizations. Security and risk pros also need to understand the nature of the tactics used and go over the possible steps required to detect, mitigate, and remediate in order to limit the damage to their organizations, given the install base and adoption of the SolarWinds toolset. The US Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive 21-01, which provides comprehensive guidance on steps to take for government agencies, but the actions detailed are also relevant for commercial organizations.
- Stay ahead of changing market and customer dynamics with the latest insights.
- Partner with expert analysts to make progress on your top initiatives.
- Get answers from trusted research using Izola, Forrester's genAI tool.