Posts Tagged ‘solarwinds’
SolarWinds, Part III: ‘Following’ the NIST Framework
Today we return to the lawsuit the Securities and Exchange Commission has filed against SolarWinds, the IT services firm that suffered a disastrous cyber attack in 2020. How much does SolarWinds’ compliance with the NIST framework for cybersecurity — or its lack thereof — figure into this risk management morass? Quite a lot, at least…
Read MoreSolarWinds, Part II: This Is Not New
Today we continue our look at that lawsuit filed by the Securities and Exchange Commission against SolarWinds and its CISO for poor disclosure of the company’s cybersecurity issues. As unsettling as this case might be for compliance and audit professionals, is it really a ground-breaking moment in securities enforcement? Perhaps not. Let’s first appreciate what…
Read More