8 ways organizations are responding to recent high-profile cyberbreaches

Troy La Huis
| 12/15/2020
8 ways organizations are responding to recent high-profile cyberbreaches

A recently revealed backdoor reinforces the importance of vigilant cybersecurity steps organizations should take to mitigate risk.

Nearly 18,000 organizations might be directly affected by the recently announced SolarWinds Orion backdoor, “SUNBURST.” Organizations that are affected should identify the necessary steps to secure their use of the Orion Platform. 

Many more organizations are reminded that cybersecurity is ever changing to address increasing risk. Like you, over the past few days we have talked with our friends and colleagues about how they are responding to this latest series of events.  

Sign up to receive the latest cybersecurity insights on identifying threats, managing risk, and strengthening your organization’s security posture.

In our conversations with your peers, we are learning what others are doing during this period of even more heightened awareness of our security vulnerability. Those activities include:  

  1. Determining and remediating direct and indirect exposure to the SolarWinds Orion backdoor.
  2. Performing compromise assessments to identify existing network vulnerabilities undetected by current security controls. 
  3. Meeting with executive management and boards to address the potential impact of recent events and discuss possible needs for additional security controls. 
  4. Conducting an inventory of third parties that provide hardware and software to make sure that known security vulnerabilities are addressed and confirming that all patches are applied or unapplied patch risk is managed. 
  5. Assessing the criticality of third parties that have access to your network, sensitive data, and supply chain; identifying the critical third parties; performing a security risk assessment; and remediating issues that exceed the organization’s risk appetite. 
  6. Creating business continuity plans for key application and hardware security controls.
  7. Performing emergency tabletop exercises to address the loss or compromise of a key application, hardware security controls, or outsourced security managed service.
  8. Maintaining vigilance on recent events by developing a trusted, curated list of sources to reference on a daily basis. Such sources include: 

If you would like to contribute to this dialogue and share your actions, please contact Troy La Huis at +1 616 233 5571 or troy.lahuis@crowe.com.

Stay informed on the latest in cybersecurity

Subscribe to Cybersecurity Watch