Daily Stuntz — Recommended SolarWinds Incident Post
Like many folks working in cybersecurity, I am watching and learning about the SolarWinds incident. Also, like many of the folks I talk to I am not optimistic about responses and long term strategy around it. I hope I am proven wrong, but I doubt it. Rather than a post that is just me saying this is hard in various ways, Dr. Herb Lin from Stanford put out a really thoughtful post I will just link to — https://www.lawfareblog.com/reflections-solarwinds-breach
Having worked in government during and after the OPM incident and response effort there were a lot of good intentions and even some real if limited progress (multi-factor authentication rates come to mind). I am sure the current career folks and the incoming Biden team have a few options in mind and sadly we all must hope and accept that some small progress gets mad but that incidents will continue to happen.