SolarWinds: One Interesting Message

December 28, 2020

I read “Wave of Cyberattacks Exposes the Powerlessness of IT Security Chiefs.” With all the hoohah about cyber superiority from government officials and commercial enterprises, one troubling fact is clear: If the advanced systems could not detect the attack nor could top secret security systems monitoring possible bad actors, the defensive and alerting methods are broken. The write up points out security focuses on a wide spread weak link:

Splunk, a U.S. company, publishes an annual list of “10 things that keeps CISOs up at night,” and this year’s includes the expanded “attack surface” created by the growing use of the internet of things (web-connected devices) and the growing use of cloud computing, “malicious insiders” and the “alert fatigue” resulting from so many layers of data security inside a big organization. But apart from that, Splunk notes the lack of money to ensure data security. “CISOs continue to face challenges in securing substantial budgets, largely because they have difficulty forecasting threats and achieving measurable results from security investments…
He said 66% of  CISOs surveyed said they didn’t have adequate staff. Others cited increasingly onerous regulations and their lack of access to top management.

Something in the cyber security establishment enables breaches.

Stephen E Arnold, December 28, 2020

Comments

Comments are closed.

  • Archives

  • Recent Posts

  • Meta