Hubris Before the Havoc at SolarWinds

In this episode of Cybersecurity (Marketing) Unplugged, Thornton-Trump also discusses:

  • The history of SolarWinds and Ian’s warning;
  • The current threat landscape and our biggest vulnerabilities today;
  • How best to incentivize proper cybersecurity hygiene.

Ian Thornton-Trump is currently CISO at Cyjax and was formerly a security adviser to SolarWinds. He now famously urged the executives back in 2017 to hire a cybersecurity senior director because he thought a major breach was inevitable. Thornton-Trump frequently provides in-depth analysis of current trends in cybercrime as well as identifies the threats of the future. He also teaches cybersecurity and IT business courses for CompTIA as part of their global faculty and is the lead architect for Cyber Titan, Canada’s efforts to encourage the next generation of cyber professionals.

Pride comes before a fall. And that’s exactly what happened at SolarWinds. As Thornton-Trump would describe it, “the internet is full of hubris.”

There was clearly a failure of leadership and a disconnect between the product and corporate security that Thornton-Trump saw when he was advising SolarWinds just a few years ago when he gave his prophetic warning to the company.

Fast-forwarding to today, when addressing how we can prevent more attacks like the SolarWinds and Accellion breaches from happening, he would put the emphasis on brand trust:

Because when security fails, it’s not about the product anymore. It’s about the trust of the brand. And the more people that can understand that, that’s what we need in terms of senior leadership.