(ISC)2 Survey Finds Cybersecurity Professionals Have Increasing Level of Concern About SolarWinds Incident

Clearwater, Fla. (March 29, 2021) — (ISC)2 has published the results of a February 2021 online survey of 303 cybersecurity professionals from around the globe in which respondents compared the severity of the SolarWinds Orion software breach between when it was first reported and several weeks later as more information was revealed. Respondents also relayed how the breach has impacted their jobs, recommended changes to organizational security practices and provided lessons learned. The findings of the survey can be found in a blog post published today: https://blog.isc2.org/isc2_blog/2021/03/survey-cybersecurity-community-increasingly-concerned-about-solarwinds-breach.html

 

The survey seeks to shed light on the complexities of supply chain security by gathering insights directly from cybersecurity practitioners who most often are responsible for mitigating the risk of third party security stacks in their organizations. The results show an uptick in the level of concern these repondents had as more details emerged about the extent of the compromise throughout the month of February, evidenced by the fact that the number of "Extremely Severe" ratings for the breach increased over time within the survey.

 

(ISC)2 will also host a 60-minute webinar tomorrow titled "SolarWinds Fallout Has Execs Asking: How Secure is Our Supply Chain?", where a panel of security practitioners will discuss the (ISC)2 survey data, share their own insights into supply chain security risk management strategies, and answer questions from attendees to apply lessons learned.

 

When: March 30, 2021 at 1:00 p.m. EDT

Who: The panel of be moderated by Brandon Dunlap, managing director, Brightfly, and will include the following security industry practitioners:

  • Thomas Scanlon, CISSP – researcher for the Software Engineering Institute's CERT Division, Carnegie Mellon University
  • Andrew Boyle, CISSP – principal, Booz Allen Hamilton
  • Shawn Harris, CISSP, CISSP-ISSAP, CCSP – Director, Information Security, Strategy, Engagement and Architecture, Starbucks

Where: Register at https://www.isc2.org/News-and-Events/Webinars/Security-Briefing?commid=473104 for this virtual event to watch live or via playback recording.

 

About (ISC)2

(ISC)2 is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP®) certification, (ISC)2 offers a portfolio of credentials that are part of a holistic, pragmatic approach to security. Our membership, more than 150,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation – The Center for Cyber Safety and Education. For more information on (ISC)2, visit www.isc2.org, follow us on Twitter or connect with us on Facebook and LinkedIn.