I’m kinda tired of all the, “Solarwinds had poor infosec policy and executive buy in” takes. Not because evidence doesn’t show that they absolutely did.

Because most product companies that size also do, and nobody seems to be recognizing those same flaws in themselves.
This case should be a big “come to Jesus” moment for a majority of product vendor companies that skimp on security budgets and don’t give security a reasonable priority up to the executive level, but all I see is schadenfreude.
(Or I see the same jaded infosec individual contributions at those companies complaining nothing has changed in back channels.)
It’s easier to lampoon and pile on than to introspect.
You can follow @hacks4pancakes.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
Those who think consciousness raising & movement building are disconnected, or even a distraction from electoral politics have not paid attention to the history of social change.In this thread, we
Read more
The 2020s will be known as the Remote Work decadeA few predictions of what is likely to emerge[ a thread ] Third Space: Office and Working from Home will
Read more
1/29: Have you ever had a concept explained to you that helps frame complex issues you’ve been wrestling with and opens your eyes to new possibilities? A concept that I
Read more
By continuing to use the site, you are consenting to the use of cookies as explained in our Cookie Policy to improve your experience.