go to sections menu

Solar Winds and the law, who is at fault if multiple parties are at play? from blog The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: article commentary > Solar Winds and the law, who is at fault if multiple parties are at play?

Go to Homepage, contents or to navigation menu



Solar Winds and the law, who is at fault if multiple parties are at play?

I honestly do not know if I published thoughts or even talked about the legal problems that may be coming out because of the Solar Winds fiasco of 2020.

As we turn the page in the new year, I’m hoping that we get a handle on this breach, give proper attribution, find a way to get the people involved in this breach in some kind of trouble and find a way to do a much better job at protecting ourselves.

In November, Home Depot settled for the 2014 breach that occurred that was not impressive for its time.

The article says in part:

As Congress, federal government departments and corporations reckon with the vast sweep of the SolarWinds breach, there are still many more questions than
answers. Fewer pieces of it are less certain than how it might play out in court, where companies and individuals alike stand to gain or lose. Many millions
of dollars, corporate blame and years of finger-pointing are on the line.

That’s because the targets — government agencies, and some major companies — aren’t the usual kind of victims, nor has anyone yet figured out the full
scope of the damage and where the blame fully lies.

In this case, legal experts say, the winners and losers are especially hard to predict.

“I think it’ll be a few more months, if not years, until we really understand all the legal theories people are going to try,” said David Springer, an
attorney at Bracewell for companies responding to cybersecurity incidents.

We aren’t sure who is going to win or lose in this, and it may even take more time to figure out what is going on.

In the next Security Box, episode 26, we will play throughout the program two segments from two Security Now programs where Steve catches up the listeners on what is going on.

You can definitely search Solar Winds and find my three part massive series and thoughts dealing with the massive breach, and as we turn the page, we’ll more than likely learn more about what this breach has done to this security landscape.

As I recently blogged during the holiday break Crowd Strike was targeted but yet was the beginning of the bigger problem. I also recently blogged about the former employee telling the company that a breach was possible, and the company did absolutely nothing. That is absolutely uncalled for in this day and age, especially when lawmakers and regulaters come knocking with letters asking questions.

One of the paragraphs says:

“We’re getting into fourth and fifth and sixth party risk,” said Nate Smolenski, Corvus Insurance’s chief information security officer. “This is where
all the scary stuff happens.”

4th, 5th and 6th party problems? If this is true, than the article I read and published just recently and relinked here is wrong, because of the fact that the company did everything right! I don’t hardly believe that, and I don’t buy it.

There are several headings:

    Calm before the legal storm

  • The regulatory picture

and the article was quite interesting to read just the same. The article is entitled SolarWinds hack spotlights a thorny legal problem: Who to blame for espionage? and I hope that people get a good read out of this. This is more than not ending any time soon, and the new year will bring more news of all of this. Thoughts?>


Informazioni sull'articolo

Solar Winds and the law, who is at fault if multiple parties are at play? was released on January 4, 2021 at 12:00 pm by tech in article commentary.
Last modified: January 4, 2021.


Comments (0)

No comments yet.

Leave a comment

You must be logged in to post a comment.

go to sections menu


navigation menu

go to sections menu