SolarWinds breach severity perception increasing over time

(ISC)² has published the results of an online survey of 303 cybersecurity professionals from around the globe in which respondents compared their perception of the severity of the SolarWinds Orion software breach between when it was first reported and several weeks later as more information was revealed.

Respondents also relayed how the breach has impacted their jobs, recommended changes to organizational security practices and provided lessons learned.

The survey seeks to shed light on the complexities of supply chain security by gathering insights directly from cybersecurity practitioners who most often are responsible for mitigating the risk of third party security stacks in their organizations.

An increase in SolarWinds incident severity perception

86% of respondents said they would have rated the breach “very” or “extremely severe” when they first learned about it. However, roughly six weeks after the incident was reported, as more details emerged, the number of respondents who indicated that the breach was “severe” increased from 51% to 55%.

On a scale from 1 to 5, the perception of the severity of the breach also increased over time, from an average of 4.34 initially up to 4.37.

Prompting reviews of security tools and protocols

The incident has prompted reviews of security tools and protocols by many cybersecurity teams. Cybersecurity professionals said they have stepped up activities such as forensic analyses, re-architecting of systems, and making sure all patches are up to date.

Many respondents reported getting questions from their executive teams about their own security protocols, prompting time-consuming due diligence and reporting activities.