SolarWinds Cyberattack: Lessons Learned

Hosted by Marsh, Marsh McLennan Agency, Oliver Wyman, and Guy Carpenter

Date: Apr 08, 2021


The cyberattack on SolarWinds, a US information technology company, underscores the potential vulnerability of every organization and highlights the importance that companies have structures in place to quickly respond and start the remediation process.

Speaking during a recent Marsh webinar, SolarWinds CEO Sudhakar Ramakrishna highlighted the importance of the insurance industry rewarding transparency among organizations that are the subject of cyberattacks. The focus should be on prevention by proliferating best practices and providing forums for companies that experience an attack to share their experience.

The unique and sophisticated cyberattack saw the company start taking remedial actions even while investigations are still underway. A crucial step was involving SolarWinds’ cyber insurer and its brokers at Marsh immediately, said Jason Bliss, chief administrative officer and general counsel for SolarWinds. This enabled SolarWinds to understand the scope of additional services — beyond the coverage itself — that were available via the company’s cyber insurance policy.

During the webinar, Messrs. Ramakrishna and Bliss shared information about the unique attack, how it affected SolarWinds and its supply chain, and the actions the company took — and is still taking — to remediate and improve its security.

They also noted that cyber breaches will continue to happen. “If a nation-state attacker wants to compromise your network or assets, it’s going to be a matter of when — and not if,” Mr. Ramakrishna said. But companies can take action.

Watch the replay to learn more about the steps taken by SolarWinds in the wake of the attack.

Webinar Replay