
SolarWinds CEO Transition: Key Priorities
Ramakrishna arrives during a critical time for SolarWinds partners and customers.Indeed, it has been roughly three weeks since SolarWinds disclosed the Orion vulnerabilities -- triggering questions from software supply chain partners, customers, government officials and the media. So what are Ramakrishna's first priorities as SolarWinds ($SWI) new CEO? Here are five recommendations from ChannelE2E.1. Reinforce A Single, Centralized, Transparent Version of the Truth: Assess SolarWinds' internal information gathering about the Orion incident. If necessary, take updated steps to ensure the information gathering is rapid, accurate and transparent. Then, drive that information to the SolarWinds Security Advisory webpage -- which describes the vulnerabilities and corrective measures that partners and customers can take. The page is regularly updated about the so-called SUNBURST vulnerability and SUPERNOVA malware. A SolarWinds FAQ about the security advisory also is continually updated. SolarWinds has worked overtime to drive partners and customers to the security advisory web page. But I can't recall if the software company has been telling media -- reporters, bloggers, etc. -- that the Security Advisory page is continually updated with SolarWinds' latest details about the Orion issues and fixes.2. Reconfirm and Reinforce the Attack Timeline: SolarWinds disclosed the Orion attack and vulnerability in an SEC filing on December 14, 2020. That vulnerability disclosure occurred less than one week after SolarWinds publicly named Ramakrishna as the incoming CEO. The vulnerability disclosure also occurred less than one week after various SolarWinds investors sold shares to the Canada Pension Plan Investment Board as part of a planned sale process.Some media reports suggested the timing of the various events -- the stock sales and the vulnerability disclosure -- could trigger an insider trading investigation. SolarWinds, meanwhile, has firmly maintained that SolarWinds and its shareholders had no knowledge of the breach when $SWI shares were sold to the Canada Pension Plan Investment Board. Ramakrishna needs to reconfirm and reinforce SolarWinds' statements about the timeline.

- SolarWinds CEO Kevin Thompson hinted that the SolarWinds MSP business could be called N-able if it was spun off.
- Also, the plan called for SolarWinds MSP President John Pagliuca to continue leading the business spin-off (ultimately, N-able) once it becomes a standalone company.
- "We have a separate and distinct executive leadership team.
- We have independent technical support, partner success, and sales teams, who provide resources and best practices specifically designed to help you best protect and serve your customers.
- Our product and R&D teams have their own leadership, standalone roadmaps, and separate repositories and build environments."
“I am committed to communicating with you early and often, and as of now, there is no new news based on our investigations—SolarWinds MSP products were not impacted. For the latest information, please visit https://www.solarwindsmsp.com/solarwinds-orion-security-advisory.”