In his first public communication since becoming CEO of SolarWinds, Sudhakar Ramakrishna disclosed three cybersecurity priorities for the IT management software provider.
Following the high-profile SolarWinds Orion security breach, the company is now seeking to evolve into a business that is "Secure by Design," Ramakrishna said in a blog post. That effort, he says, involves three security priorities:
- Further securing SolarWinds' internal environment;
- Enhancing SolarWinds' product development environment; and
- Ensuring the security and integrity of the products SolarWinds delivers.
Those efforts include hiring former CISA leader Chris Krebs and former Facebook Chief Security Officer Alex Stamos as consultants, a SolarWinds spokesperson confirmed to Reuters.
SolarWinde CEO Sudhakar Ramakrishna: Key Statements
Without mentioning Krebs or Stamos by name, Ramakrishna wrote:
"We have engaged several leading cybersecurity experts to assist us in this journey and I commit to being transparent with our customers, our government partners, and the general public in both the near-term and long-term about our security enhancements to ensure we maintain what’s most important to us – your trust."
"We expect these efforts and plans to guide our journey to becoming an even safer and more secure company, and we understand that there is much more work to be done. In the coming weeks, we will plan to share further plans and programs that we believe will help us achieve that goal."
SolarWinds CEO Transition, MSP Business Spin-Out
The SolarWinds Orion vulnerabilities triggered breaches at multiple businesses and government organizations. Software from the SolarWinds MSP business — to be spun out as N-able later this year — was not involved in the security incident.
Sudhakar Ramakrishna officially succeeded Kevin Thompson as SolarWinds CEO earlier this week. He joined SolarWinds as part of an established executive transition plan that was outlined before the hack was discovered.