SolarWinds, a leading provider of simple, powerful, secure
observability and IT management software, commemorates Cybersecurity
Awareness Month by highlighting the software industry's progress toward
becoming more Secure By Design. Informed by years of experience from
industry-leading cybersecurity experts, the SolarWinds Secure by Design
initiative is a gold-plated cybersecurity approach to software build
systems and processes that set a new standard in software supply chain
security.
SolarWinds developed Secure By Design to address the evolving threat of
highly sophisticated and unforeseeable cyberattacks, including those by
advanced nation-state threat actors. As a guiding principle for software
security and cyber resiliency, Secure By Design provides an effective
and novel defense for thwarting advanced supply chain cyber threats.
With a focus on creating more secure environments, the SolarWinds Secure
By Design guiding principles were designed to make both the company and
the software industry at large safer.
"Security is an ongoing journey with no finish line but, as we reflect
on the past year, it's clear we've made great progress on the journey
towards a Secure by Design industry," said Sudhakar Ramakrishna, CEO and
President of SolarWinds. "The increasing frequency and sophistication
of cyber threats demand a collective response from the cybersecurity
community. It is our shared responsibility to come together,
collaborate, and innovate to build a more secure future for all."
The past year has seen significant advancement of the adoption and
implementation of a more Secure By Design approach, including new
community approaches to support cyber resiliency, more secure software
build systems, improved information sharing about threats across the
industry, and a stronger cyber workforce.
Building Out a Community Approach to Support Cyber Resiliency
This year marks the 20th annual Cybersecurity Awareness Month, in which
the President of the United States and Congress dedicate time to work
together with the public and private sectors to raise awareness about
the importance of cybersecurity. SolarWinds has continually called for
transparent and open information sharing across the industry and more
robust public-private partnerships to combat increasingly sophisticated
nation-state cyberattacks.
SolarWinds recently hosted a panel discussion
in Washington, D.C., highlighting several key ways to help the industry
stay secure. Ramakrishna was joined by Congressman Darrell Issa (R-CA),
Congressman Raja Krishnamoorthi (D-IL), and CISA Executive Assistant
Director for Cybersecurity Eric Goldstein for a conversation on why
stronger public-private partnerships are needed to enhance the security
of the nation's cyberinfrastructure.
Additionally, SolarWinds will be in attendance at GovWare 2023,
joined by more than ten thousand other policymakers, tech innovators,
and end-users. This year's theme, "Fostering Trust Through Collaboration
in the New Digital Reality," aims to address the significant link
between digital trust and achieving success in today's cyberspace.
Developing A Resilient Build Environment with The Next-Generation Build System
The SolarWinds Next-Generation Build System,
a key component of the company's Secure By Design approach, leverages a
unique parallel build process where software is developed in multiple
secure, duplicate, and ephemeral environments. First unveiled by
SolarWinds last year, the Next-Generation Build System was developed to
make supply chain attacks more difficult to execute by prioritizing
cybersecurity throughout the entire lifecycle management process.
As SolarWinds recently announced, the Next-Generation Build System meets or exceeds the Secure Software Development Framework (SSDF) updated last year by The National Institute of Standards and Technology (NIST).
The build system's alignment with SSDF and CISA's Enduring Security
Framework has been a continued driver encouraging more organizations to
become Secure By Design.
The SolarWinds Next-Generation Build System has received multiple industry recognitions this year, including the CSO50 Award for IT Infrastructure Monitoring and Management, the BIG Innovation Fortress Cyber Security Award and recognition from the Cloud Security Awards.
Additionally, SolarWinds Chief Information Security Officer and VP of
Security Tim Brown, who has spearheaded the ongoing development of the
Next-Generation Build System, was named CISO of the Year by the Globee Cybersecurity Awards.
Improving Security Through a Stronger Cyber Workforce
This year, the industry has prioritized growing the cybersecurity workforce, a critical mission as more than 3.4 million positions
in the field remain unfilled. The White House recently unveiled a
first-of-its-kind National Cyber Workforce and Education Strategy to
address both immediate and long-term cyber workforce needs. Alongside
this announcement, the U.S. National Science Foundation CyberCorps Scholarship for Service
program will provide more than $24 million over the next four years to
support the development of a stronger cybersecurity workforce.
SolarWinds has long advocated additional resources for skill and
vocational training. The company has taken on a leadership role in this
regard, encouraging software companies to allocate the equivalent of one
trained, full-time employee to support CISA and foster
information-sharing between companies and government agencies. This
collaboration across sectors is necessary to create unified best
practices and develop shared threat intelligence.
For more information on the SolarWinds Secure By Design initiative, please visit: https://www.solarwinds.com/trust-center