SolarWinds (NYSE:SWI), a leading provider of simple, powerful, secure observability and IT management software, commemorates Cybersecurity Awareness Month by highlighting the software industry’s progress toward becoming more Secure By Design. Informed by years of experience from industry-leading cybersecurity experts, the SolarWinds Secure by Design initiative is a gold-plated cybersecurity approach to software build systems and processes that set a new standard in software supply chain security.
SolarWinds developed Secure By Design to address the evolving threat of highly sophisticated and unforeseeable cyberattacks, including those by advanced nation-state threat actors. As a guiding principle for software security and cyber resiliency, Secure By Design provides an effective and novel defense for thwarting advanced supply chain cyber threats. With a focus on creating more secure environments, the SolarWinds Secure By Design guiding principles were designed to make both the company and the software industry at large safer.
“Security is an ongoing journey with no finish line but, as we reflect on the past year, it’s clear we’ve made great progress on the journey towards a Secure by Design industry,” said Sudhakar Ramakrishna, CEO and President of SolarWinds. “The increasing frequency and sophistication of cyber threats demand a collective response from the cybersecurity community. It is our shared responsibility to come together, collaborate, and innovate to build a more secure future for all.”
The past year has seen significant advancement of the adoption and implementation of a more Secure By Design approach, including new community approaches to support cyber resiliency, more secure software build systems, improved information sharing about threats across the industry, and a stronger cyber workforce.
Building Out a Community Approach to Support Cyber Resiliency
This year marks the 20th annual Cybersecurity Awareness Month, in which the President of the United States and Congress dedicate time to work together with the public and private sectors to raise awareness about the importance of cybersecurity. SolarWinds has continually called for transparent and open information sharing across the industry and more robust public-private partnerships to combat increasingly sophisticated nation-state cyberattacks.
SolarWinds recently hosted a panel discussion in Washington, D.C., highlighting several key ways to help the industry stay secure. Ramakrishna was joined by Congressman Darrell Issa (R-CA), Congressman Raja Krishnamoorthi (D-IL), and CISA Executive Assistant Director for Cybersecurity Eric Goldstein for a conversation on why stronger public-private partnerships are needed to enhance the security of the nation’s cyberinfrastructure.
Additionally, SolarWinds will be in attendance at GovWare 2023, joined by more than ten thousand other policymakers, tech innovators, and end-users. This year’s theme, “Fostering Trust Through Collaboration in the New Digital Reality,” aims to address the significant link between digital trust and achieving success in today’s cyberspace.
Developing A Resilient Build Environment with The Next-Generation Build System
The SolarWinds Next-Generation Build System, a key component of the company’s Secure By Design approach, leverages a unique parallel build process where software is developed in multiple secure, duplicate, and ephemeral environments. First unveiled by SolarWinds last year, the Next-Generation Build System was developed to make supply chain attacks more difficult to execute by prioritizing cybersecurity throughout the entire lifecycle management process.
As SolarWinds recently announced, the Next-Generation Build System meets or exceeds the Secure Software Development Framework (SSDF) updated last year by The National Institute of Standards and Technology (NIST®). The build system’s alignment with SSDF and CISA’s Enduring Security Framework has been a continued driver encouraging more organizations to become Secure By Design.
The SolarWinds Next-Generation Build System has received multiple industry recognitions this year, including the CSO50 Award for IT Infrastructure Monitoring and Management, the BIG Innovation Fortress Cyber Security Award and recognition from the Cloud Security Awards. Additionally, SolarWinds Chief Information Security Officer and VP of Security Tim Brown, who has spearheaded the ongoing development of the Next-Generation Build System, was named CISO of the Year by the Globee® Cybersecurity Awards.
Improving Security Through a Stronger Cyber Workforce
This year, the industry has prioritized growing the cybersecurity workforce, a critical mission as more than 3.4 million positions in the field remain unfilled. The White House recently unveiled a first-of-its-kind National Cyber Workforce and Education Strategy to address both immediate and long-term cyber workforce needs. Alongside this announcement, the U.S. National Science Foundation CyberCorps® Scholarship for Service program will provide more than $24 million over the next four years to support the development of a stronger cybersecurity workforce.
SolarWinds has long advocated additional resources for skill and vocational training. The company has taken on a leadership role in this regard, encouraging software companies to allocate the equivalent of one trained, full-time employee to support CISA and foster information-sharing between companies and government agencies. This collaboration across sectors is necessary to create unified best practices and develop shared threat intelligence.