New survey says organizations are tightening security with vendors after solar winds hack

The SolarWinds Orion Supply Chain Hack has prompted many organizations to re-think their future relationships with vendors regardless of whether they used the network monitoring suite, a new survey suggests.

DomainTools released a survey of 200 security, IT leaders and corporate executives on Tuesday, stating "vendor and supply chain relationships are likely to undergo permanent changes as new partnerships will be placed under a higher level of scrutiny than before."

So far, 47 percent of the 200 respondents said they would require suppliers to comply with their firm's safety standards - and legally pay attention to that.

Just under 40 percent of their organization implemented increased network segmentation, separating vendor software and equipment into a high-risk area; Just over 24 per cent said they would implement Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) of vendor-supplied software before being used in their environment. Roughly 19 percent said they would end sellers' reliance on relationships with hostile nations, and only 17 percent said they would reduce their dependence on external vendors.

More than 27 percent said the attack did not change their vendor management attitudes. About 20 percent of the respondents said that the SolarWind event directly affected their organization,

The survey selected 200 global security professionals and executives from a range of industries in February. More than half described themselves as a security researcher or analyst, with the other 6.5 percent saying they were threat hunters; 19 percent held the title of IT manager, and 14 percent were either C-suite or vice-president.

SolarWinds believes that about 18,000 users of Orion downloaded an infected update that installed the backdoor. Among them, a very small number were actually hacked. It is estimated that in the US, 100 public and private sector organizations violated security controls.

Asked how the SolarWinds hack affected their organization's current vendor outsourcing strategy, just over 43 percent of respondents said that no active change is planned and are confident in their current vendors. More than 37 percent said they are asking vendors for more detailed safety standards as part of the renovation.

More than 34 percent said they are reevaluating their current vendors with a heavy burden on security. About 15 percent said they are actively switching vendors due to security currency changes. And just over 11 per cent said they are bringing back some outsourced vendors internally due to security concerns.

Just eight percent said they are increasing the use of vendors and outsourcing.

About 21 percent said they were very confident with their visibility into security information or internal processes, with another 50 percent saying they were quite confident.

The US has said that the attackers who came to the SolarWinds Orion update mechanism were "probable" from Russia. In response, the survey asked respondents how much emphasis their organization had against state-sponsored attacks. Only 44 percent said high, about 37 percent said medium and about 19 percent said low.

Eighty percent said attentions are very or very important in attacks. The 51 percent agreed agreement provides context around the types of indicators required for IT to be compromised, while the 45 percent agreed exhibit helps management gain more support for resources when investigating an incident.