The past 12 months have seen an increase in cybersecurity attacks against major companies, placing data breaches on the front page of virtually every major newspaper. The U.S. government has taken notice. In May, the Biden administration issued an executive order requiring government agencies and certain government contractors to comply with cybersecurity requirements. In July, the U.S. Cybersecurity and Information Security Agency launched the Stop Ransomware website, to provide resources for companies addressing the recent increase in ransomware attacks. The Securities and Exchange Commission (SEC) similarly has ramped up its focus on cyber threats, identifying “Information Security and Operational Resiliency” as one of its 2021 Examination Priorities.
At the same time, the attack on SolarWinds’ Orion network monitoring software discovered in December 2020 made the 18,000 organizations utilizing their affected security software products all too aware of the risks. Russian state-sponsored cyber attackers allegedly used a routine software update in…
