According to Gartner, "The SolarWinds supply chain attackers utilized the most advanced tool tactics and techniques to achieve their goals. Security and risk management leaders to understand the implications of the attack and improve their defenses. Example top lessons learned include:
- Even the most security-focused organizations can be breached.
- Privileged service account tools must be monitored.
- Developer’s are a key target of advanced attackers and can no longer be excluded from endpoint protection policies.
- Privileged access management (PAM) tools should be used to protect privileged access."
*Gartner, "Top 10 Lessons Learned From the SolarWinds Attack," 17 February 2021. Peter Firstbrook