SmallSat Alliance hires Microsoft’s Angel Smith as executive director, succeeding Steve Nixon, co-founder who remains as strategic adviser ... Digital services firm Orion Innovation appoints Cyrus Lam, ex-CDI, as CFO ... Data recovery company Clumio adds Jillian Souza, ex-BigPanda, as chief people officer and Carol Hague, previously Salesloft, as vice president-marketing ... Family Entertainment Television appoints Christine Carbia, ex-E.W. Scripps, as vice president-national sales ... Technology distribution company Graybar promotes Jason Casey to vice president-distribution operations ... Brillio names Melissa Bethell, previously Bain Capital, to board ... Technology platform company Lightwave Logic appoints consultant Yves LeMaitre, ex-Luna Innovations, to board, effective Aug. 1.
FCC staff changes: Office of Internal Affairs’ Nese Guendelsberger moves to acting legal adviser-wireless to Commissioner Geoffrey Starks, succeeding Shiva Goel (see 2404250030 and 2404240059); Marco Peraza, wireline adviser to Commissioner Nathan Simington, leaves to become attorney adviser to FTC Commissioner Andrew Ferguson; and Darryl Cooper of the Disability Rights Office and Pamela Smith of the Office of General Counsel, retiring … Shutts & Bowen hires Patricia Flanagan, ex-Fox Rothschild, as partner-trademark and copyright.
Cyber notification requirements are a legislative priority, said House Homeland Security Committee Chairman Bennie Thompson, D-Miss., and ranking member John Katko, R-N.Y., Friday during a virtual hearing on the SolarWinds breach. They echoed interest from Senate Intelligence Committee Chairman Mark Warner, D-Va., Sen. Susan Collins, R-Maine, and Sen. John Cornyn, R-Texas, at a hearing earlier in the week (see 2102230064).
SolarWinds CEO Sudhakar Ramakrishna will testify Friday about the company’s recent breach, the House Oversight and Homeland Security committees announced Monday (see 2102180043). Microsoft President Brad Smith, FireEye CEO Kevin Mandia and ex-SolarWinds CEO Kevin Thompson will also testify. The vulnerability that enabled the breach exists in “every company, so what happened to us can happen to any software developer in the world,” Ramakrishna told a Center for Strategic and International Studies event Monday. The attacker was able to inject malware into Orion software code in a narrow way that went undetectable, so SolarWinds delivered and signed it, he said: “The ability for our bill systems to identify that did not exist.” Ramakrishna “came to know” about the breach around Dec. 13-14, when he wasn’t officially an employee, he said. He noted the attackers used older software releases as test beds. He said SolarWinds is working with third parties to understand the breadth, depth of the sophistication and patience of the attackers. SolarWinds is working with the Cybersecurity and Infrastructure Security Agency and the National Institute of Standards and Technology on potential generalized best practices, he said. He suggested the U.S. government should have one agency for companies to inform and brief about incidents, because having multiple points of contact results in wasted time and effort.
SolarWinds CEO Sudhakar Ramakrishna will testify before the Senate Intelligence Committee Tuesday during a hearing on the Russian government-sponsored hack of his company's Orion software (see 2102100059), Chairman Mark Warner, D-Va., announced Thursday. Microsoft President Brad Smith, FireEye CEO Kevin Mandia and CrowdStrike CEO George Kurtz will also testify during a hybrid hearing in 106 Dirksen. The SolarWinds breach prompted Smith to use his CES 2021 keynote last month to urge tech industry and government action to write new cybersecurity “rules of the road" (see 2101130028).
The Russian government-sponsored hack of SolarWinds Orion software used for network management systems (see 2012170050) “highlights the necessity for companies to be vigilant in terms of how they think about security,” CrowdStrike Chief Financial Officer Burt Podbere told a Needham investor conference virtually Thursday. The breach puts corporate chief information security officers on the hot seat with their boards, he said: “They’d better have good answers, and they’d better have tested the solutions out there.” SolarWinds again puts security “front and center,” and highlights “the sophistication of the bad actors,” he said. Security awareness “shot through the roof” due to the hack, but “it's really too early to tell the impact on that in terms of customer spend” on new or improved cybersecurity solutions, he said.
President-elect Joe Biden’s proposal for an initial COVID-19 aid package during his administration contains no money specifically set aside for broadband buildouts, though it includes connectivity assistance. He appeared to presage a larger-scale broadband funding request during a Thursday speech. Biden said his planned “second step,” which he will propose to Congress next month, will include “historic investments” in infrastructure. “It’s time to stop talking about infrastructure and finally start building it,” after President Donald Trump’s administration failed to translate interest in the issue into results over the last four years, Biden said. He intimated the proposal would mirror those he unveiled during the presidential campaign that suggested $2 trillion in infrastructure spending, including to allow for “universal” access to broadband and 5G (see 2007140065). Congress allocated almost $7 billion last month for broadband in an FY 2021 appropriations and COVID-19 aid omnibus measure (see 2012210055). Biden’s initial aid tranche urges Congress to “give Tribes the resources they need” to “expand internet access so that children can learn remotely and more families can obtain basic health care through telemedicine.” Biden also seeks $1 billion in Temporary Assistance to Needy Families funding, citing “increased TANF caseloads” amid the pandemic that include “the need for internet access for remote schooling.” The plan proposes additional funding to improve federal IT security, citing Russian government-sponsored hackers’ penetration of federal cyber defenses via vulnerabilities in SolarWinds Orion software (see 2012170050). The proposed outlays include $9 billion for technology modernization fund expansion and $690 million for the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency.
The Russian government-sponsored hack of SolarWinds Orion software used for network management systems (see 2012170050) prompted Microsoft President Brad Smith to use his prerecorded CES 2021 keynote Wednesday to urge tech industry action to write new cybersecurity “rules of the road.” World governments “have spied on each other for centuries,” said Smith. “But we’ve long lived in a world where there were norms and rules that created expectations about what was appropriate and what was not, and what happened with SolarWinds was not.” The breach amounted to a “mass, indiscriminate global assault on the technology supply chain that all of us are responsible for protecting,” said Smith. The attack distributed 18,000 “packages” of malware on network infrastructures globally, he said. “It is a danger that the world cannot afford.” The tech industry needs to use “our collective voice to say to every government around the world that this kind of supply chain disruption is not something that any government or any company should be allowed to pursue,” he said. “I hope we’ll come out of this CES and move forward with this as one of our clarion calls for the future.”
President-elect Joe Biden said Thursday his incoming administration “will make cybersecurity a top priority at every level of government,” after Russian government-sponsored hackers breached several federal government agencies, including the departments of Agriculture, Commerce and Homeland Security. The House Homeland Security and Oversight committees launched an investigation into the breach, in which hackers penetrated federal cyber defenses via vulnerabilities in SolarWinds Orion software used for network management systems. DHS’ Cybersecurity and Infrastructure Security Agency directed all agencies to disconnect the software.
CommScope and Google are working together to launch Orion Wifi, which targets carrier offload. “Carrier Wi-Fi offload in public venues can be frustrating for consumers and even more so for venue managers and owners as they negotiate rates and try to solve roaming,” said Pramod Badjate, senior vice president-CommScope’s Ruckus Tuesday.