29JUL – SolarWinds Supply Chain Hack Explained

David Pitts, ciso

Monthly Chapter presentation by David Pitts, CISO of Business Integra

To attend, register for the online Zoom meeting here. When available, his slides will be posted here.

David Pitts has done exhaustive research into the publicly available information on the SolarWinds hackers. He will present an overview of their hack, looking at how they compromised Solar Winds in order to establish a supply chain compromise of a number of high value corporate and government targets. The presentation will look at the tools they used, how they hid, and how they compromised certificates and other safeguards to breach Solar Winds’ customers. The presentation ties specific technical tools and exploits to types of business risks of which organizations must be aware and prepared.

About our presenter

David Pitts is currently CISO of Bethesda-based Business Integra, where he oversees his firm’s cybersecurity posture and policies. David has a strong passion for cybdersecurity. He earned his MS in Information Science at Phoenix University in 11 months with a 3.97 GPA. He authored nine books and holds a variety of certifications including PMP, CIPP, CISSP, and GSNA. After earning his masters, David held a number of IT and cybersecurity positions in DC-area firms. He also volunteers within the cyber community, working on presentations such as this one that pull together the technical and policy highlights of a crucial incident or issue to help his colleagues implement meaningful policies in a meaningful way.