CISA shifting focus to monitoring the insides of networks for cyberthreats
Intrusion detection systems like EINSTEIN were never designed to stop supply chain attacks and need to be supplemented, said CISA's acting director.
SolarWinds’ federal footprint is large, and compromise is a ‘nightmare scenario’ for affected agencies
Only three agencies have reported breaches, but 32 are known to have used the software at some point since 2006. And contract records aren't the most accurate.