Security Staff Acquisition & Development, Channel partners, Content

SolarWinds Hires Krebs, Stamos as Cybersecurity Consultants After Orion Hack

Alex Stamos, former chief security officer, Facebook
Alex Stamos, former chief security officer, Facebook
Chris Krebs, former director, CISA

SolarWinds has hired former CISA leader Chris Krebs and former Facebook Chief Security Officer Alex Stamos as consultants to assist with the SolarWinds Orion hack investigation, cleanup and best security practices.

SolarWinds confirmed the hires in an email to Reuters.

The cybersecurity consulting hires arrive the same week that new SolarWinds CEO Sudhakar Ramakrishna officially succeeded Kevin Thompson as part of an established executive transition plan that was outlined before the hack was discovered. In his first public communication as SolarWinds CEO, Ramakrishna outlined three security priorities for IT management software company.

Krebs, Stamos: Cybersecurity Backgrounds

Sudhakar Ramakrishna, CEO, SolarWinds

Krebs previously led the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Krebs was in charge of election security -- and widely praised for his work by third-party election watchers -- before President Trump fired him in November. Trump alleged the election was filled with fraud, but offered no evidence to back up the claims.

Meanwhile, Stamos previously helped Facebook to identify how hackers could use social media to attack elections. He left Facebook following a disagreement with other executives about how to address Russia's use of social media to spread disinformation, according to The New York Times.

The SolarWinds Orion vulnerabilities triggered breaches at multiple businesses and government organizations. Software from the SolarWinds MSP business -- to be spun out as N-able later this year -- was not involved in the security incident.

Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.