How SolarWinds Responded to the 2020 SUNBURST Cyberattack

In December of 2020, SolarWinds learned that they had fallen victim to hackers. Unknown actors had inserted malware called SUNBURST into a software update, potentially granting hackers access to thousands of its customers’ data, including government agencies across the globe and the US military. General Counsel Jason Bliss needed to orchestrate the company’s response without knowing how many of its 300,000 customers had been affected, or how severely. What’s more, the existing CEO was scheduled to step down and incoming CEO Sudhakar Ramakrishna had yet to come on board. Bliss needed to immediately communicate the company’s action plan with customers and the media. In this episode of Cold Call, Harvard Business School Professor Frank Nagle discusses SolarWinds’ response to this supply chain attack in the case, “SolarWinds Confronts SUNBURST.”