SolarWinds Hack Proves ‘No Finish Line With Security’: Ahead President

‘It’s requiring our customers to continually look at their security policies and understand there’s no finish line for security. Security is always going to be a continual process,’ says Stephen Ayoub, president of Ahead.

The massive SolarWinds hack that allowed Russian hackers to gain access to a slew of customer and vendor information proves that there is no “finish line” to any organization’s cybersecurity strategy, said Stephen Ayoub, president of solution provider powerhouse Ahead.

“There is no end point with security. There is no finish line with security,” said Ayoub, whose fast-growing company ranks No. 36 on CRN’s 2020 Solution Provider 500 list. “This is just another reminder to all of our clients that security will be a continually evolving risk which the CISO [Chief Information Security Officer] is going to have to always address. It’s really about always trying to stay as current as you possibly can. The SolarWinds breach really highlighted that.”

The SolarWinds hack, which U.S. federal officials confirmed this month was carried out by a Russian Advanced Persistent Threat group for intelligence-gathering purposes, has caused many Ahead customers to reevaluate their security strategy and environment. The massive breach also shows the ever-growing importance that channel partners are playing in the security world.

[Related: Microsoft President Brad Smith: SolarWinds Attack Violated ‘Norms And Rule’ Of Government Activities]

“We work with the leading security providers to make sure we not only address product, but process and policy to ensure that our clients have an end-to-end security strategy,” said Ayoub (pictured). “Because security has so many different layers, there’s no single product or single solution that can solve all aspects of security. It’s more important now than ever for companies like Ahead to engage with our clients to help build a security strategy.”

Many IT leaders across the board are echoing similar strategies regarding the SolarWinds hack.

At The Channel Company’s Best of Breed Virtual Series yesterday, Sophos CEO Kris Hagerman said the hack underscores the need for partners and customers to think beyond internal security and consider supply chain risk.

Hagerman said the SolarWinds hack will force every channel partner to be security literate and security aware regardless if they sell cybersecurity products. Sophos’ CEO said it’s clear that the attackers not only used vendors like SolarWinds but also compromised Microsoft channel partners and leveraged them as a vessel to attack their customers.

“You cannot think about your security only in the context of, ‘How well am I secured?’” Hagerman said. “You’ve got to go beyond that to say, ‘How well am I secured and how well am I securing everything that I connect to?’ I mean, it’s a daunting undertaking.”

Ahead is looking to continue to double down on security investments in 2021 knowing that a customer breach could always be lurking right around the corner. The Chicago-based solution provider has expanded its cybersecurity practice significantly over the past two years through several channel M&A’s such as Data Blue, Sovereign Systems, Link, Platform Consulting, Kovarus and RoundTower Technologies.

“The SolarWinds breach caused lot of our customers to reevaluate their security strategy and work to find solutions to remediate as soon as possible,” said Ayoub. “It’s requiring our customers to continually look at their security policies and understand there’s no finish line for security. Security is always going to be a continual process.”