Responding to digital challenges with continuous innovation
On Saturday 12 December 2020, US software company Solarwinds reported it had been victim of a state-sponsored cyberattack. The breach, one of the most sophisticated in cybersecurity history, affected the corporation’s Orion network management system and had important consequences for the hundreds of thousands of customers of the technology giant.
Amid the gravity of the incident, Solarwinds President and CEO, Sudhakar Ramakrishna, knew that what the company needed do was to admit to the breach and update customers and the market regularly.
“The key thing was that Sudhakar decided not to batten down the hatches and hope this would go away,” says Charles Damerell, Senior Director for the UK and Ireland at Solarwinds. “No - he publicly announced that the attack had occurred and then put the spotlight on the subsequent corrective actions undertaken.”
Damerell adds that for many large enterprise software vendors, this was considered an unusual move. In the highly litigious environment of US business, the minute you disclose such a serious incident, “you get a lot of attention”. “But Sudhakar was not only committed to say ‘look, this is what has happened’. He also committed to share the results of the investigation and enhancements with everyone, including some of our competitors.”
As part of the investigation and revised security strategy, Solarwinds brought in two of the most notable cybersecurity executives from public and private sectors, namely Christopher Krebs, former Director of the Cybersecurity and Infrastructure Security Agency in the US Department of Homeland Security, and Facebook’s former CISO, Alex Stamos.
“In addition to these changes we made during 2021 to our security posture, we also drove an incredible speed of innovation from a product point of view,” says Damerell. “The whole idea was that we were doing something really well before the breach, and so how could we raise that bar and offer something more?”
Don’t stop innovating
Damerell believes that this combination of transparency and continuous innovation positions Solarwinds in a unique position when working with government organisations. No company, regardless of its cybersecurity investment, is immune to a cyberattack. At the time of the breach, Solarwinds was spending in cybersecurity around 120% above the industry average. The differentiator is how you respond to it.
During the recent Government Transformation Summit, Damerell had the chance to listen to Senior Civil Servants talk through some of their biggest challenges when it comes to transforming performance, including technical legacy and service delivery. Solarwinds has experience working across the UK government, with some of its clients including the Ministry of Defence, the Maritime and Coastguard Agency and the Home Office.
Although each organisation has its specific challenges, Damerell heard that technology legacy, or debt, is a common theme among all of them.
“Any medium or large government organisation that has been around for a long time is going to have a certain level of technical debt,” Damerell says. “For many of the larger government organisations that we work with, we also see that they engaged 10 years ago in public finance initiatives. That kind of period is a long time ago in an IT environment.”
There was a keynote presentation during the Summit that particularly resonated with Damerell. Gina Gill, Chief Digital and Information Officer at the Ministry of Justice, spoke about how her organisation is transforming its operations to support a world-class justice system that works for every citizen and which offers a simpler, fast and better user experience.
In her speech, Gill identified technical debt as one of the main obstacles making any government transformation challenging. And, like Damerell, she said that overcoming it requires government teams to be flexible.
“Organisations in government need to be very flexible and open,” continues Damerell. “What we did two or three years ago just doesn't fit anymore. You need to be able to adjust, develop and customise on a customer-by-customer basis.”
Damerell believes that civil servants also need to move at pace - something that digital can help with: “There’s a whole aspect around capability.” Any transformation must be underpinned by a strong digital capability, as well as ways of working led by the users.
Although he speaks as a technology supplier, Damerell says that at the end of the day, transformation is not so much about tech itself but about people and leadership - a widely-held conclusion among Government Transformation Summit attendees.
Despite Solarwinds having arguably the best technology on offer during its 2020 cyber-attack, the secret to its successful recovery was strong leadership, determination and continuous innovation - a lesson that Damerell thinks can be replicated across government organisations.
“It's not about product or software,” Damerell concludes. “It's all about a position that one takes right across the business with everyone in that organisation, focused and committed to a clear sense of purpose and aspirations, for the business.”