Cybersecurity Dive recently covered RiskRecon's data around how many organizations are still using SolarWinds Orion on the Internet. Some of the highlights include:
- The number of organizations operating SolarWinds Orion directly on the internet dropped 25% between mid-December and Feb. 1, according to a report by RiskRecon, a division of Mastercard, published Friday. The figures fell from 1,785 organizations on Dec. 13 to 1,330 as of Feb. 1.
- Vendors of RiskRecon's third-party risk management customers have reduced their use of Orion on the internet by 52%, according to the report. The figures demonstrate the impact of the SolarWinds hack on the software supply chain risk.
- Only 8% of organizations that continued to operate Orion on the internet upgraded their versions to 2020.2.4 from the earlier versions 2019.4 and 2020.2.1 HF1. A large number of universities, local governments and a small number of major companies remain vulnerable to further compromise, according to the report.