The SolarWinds hack, or “Sunburst” was a watershed moment for cyber security – one of the largest and most sophisticated attacks of all time, with 18,000 potential breached organizations. Known victims already include some of the largest technology companies and the most sophisticated U.S. government agencies, including the U.S. Departments of State, Treasury, Defense and Homeland Security. The investigations and aftershocks are still ongoing.

The rapid adoption of a globally shared technology supply chain, escalating nation-state cyber conflict fueling an uncontrolled cyberweapons economy, and the dissipation of the traditional “perimeter” into complex-to-defend cloud environments have converged into potentially catastrophic risk.

In this episode of Greymatter, Greylock general partner Sarah Guo is joined by two cybersecurity experts who have been warning against an attack like this for years, Obsidian Security co-founder and CPO Glenn Chisholm, whose company protects critical SaaS applications and is currently supporting Sunburst victims, and New York Times cybersecurity reporter Nicole Perlroth, whose prescient first book “This is How They Tell Me the World Ends:The Cyberweapons Arms Race” published in February 2021.

They discuss the escalation of cyberconflict over the past decade, what makes SolarWinds so significant, the difficulty of protecting cloud environments and the software supply chain, and the recent water utility hack in Florida as a warning sign for the future.

You can listen to the podcast here:



Nicole Perlroth

New York Times

Glenn Chisholm

Obsidian Security