Should you patch SolarWinds right away? Richard Stiennon, author and chief research analyst at IT-Harvest, joins Mitch Ashley to delve into announcements about the Russian APT29 / SVR (per Washington Post sources) hack into the U.S. Treasury Department and the U.S. Department of Commerce’s National Telecommunications and Information Administration (NTIA). The breach was made through SolarWinds, which also allowed hackers access to FireEye’s own network and tools. Richard shares some recommendations, from some hard lessons learned, about patching systems too quickly after an attack, and potentially losing some of your own security capabilities in the process.