A career hacker, David "Moose" Wolpoff is CTO and co-founder of Randori, a company building a continuous red-teaming platform. The security industry is reverberating with news of the FireEye breach and the announcement that the U.S. Treasury Department, DHS and potentially several other government agencies, were hacked due (in part, at least) to a supply chain attack on SolarWinds. These breaches are reminders that nobody is immune to risk or being hacked. I’ve no doubt that both FireEye and SolarWinds take security very seriously, but every company is subject to the same reality: Compromise is inevitable. The way I judge these events is not by whether someone is hacked, but by how much effort the adversary needed to expend to turn a compromise into a meaningful breach. We’ve heard FireEye put effort and execution into the protection of sensitive tools and accesses, forcing the Russians to put stunning effort into a breach.