Blog

Tim Brown will remember 12 December 2020 for ever.

It was the day the software company SolarWinds was notified it had been hacked by Russia.

Brown, the chief information security officer at SolarWinds, immediately understood the implications: any of the company’s more than 300,000 global clients could be affected too.

The exploit allowed the hackers remote access to the systems of customers that had installed SolarWinds’ network software Orion, including the US treasury department, the US department of commerce’s National Telecommunications and Information Administration, along with thousands of companies and public institutions.

Brown says he was “running on adrenaline” in the first few days after the attack.

It was during the early stages of the Covid pandemic when full-time work-from-home was the norm, but the company’s email was compromised and couldn’t be used to communicate with staff.

“We gave up on the phones and just everybody came into the office and we got Covid testing,” Brown says. “I lost 25 pounds in about 20 days … just going, going, going.”

He appeared on CNN and 60 Minutes, and in every major newspaper.

“The world’s on fire. You’re trying to get information out and trying to have people understand what’s safe and what’s not safe.”

The company switched to Proton email and Signal while its email was compromised, Brown says. He was taking calls from companies and government agencies across the globe, including the US army and the Covid vaccine program Operation Warp Speed.

“You get the world wanting verbal communication not written communication. And that is a kind of an important lesson: you can write things down, but they want to talk to the [chief information security officer],” says Brown, who spoke at Melbourne’s CyberCon on Friday.

“They want to be able to hear colour around the outside of it, so very important to be prepared for that kind of response.”

How the cyber-attack unfolded

The notification about the hack came in a phone call from Kevin Mandia, the founder of the cybersecurity firm Mandiant, to SolarWinds’ then CEO Kevin Thompson.

Mandia told Thompson that SolarWinds had “shipped tainted code” to its Orion software, which helps organisations monitor outages on their computer networks and servers.

The exploit in Orion was being used to attack government agencies, Mandia told Thompson.

“We could see in that code [it] was not ours, so when we got that, it was ‘all right, this is real’,” Brown recalls.

The Texas-based SolarWinds determined that 18,000 people had downloaded the tainted product, which the hackers, later attributed to the Russian Foreign Intelligence Service, were able to insert into Orion in the build environment where source code is turned into software.

The news broke on the Sunday. SolarWinds notified the stock market before it opened on Monday.

The original estimate that up to 18,000 clients could be affected was later revised down to about 100 government agencies and companies that actually were.

“It would have been nice to know that on day one, but that was the truth of the matter, right?” Brown says. “We weren’t really the target. We were just a route to the target.”

SolarWinds called in CrowdStrike, KPMG and the law firm DLA Piper to deal with the response and investigation.

Aftermath: the heart attack

SolarWinds stopped work on new features for the next six months and its team of 400 engineers focused on systems and security to get the company back on its feet.

“We really took transparency to heart – how can we make sure people realise [what] threat actor models [are out there], what they do, how they do reconnaissance, how they then do an attack [and] how they then leave.”

Brown says the company’s customer renewal rate fell into the 80% range in the first few months after the incident, but has since returned to more than 98%.

But then came the legal implications.

The Biden administration imposed sanctions and expelled Russian diplomats in 2021, partly in response to the attack.

SolarWinds settled a class action lawsuit over the attack in 2022 for US$26m. The Securities and Exchange Commission (SEC) then filed a lawsuit against SolarWinds and Brown personally in October 2023, accusing the company and Brown of misleading investors over its claims about cybersecurity protections, and failing to disclose known vulnerabilities.

Brown was in Zurich when he found out he was being charged.

“When I walked up a hill, I would lose my breath. My arms would get heavy, my chest would get tight. I was just not getting enough oxygen,” he says. “I did a silly thing. I flew home … I couldn’t walk from the terminal to my car without stopping. That’s a walk I had done thousand of times.”

He was having a heart attack. When he got home, his wife took him to the hospital, where he underwent surgery. He has since recovered.

“Stress keeps building up and I thought I was managing it well and I didn’t proactively go to a doctor,” he says.

Brown says he now advocates for companies going through similar incidents to employ psychiatrists to help staff process the stress.

“The stress level was pumped up, and then it just went over the edge, but stress was building up all the time.”

A confidential jointly proposed settlement with the SEC was announced in July, but has yet to be approved. The US government shutdown has delayed the finalisation of the agreement.

Brown has remained with SolarWinds throughout the process.

“It happened on my watch, that’s how I look at it. There are reasons why it occurred, nation state attack, et cetera, but still it happened on my watch,” he says.

“I guess I’m stubborn. But it was just very important for us to get through this whole cycle, so leaving wasn’t an option until it was done.”

This article first appeared on GuruFocus.

Release Date: October 17, 2025

For the complete transcript of the earnings call, please refer to the full earnings call transcript.

• Reliance Industries Ltd (WBO:RLI) reported strong performance across all business segments, with a notable 18% growth in EBITDA for Jio, driven by strong customer additions in both mobility and home segments.

• The retail segment saw a robust year-on-year growth of 17% in EBITDA, with revenues increasing by 18%, supported by significant growth in fashion, lifestyle, grocery, and electronics categories.

• The energy business reported a 21% increase in performance, driven by higher cracks across gasoline, gas oil, and ATF, along with increased domestic placements.

• Reliance Industries Ltd (WBO:RLI) is making significant progress in its new energy initiatives, with plans to start renewable energy round-the-clock power plants in Kutch next year.

• The company is expanding its digital services and AI capabilities, with Reliance Intelligence set to develop AI products and solutions, leveraging partnerships with global tech companies like Meta.

• Despite strong overall performance, the upstream segment experienced a decline due to natural production falls in the KGD6 fields.

• Finance costs increased by 14%, and depreciation rose by 12%, primarily due to 5G capitalization and spectrum interest.

• The petrochemical segment faced challenges with weak demand for PVC and PET due to heavy rains and floods affecting agricultural and packaging sectors.

• The media business, while showing growth, faces challenges in maintaining momentum post-IPL, with a need to convert cricket audiences to entertainment content.

• The geopolitical situation and increased OSPs have impacted the refining margins, despite high cracks in the refining segment.

Q: Are there any plans for a tariff hike in the near future? A: Unidentified_2: No immediate plans for a tariff hike. We are encouraging consumers to use more services, but there are no current plans to change tariffs.

Q: Is the current monthly run rate for connecting new homes expected to increase? A: Unidentified_2: We expect to ramp up the rate of connecting new homes. The technology is working well, and many new connections are being done wirelessly, allowing for simpler and faster implementation.

Q: How will Reliance Intelligence and Geo Platforms collaborate on AI initiatives? A: Unidentified_2: Reliance Intelligence will develop AI products and solutions, while Geo Platforms will bring these to market. Geo Platforms can also work with other partners like Meta, OpenAI, and Google.

Q: What is the status of the battery cell assembly plant, and how is Reliance handling equipment sourcing given China’s export restrictions? A: Unidentified_8: The battery cell factories are progressing well, and we have secured all equipment for the first phase of cell manufacturing. Equipment sourcing is happening globally, and we are monitoring the impact of new regulations.

Q: How is the Quick commerce model different from other models, and what advantages does it offer? A: Unidentified_3: The Quick commerce model has pivoted to focus on instant deliveries, offering the widest assortment, best pricing, and no hidden charges. The model leverages a vast store network and localized assortment knowledge, providing a significant advantage over competitors.

For the complete transcript of the earnings call, please refer to the full earnings call transcript.

Adjuvant treatment with cemiplimab-rwlc (Libtayo) was associated with a similar incidence of second primary tumors (SPTs) compared with placebo in patients with high-risk cutaneous squamous cell carcinoma (CSCC) following surgery and postoperative radiotherapy, according to findings from an analysis of the phase 3 C-POST trial (NCT03969004) presented at the 2025 ESMO Congress.¹

During the treatment period, the proportion of patients who developed at least one SPT was 11% in the cemiplimab arm (n = 209) compared with 12% in the placebo arm (n = 206); during the study’s follow-up period, these rates were 8% and 7%, respectively. During the treatment period, the cumulative number of SPTs was 32 with cemiplimab vs 82 for placebo, corresponding to annualized, adjusted annualized SPT rates of 1.23 (95% CI, 0.60-2.54) and 2.81 (95% CI, 1.23-6.45), respectively. In the follow-up period, 36 total SPTs occurred in the cemiplimab arm vs 41 in the placebo arm, and the annualized SPT rates were 0.72 (95% CI, 0.30-1.71) and 1.17 (95% CI, 0.40-3.49), respectively.

During the treatment period, 9% of patients in the cemiplimab arm had 1 SPT, 1% had 2 SPTs, less than 1% had 3 SPTs, 0% had 4 SPTs, less than 1% had 5 SPTs, and 0% had 6 or more SPTs. In the placebo arm, these rates were 8%, 2%, less than 1%, less than 1%, 0%, and 1%, respectively. Incidence was similar during the follow-up period, with 4% of patients in each arm experiencing 1 SPT and less than 1% of patients falling into the multiple SPT groups within each arm.

In a post hoc analysis incorporating the first occurrence of SPTs alongside disease-free survival (DFS) events (recurrence or death), efficacy continued to favor cemiplimab over placebo (HR, 0.43; 95% CI, 0.30-0.60). The median DFS in this analysis was not reached (NR; 95% CI, not evaluable [NE]-NE) in the cemiplimab group vs 21.7 months (95% CI, 12.9-39.2) in the placebo group. At 24 months, DFS rates were 81.1% with cemiplimab vs 59.1% with placebo, and this benefit was maintained over time, with rates of 73.4% vs 48.7% at 36 months and 68.4% vs 41.5% at 48 months, respectively.

“The lower number of SPTs in the cemiplimab arm appeared to be driven by a small number of patients with multiple SPTs observed in the placebo arm. The robust [DFS] efficacy signal with cemiplimab vs placebo was maintained in a post hoc analysis in which SPTs were included as [DFS] events,” Danny Rischin, MD, who serves as the director of Medical Oncology at the Peter MacCallum Cancer Centre in Melbourne, Australia, noted in the conclusion of his presentation. “These prospective, randomized data suggest that there may be a subset of patients who experience fewer SPTs with cemiplimab, although further investigation is required.”

What Was Established in the Primary Analysis of the C-POST Trial?

With a median follow-up of 24 months (range, 2-64), previously reported findings from the primary analysis showed that patients who received adjuvant cemiplimab after surgical resection and postoperative radiotherapy achieved a median DFS that was NR (95% CI, NE-NE) compared with 49.4 months (95% CI, 48.5-NE) among those treated with placebo (n = 206; HR, 0.32; 95% CI, 0.20-0.51; P < .001). The estimated 24-month DFS rates were 87.1% (and 64.1%, respectively.

Based on those findings, on October 8, 2025the FDA approved cemiplimab for the adjuvant treatment of adult patients with CSCC at high risk of recurrence after surgery and radiation.² Following this decision, the European Medicines Agency’s Committee for Medicinal Products for Human Use (CHMP) issued a positive opinion for the agent’s use in the same indication.³

What Was the Design of the C-POST Trial and the Post Hoc Analysis?

The phase 3 C-POST trial is a randomized, double-blind, placebo-controlled study designed to evaluate adjuvant cemiplimab in patients with histologically confirmed CSCC who had undergone complete resection with curative intent and completed postoperative radiotherapy.¹ Patients were required to have high-risk features, which included nodal extracapsular extension with at least one lymph node measuring 20 mm or more, or three or more involved lymph nodes; in-transit metastases; perineural invasion; T4 lesions; or recurrent CSCC with 1 or more additional high-risk characteristics.

Participants were randomly assigned 1:1 to receive cemiplimab or placebo. In part 1 of the study, patients received cemiplimab at 350 mg intravenously every 3 weeks for 12 weeks, followed by cemiplimab at 700 mg every 6 weeks for an additional 36 weeks. Those in the control group received matched placebo on the same schedule. Treatment continued until completion of the planned duration, disease recurrence, or unacceptable toxicity.

Patients who experienced recurrence after completing placebo treatment or after at least three months following cemiplimab completion were eligible to enter an optional open-label extension phase (part 2) to receive cemiplimab at 350 mg every 3 weeks for up to 96 weeks.

The primary end point of the trial was DFS. Key secondary end points include freedom from locoregional recurrence, freedom from distant recurrence, cumulative occurrence of second primary tumors, overall survival, and safety.

The median age of patients was 71.0 years (range, 33-87) in the cemiplimab group and 70.5 years (range, 36-95) in the placebo group. Most patients were 65 years of age or older, representing 73% and 68% of each respective arm. The majority of participants were male (83% in both arms) and White (90% vs 92%).

Geographically, 43% of patients in the cemiplimab arm and 44% in the placebo arm were enrolled from Australia or New Zealand, 18% and 15% were from North America, and 39% and 41% were from the rest of the world.

Most patients had resected high-risk tumors located in the head and neck region (79% in the cemiplimab group vs 86% in the placebo group), and 21% and 14% had non–head and neck tumors, respectively. Regarding risk classification, 60% of patients in the cemiplimab arm and 57% in the placebo arm were categorized as having nodal high-risk disease; 40% and 43%, respectively, had non-nodal high-risk features.

Disclosures: Rischin reported receiving institutional research funding from ALX Oncology, AstraZeneca, Bicara Therapeutics, Decibel Therapeutics, Erasca, Marck, and Regeneron Pharmaceuticals; and having uncompensated relationships with Eisai, GSK, Merck, and Regeneron Pharmaceuticals.

References

1. Rischin D, Porceddu S, Day F, et al. Analysis of second primary CSCC tumors (SPTs) reported during the C-POST trial, a randomized phase 3 study of adjuvant cemiplimab vs placebo for high-risk CSCC. Presented at: 2025 ESMO Congress; October 17-21, 2025; Berlin, Germany. Abstract 1603MO.
2. FDA approves cemiplimab-rwlc for adjuvant treatment of cutaneous squamous cell carcinoma. FDA. October 8, 2025. Accessed October 18, 2025. https://www.fda.gov/drugs/resources-information-approved-drugs/fda-approves-cemiplimab-rwlc-adjuvant-treatment-cutaneous-squamous-cell-carcinoma
3. Libtayo (cemiplimab) recommended for EU approval by the CHMP for adjuvant treatment of cutaneous squamous cell carcinoma (CSCC) with a high risk of recurrence after surgery and radiation. News release. Regeneron. October 17, 2025. Accessed October 18, 2025. https://investor.regeneron.com/news-releases/news-release-details/libtayor-cemiplimab-recommended-eu-approval-chmp-adjuvant