SolarWinds and CISO Charged by SEC

Share post:

The U.S. Securities and Exchange Commission (SEC) has charged SolarWinds and its chief information security officer (CISO) for allegedly misleading investors about cybersecurity practices and risks in the two years leading up to its disclosure of a significant hacker attack.

The SEC’s complaint alleges that SolarWinds’ filings between its October 2018 IPO and its disclosure of the breach misled investors by only mentioning “generic and hypothetical risks”, while CISO Timothy Brown allegedly knew of specific cybersecurity problems and “increasingly elevated risks”.

The charges have sent shockwaves through the cybersecurity industry, with CISOs across the board reevaluating their roles and responsibilities.

Industry leaders have commented on the implications of the SEC charges for CISOs and organizations, and shared recommendations on how they can avoid ending up in a similar situation.

Igor Volovich, VP of Compliance Strategy at Qmulos, highlighted the importance of aligning cybersecurity with corporate risk, compliance, and regulatory functions. Petri Kuivala, Chief Information Security Officer Advisor at Hoxhunt, stressed the importance of CISOs being able to convey truthful messages to decision makers without confusing them with the technical details.

Agnidipta Sarkar, Vice President CISO Advisory at ColorTokens, expressed concern that the SEC charges could damage the reputation of the CISO role and make it more difficult to attract and retain qualified candidates.

The sources for this piece include an article in SecurityWeek.

SUBSCRIBE NOW

Related articles

Payment gateway breach exposes 1.7 million credit card holders

Slim CD, a payment gateway provider, recently disclosed a significant data breach that impacted nearly 1.7 million credit...

AI Healthcare Firm Exposes 5.9 TB of Sensitive Mental Health Data

In a significant data security incident, Confidant Health, a Texas-based AI healthcare platform, inadvertently exposed 5.3 terabytes of...

Cyber Security Today – Week In Review for September 7, 2024

Cyber Security Today - Weekend Edition: Toronto School Board Hack, MoveIT Breach & Data Privacy Concerns This weekend edition...

You’re not crazy – your smart phone could be listening to you

If you have every heard someone say that they'd just had a conversation on their smart phone only...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways