SolarWinds and CISO Charged by SEC

Share post:

The U.S. Securities and Exchange Commission (SEC) has charged SolarWinds and its chief information security officer (CISO) for allegedly misleading investors about cybersecurity practices and risks in the two years leading up to its disclosure of a significant hacker attack.

The SEC’s complaint alleges that SolarWinds’ filings between its October 2018 IPO and its disclosure of the breach misled investors by only mentioning “generic and hypothetical risks”, while CISO Timothy Brown allegedly knew of specific cybersecurity problems and “increasingly elevated risks”.

The charges have sent shockwaves through the cybersecurity industry, with CISOs across the board reevaluating their roles and responsibilities.

Industry leaders have commented on the implications of the SEC charges for CISOs and organizations, and shared recommendations on how they can avoid ending up in a similar situation.

Igor Volovich, VP of Compliance Strategy at Qmulos, highlighted the importance of aligning cybersecurity with corporate risk, compliance, and regulatory functions. Petri Kuivala, Chief Information Security Officer Advisor at Hoxhunt, stressed the importance of CISOs being able to convey truthful messages to decision makers without confusing them with the technical details.

Agnidipta Sarkar, Vice President CISO Advisory at ColorTokens, expressed concern that the SEC charges could damage the reputation of the CISO role and make it more difficult to attract and retain qualified candidates.

The sources for this piece include an article in SecurityWeek.

Featured Tech Jobs


Related articles

Cyber Security Today, Week in Review for week ending Friday, Feb. 23, 2024

This episode features discussion on the takedown of the LockBit ransomware gang

Breaking news: RCMP facing ‘alarming’ cyber attack

The RCMP is facing a serious cyber attack from an unspecified threat actor. The Mounties told CBC News today that a “breach of this magnitude is alarming.” “The situation is evolving quickly but at this time, there is no impact on RCMP operations and no known threat to the safety and security of Canadians,” a spokesperson

Leaked documents may show the inside of China’s hacking strategy

Documents apparently stolen by disgruntled employees to embarrass their firm may give insight into China's cyber

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways