GRC Viewpoint

Investigation Into the 2020 Cyber Attack Causes Trouble for Solarwinds CISOs

SEC has served notice to Solarwinds CISOs. The latest happenings are in connection with the 2020 Cyber Attack. 

The US SEC has suggested legal action be taken against specific Solarwinds workers, a novel suggestion that grabbed the headlines. The SEC staff has sent so-called Wells notifications to current and former employees and executives of the business, including the CFO and CISO.

READ MORE: CISOs Prefer More Technical Assistance

“The Wells Notices provided to these individuals state that the SEC staff has made a preliminary determination to recommend that the SEC file a civil enforcement action against the recipients alleging violations of certain provisions of the U.S. federal securities laws. If the SEC were to authorize an action against any of these individuals, it could seek an order enjoining such individuals from engaging in future violations of provisions of the federal securities laws subject to the action, imposing civil monetary penalties and or bar from serving as an officer or director of a public company and providing for other equitable relief within the SEC’s authority,” this is what Solarwinds had to say about the incident.

READ MORE: 1 of 4 CISOs Considering Ending their Security Career

Security experts pointed out that it is rare for a Wells Notice to a CISO and that the action may portend a whole new set of possible liabilities for them. 

The cyber world is awaiting to learn  about the latest developments pertaining to the case. 

Related Articles

Latest Articles