Page 73 - Cyber Defense eMagazine January 2024
P. 73
SolarWinds Lawsuit Reinforces the Need for Critical
Communication Between CISOs and the C-Suite
By Jose Seara, Founder and CEO, Denexus
As demonstrated by recent developments in the legal matter between SolarWinds and the SEC, the
landscape of CISO liability is expanding. After the announcement that SolarWinds’ CISO Timothy Brown
would face charges for failing to disclose the severity of certain cybersecurity risks, the CISO community
has realized that the potential cost of managing cyber risk is more severe than ever.
Beyond the legal and financial liability demonstrated by the SEC’s charges for fraud and internal control
failures against Brown, this incident also reinforces that cybersecurity breaches pose a significant risk of
hefty compliance fines and a negative image in the public eye. With heightened consequences across
the board, it is imperative that security leaders are doing more than just ensuring organizational
compliance – they must go above and beyond to secure critical systems and data. Compliance usually
drives behavior, but rarely is the end point.
However, CISOs can’t tackle this challenge entirely on their own. To effectively protect an organization
from security breaches, lawsuits, fines, and potential reputation damage, CISOs must collaborate with
C-suite benches (and CFOs in particular) to ensure that priorities are aligned. And the C-suite must also
work with the Board, which holds the ultimate governance responsibility.
Cyber Defense eMagazine – January 2024 Edition 73
Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
