(C) Alec Muffett's DropSafe blog.
Author Name: Alec Muffett
This story was originally published on allecmuffett.com. [1]
License: CC-BY-SA 3.0.[2]
SEC Charges SolarWinds and Chief Information Security Officer with Fraud, Internal Control Failures | Soon we get to see all the “liability will fix software and architecture insecurity” folk explaini
2023-10-31 00:11:39+00:00
Some people believe that having senior leadership on the legal hook for [liability for] security failures will make everyone’s lives better; my suspicion is that those people haven’t thought through to the reality of what will happen to the leadership ecosystem, let alone any other area of potential error and unexpected behaviour.
Washington D.C., Oct. 30, 2023 — The Securities and Exchange Commission today announced charges against Austin, Texas-based software company SolarWinds Corporation and its chief information security officer, Timothy G. Brown, for fraud and internal control failures relating to allegedly known cybersecurity risks and vulnerabilities. The complaint alleges that, from at least its October 2018 initial public offering through at least its December 2020 announcement that it was the target of a massive, nearly two-year long cyberattack, dubbed “SUNBURST,” SolarWinds and Brown defrauded investors by overstating SolarWinds’ cybersecurity practices and understating or failing to disclose known risks. In its filings with the SEC during this period, SolarWinds allegedly misled investors by disclosing only generic and hypothetical risks at a time when the company and Brown knew of specific deficiencies in SolarWinds’ cybersecurity practices as well as the increasingly elevated risks the company faced at the same time.
https://www.sec.gov/news/press-release/2023-227
[END]
[1] URL:
https://alecmuffett.com/article/108102
[2] URL:
https://creativecommons.org/licenses/by-sa/3.0/
DropSafe Blog via Magical.Fish Gopher News Feeds:
gopher://magical.fish/1/feeds/news/alecmuffett/
