Flash Report — Are SEC Charges Against SolarWinds and Its CISO Signaling a New Era of Personal Accountability?

Driving the news: The U.S. Securities and Exchange Commission (SEC) has charged SolarWinds and its CISO for fraud and internal control failures relating to cybersecurity risks.

Why it matters: These charges highlight the importance of implementing strong controls and disclosing known concerns to investors. In its complaint, the SEC alleges that SolarWinds and its CISO misled investors by understating cybersecurity risks and ignoring red flags about cyber risks.

Important takeaway: The SEC’s enforcement action signals a potential expansion of executive accountability in public reporting beyond the CEO and CFO.

The bottom line: Addressing this expansion of personal accountability requires companies to enable it and individual executives to perform to it. To that end:

  • Companies and their executives should advocate for effective risk governance and compliance, create appropriate awareness, ensure clarity on roles and responsibilities, and enhance the disclosure process.
  • Individual executives owning activities, decisions and information having significant public reporting implications should measure up to their respective responsibilities under the federal securities laws.

Our insights: In this Flash Report, we summarize the SEC’s allegations against SolarWinds and its CISO and offer nine points for executives and functional leaders with SEC registrants to consider regarding their own accountability and responsibility for public reporting.

Nick Puetz, Managing Director – Security and Privacy, also contributed to this report.

To learn more about our cybersecurity solutions, contact us

Charles Soranno

Managing Director
BPI - Finance

Subscribe to Topics

Many often overlook the potential impact—both positive and negative—a #TechnModernization project can have on operational #resilience. #ProtivitiTech's Kim Bozzella shares her thoughts with #Forbes Technology Council. https://ow.ly/1FLA50TYIaE

Establishing a scalable #AI #governance framework is crucial for balancing innovation with #risk and #compliance. Dive into our latest ebook, co-authored with #OneTrust, to explore key steps and technologies that will elevate your AI governance strategy. https://ow.ly/QqKy50TVUx3

News reports implied that China has managed to break "military grade" encryption using quantum computers. But the truth is more complicated than that. Protiviti's #quantum expert Konstantinos Karagiannis explains it all to #VISIONbyProtiviti. https://ow.ly/Zb9z50TWNuh

The #IIoT can help organizations collect and analyze data to optimize operations and maximize resources. #ProtivitiTech's Kim Bozzella details how IIoT can yield benefits for businesses and the people they serve with #Forbes #Technology Council. https://ow.ly/V5I250TVLAj

Protiviti has earned the AWS DevOps Competency, which complements our existing Migration and Security Competencies. These competencies reflect Protiviti's ability to deliver comprehensive AWS system integration services. https://ow.ly/Baj550TWR9I

#AWSDevOps #AWSCloud #AWS

Load More