A New Your federal district judge handed down a significant decision dismissing much of the SEC’s securities fraud enforcement action against SolarWinds arising from its claims relating to SolarWinds’ cybersecurity policies, and disclosure of a significant cyberattack against the SolarWinds’ network. In an unprecedented case, the SEC alleged that SolarWinds, which went public in 2018, mislead the public as to the effectiveness of its cybersecurity...

Diligent recently released an important report — Cybersecurity, audit, and the board: How does board oversight impact cybersecurity performance? Diligent’s Report includes several key findings on the importance of Board oversight and its importance to cybersecurity performance. Dottie Schindlinger, Executive Director of Diligent Institute, the global corporate governance research arm of Diligent – joins us to discuss the report and its key findings. https://audio-delivery.cohostpodcasting.com/audio/433377ff-16d7-421e-867c-0a97a76cc861/episodes/0848361f-ac8a-4bae-94c9-ce35daa4e211/episode.mp3

No one was surprised when compliance and risk publications cited cybersecurity as the number one risk that corporations face today.  While this is a relatively simplistic and head-line grabbing statement, the truth remains that corporate boards should have cybersecurity in their Top-3 List of corporate risks facing the organization. Like everything in life, it is one thing to identify the risk — it is quite...

In the absence of federal cybersecurity and data privacy laws, companies have to look to other sources of guidance, including industry standards, and state laws.  The National Institute of Standards and Technology (“NIST”) has sought to fill some of the large gaps on the issue of cybersecurity.  Enforcement agencies often cite the NIST Framework as an important barometer of an organization’s commitment to cybersecurity risks...

In the face of rapid technology changes, the Department of Justice usually has to play catch up.  When cryptocurrency and blockchain entered the United States economy, the Justice Department played catch up.  Fraudsters and other criminals innovate and embrace new technologies to prey on victims.  The Justice Department usually catches up but there is often a lag as “innovative” criminals gain certain market advantages.  DOJ...

A Top 5 list should be viewed with suspicion — it is often just a headline grabbing posting with the clear purpose to gain readers’ attention.  In defense, however, it is interesting to compare articles on risk rankings.  To start with the obvious, corporate boards face growing risks — the economy, the regulatory environment, cybersecurity threats, technology developments  and stakeholder interests are all colliding and...

The U.S. Securities and Exchange Commission has a message for publicly-traded companies that suffer a data breach: own up. On Monday, the SEC sued Texas-based SolarWinds––and its Chief Information Security Officer (“CISO”)––for defrauding investors by allegedly failing to disclose known security risks in public filings. This marks the SEC’s first ever enforcement action against an individual corporate officer over their mishandling of a data breach––but...

If you ask corporate board members and senior executives to list their number one risk (other than financial operations), the answer in today’s risk environment is clear – cybersecurity and data privacy.  The rapid elevation of this risk is reflected in weekly headlines announcing ransomware, cyber-attacks and data breaches. Companies that have experienced a cyber-attack are forever changed.  The board and senior executive team quickly...

Webinar: Cybersecurity and Compliance — A New Path Forward July 25, 2023, 12 Noon EST Sign-Up Here Companies face a broad array of cybersecurity risks — from internal actor mistakes to sophisticated ransomware attacks.  Chief Information Security Officers (“CISOs”) are being asked to mitigate these risks. Luckily, Chief Compliance Officers (“CCOs”) have become natural partners for CISOs, and are collaborating to design and implement effective governance...