While some industry experts hew to SolarWinds’ view that the lawsuit sets a troubling precedent, others see the case in a positive light, as Security Week reports.
“The SEC litigation against SolarWinds is going to do more to advance security than another decade of breaches would,” security researcher Jake Williams wrote on X, formerly known as Twitter. “CISOs are often beaten into submission under threat of losing their jobs. The SEC gave them the holy hand grenade to fight back against any pressure to mislead.”
However, SolarWinds CEO Sudhakar Ramakrishna wrote in a blog post, “The SEC’s charges now risk the open information-sharing across the industry that cybersecurity experts agree is needed for our collective security. They also risk disenfranchising earnest cybersecurity professionals across the country, taking these cyber warriors off the front lines. I worry these actions will stunt the growth of public-private partnerships and broader information-sharing, making us all even more vulnerable to security attacks.”
As Dark Reading reports, Amtrak CISO Jesse Whaley expressed uncertainty as to how the SEC lawsuit could affect the CISO position overall. “It’s either really good or really bad,” Whaley told the news service.
Meanwhile, Weave CISO Jessica Sica told Dark Reading she’s worried the allegations against Brown will have a “chilling effect” that keeps people from wanting to take on the CISO job. She noted that CISOs are often under-resourced.
As The Wall Street Journal reports, CISOs worry they’ll be exposed to legal liability. CISO job candidates now often ask to be included in companies’ directors and officers insurance policies, which cover them against lawsuits alleging breaches of fiduciary duty, according to executive search firm Heidrick & Struggles. “The fear is real,” Heidrick partner Matt Aiello told the Journal.
Numerous other security leaders told SiliconAngle they share the concern of a “chilling effect” on CISO recruitment. Timothy Morris, chief security adviser at systems management company Tanium Inc., told the publication, “With SolarWinds’ CISO now under the microscope and Uber’s former CISO making similar shock waves last year, we can expect turnover in this role.”