Corruption, Crime and Compliance: SEC Suffers Dismissal of Claims in Solarwinds Securities Fraud Case
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
The Woody Report: The Solar Winds Dismissal
The U.S. District Court for the Southern District of New York dismissed the majority of claims that the Security and Exchange Commission ("SEC") asserted against SolarWinds, including claims that the company's alleged...more
The SEC has been aggressively pursuing cybersecurity investigations and enforcement actions against public companies and foreign private issuers. In these actions, the SEC often alleges one of two theories: 1) that the...more
The General Data Protection Regulation (GDPR) has brought about significant changes in the way organizations handle data protection and privacy. It emphasizes the importance of transparency and honesty in disclosing data...more
CYBERSECURITY - Hackers Steal $4.4M Crypto Using Data Linked to LastPass Breach - According to Bleeping Computer, crypto fraud researchers at ZachXBT, and MetaMask developer Taylor Monahan have reported that on October 25,...more
The recent SEC lawsuit against SolarWinds Corp and its CISO, Tim Brown, following the 2020 data breach, has brought the issue of executive liability in cybersecurity disclosures to the forefront. This case sheds light on the...more
On October 30, 2023, the SEC filed a litigated complaint against SolarWinds, a software development company, and Timothy Brown, its chief information security officer (CISO). The SEC alleges that from October 2018, when...more
In a first, bold move by the Securities and Exchange Commission (SEC) following its new Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies, issued on July 26, 2023, this...more
The U.S. Securities and Exchange Commission has a message for publicly-traded companies that suffer a data breach: own up. On Monday, the SEC sued Texas-based SolarWinds––and its Chief Information Security Officer...more
While cybersecurity professionals are generally nice people, and I have nothing against them, they have trust issues. Their spouse, friends, and family may not appreciate the lack of trust, but it goes a long way towards...more
In a blog post entitled “New activity from Russian actor Nobelium,” Microsoft’s V.P. of Customer Security & Trust Tom Burt discussed a recent alert issued by the Microsoft Threat Intelligence Center (MSTIC) regarding the...more
On August 30, 2021, the Securities and Exchange Commission (SEC) announced that eight broker-dealers and/or investment advisers will pay civil monetary penalties to resolve enforcement actions arising from cybersecurity...more
The SolarWinds hack highlights the critical need for organizations of all sizes to include cyber supply chain risk management as part of their information security program. It is also a reminder that privacy and security...more
CYBERSECURITY - Eversource Energy Notifies Customers of Data Breach - Eversource Energy, which is the largest energy supplier in New England with 4.3 million customers in Connecticut, Massachusetts, and New...more
The United States government, states, municipalities, and private companies all have been trying to defend themselves from cyber warfare from foreign adversarial governments, including Russia, China, and North Korea, for...more
Friday afternoon, reports surfaced that a foreign nation had compromised newly-discovered flaws in the Microsoft Exchange Server email software and breached the cybersecurity efforts of more than 60,000 known victims. ...more
If you don’t know about SolarWinds, then you haven’t been reading the news for the past six months. Last October 2020, it was reported that a widely-used networking tool that helps companies in the public and private sectors...more
CYBERSECURITY - NYDFS - Cybersecurity Certificate of Compliance Due April 15, 2021 The New York Department of Financial Services (DFS), which regulates certain covered entities and licensed persons in the financial...more
Last month there was a cyber-attack suspected to have been perpetrated by Russian hackers. The attack was traced back to third party – a network management software vendor, SolarWinds. Among its 300,000 customers, SolarWinds...more
Development and Operations (DevOps) teams are often pressured by executives and sales teams to get software products completed and out the door and into the market as quickly as possible so the products can generate income....more
The recent hack against FireEye and the U.S. Treasury and Commerce Department affected SolarWinds software for more than 18,000 software users including mostly private company clients in addition to the famously affected...more
Announced within days of one another, two developments, one bureaucratic, one nefarious, showcased the growing chasm between the dream and the reality of our increasingly interconnected world. On December 4, 2020, President...more
In light of the major cybersecurity breach of the SolarWinds Orion software by malicious actors, the Water Information Sharing and Analysis Center (WaterISAC) recently issued a series of advisories providing guidance for...more
Earlier this week, Texas-based IT software vendor SolarWinds issued a critical security advisory, acknowledging that a “highly sophisticated” hacker had inserted a vulnerability in an updated version of SolarWinds’ Orion...more
The recent hack against FireEye and the U.S. Treasury and Commerce Department affected SolarWinds software for other clients as well (not limited to the U.S. government). SolarWinds has confirmed a cyberattack to its systems...more