wiredmikey shares a report from SecurityWeek: In a surprising development on Monday that is spooking the cybersecurity community, the SEC filed charges against SolarWinds and its Chief Information Security Officer (CISO), Timothy G. Brown, alleging that the software company misled investors about its cybersecurity practices and known risks. The charges stem from alleged fraud and internal control failures related to known cybersecurity weaknesses that took place between the company’s October 2018 initial public offering (IPO) and its December 2020 revelation of the infamous supply chain cyberattack dubbed “SUNBURST.” […] The SEC’s complaint also points to internal communications among SolarWinds employees, including Brown, in 2019 and 2020, which raised questions about the company’s ability to protect its critical assets from cyberattacks.
