The Securities and Exchange Commission’s naming of SolarWinds Corp.’s chief information security officer in its lawsuit over company missteps before a massive software hack is a warning shot to other top security executives.
SolarWinds and its CISO, Tim Brown, both misled investors about the security of their software and oversight rigor in the years before the hack compromised nine federal agencies and around 100 other customers, the SEC alleged in a Oct. 30 securities fraud complaint.
The lawsuit, said to be the first SEC cybersecurity litigation naming a CISO, signals that those corporate officers have to be aware of their …