Contactez-nous Suivez-nous sur Twitter En francais English Language

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN



Comment on news that SEC charges SolarWinds CISO - Christian Have, CTO, Logpoint

November 2023 by Christian Have, CTO, LogPoint

Following the news that the Chief Information Security Officer (CISO) of
SolarWinds is facing allegations of fraud by the U.S. Securities and
Exchange Commission (SEC) for disseminating misleading information to
the market regarding the company’s cybersecurity situation, we thought
you might be interested in the following comment in response to the news
as sourced from Christian Have, CTO at Logpoint.

“The charges against SolarWinds’ CISO should give European CISOs
reason for reflection. Authorities are now actively scrutinising them.
If a European company experiences a cyberattack leading to a stock price
drop, despite prior reports of a strong cybersecurity effort, why
wouldn’t the same scenario apply here?

The cybersecurity industry has long advocated for a prominent position
within organisations, which is indeed essential. However, this case
represents the first instance of a CISO being integrated into the upper
levels of the organisation, albeit with a disconnection from the
technical aspect. It underscores the critical importance of the
technical reality and the formidable challenge of bridging the gap
between the top and bottom. The charges unequivocally indicate that
SolarWinds’ security department personnel were aware of the issues,
highlighting a significant disconnect.

These charges are likely to cause sleepless nights for top executives
and board members because the SolarWinds leadership believed they were
operating a business with robust cybersecurity. It serves as a
compelling example of why the role of a CISO should not devolve into a
paper tiger relying solely on contingency plans, management reporting,
compliance, and goal-oriented pursuits. There’s a risk of instilling
unwarranted confidence in top management while diverting focus from the
technical underpinnings.

It is imperative to heed security teams with an intimate understanding
of the technical landscape and take their concerns seriously. The
charges against SolarWinds’ CISO demonstrate that legal measures are
effective in such cases. They bring to light issues and challenges faced
by security chiefs, top executives, boards, and security teams. This
case should trigger concerns and furrowed brows throughout the

See previous articles


See next articles

Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55

All new podcasts