Beth Waller Shares Insight On SolarWinds Cybersecurity Breach, Dark Reading

Woods Rogers’ principal and chair of our Cybersecurity & Data Privacy Practice Beth Waller provided commentary to Dark Reading following the SEC’s decision to charge four companies for their involvement in the 2020 SolarWinds data breach. The penalties, one of which tops $4 million, involve disclosure practices and controls violations. Beth’s guidance for companies is that regulators want to see technically precise disclosures.

"Companies can no longer rely on generalizations or hypotheticals," Beth told the publication in an interview. "The challenge for many companies will be thinking of post-ligation risk from all angles, including later data breach class actions or customer lawsuits."

This new enterprise cybersecurity terrain will require chief information security officers to work more closely with legal teams, Beth noted.

"The SEC is creating tension for many companies post-incident by forcing disclosure of details very early on in an incident investigation that will be cited back to the business in future litigation," she added. "CISOs need to be prepared to work closely with in-house and outside counsel on SEC cyber-incident materiality determinations, especially in light of the technical precision required of companies in these enforcement announcements."

Read the full article in Dark Reading here.