Today the SEC filed a complaint against SolarWinds Corporation and its CIO for fraud and internal control failures relating to allegedly known cybersecurity risks and vulnerabilities. According to the complaint, SolarWinds defrauded investors by overstating its cybersecurity practices and understating or failing to disclose known risks. The SEC’s complaint signifies robust SEC enforcement of cybersecurity-related securities violations, including failure to disclose known material cybersecurity risks and failure to maintain adequate cybersecurity controls. In a press release announcing the charges, Gurbir S. Grewal, Director of the SEC’s Division of Enforcement, states: “Today’s enforcement action not only charges SolarWinds and Brown for misleading the investing public and failing to protect the company’s ‘crown jewel’ assets, but also underscores our message to issuers: implement strong controls calibrated to your risk environments and level with investors about known concerns.”
In light of the elevated cybersecurity risk environment and the SEC prioritizing enforcement of cybersecurity violations, cybersecurity whistleblowers have a strong incentive to report cybersecurity violations to potentially qualify for an SEC whistleblower award and can play a vital role in protecting against cyber breaches and attacks.
Information security and data privacy whistleblowers are often in a position to identify and remedy vulnerabilities—and therefore prevent breaches—if only...
You don't have permission to access "http://www.marketscreener.com/news/ibma-s-17m-false-claims-act-settlement-what-government-contractors-should-know-ce7e50d3d089ff2d" on this server. Reference #...