Bloomberg Law reports on a case that probably has a lot of CISOs somewhat nervous:
SolarWinds Corp. issued a full-throated denial of wrongdoing in how it handled one of the worst cyberattacks in history in a Friday court filing seeking the dismissal of US Securities and Exchange Commission allegations that its software security representations defrauded investors and violated rules on controls.
SolarWinds argued that it disclosed risks with legally sound specificity prior to a Russian state hack of its Orion platform and correctly informed investors of the breach’s potential impact during the immediate aftermath, according to a dismissal motion and supporting memorandum filed in New York federal court. Cybercriminals breached about 100 organization networks that employed the software, including large corporations and federal agencies.
Read more at Bloomberg Law.