Should CISOs be liable for making business decisions?

Written By Peter Vogel

GovInfoSecurity.com reported that “Executive liability, where decision-makers face personal liability for making professional decisions, is a topic trending yet again as former Uber CSO Joe Sullivan was recently sentenced to probation and a fine for his role in covering up a data breach that affected tens of millions of Uber account holders.”  The May 7, 2023 article entitled “What Executive Liability Means for a CISO” (https://tinyurl.com/397zrc2x) included a description of the RSA 2023 Panel discussion with:

*Solomon Adote, chief security officer for the state of Delaware;

*Aravind Swaminathan, global co-chair for cybersecurity and data privacy at Orrick, Herrington & Sutcliffe;

*Rocco Grillo, managing director of global cyber risk services and incident response investigations at Alvarez & Marsal; and

*Ankur Ahuja, global vice president and CISO at Fareportal Inc.

The RSA 2023 Panel discussed:

*Juggling compliance with blocking and tackling cyberthreats;

*Interpretation of regulations that apply to distinct situations;

*How executives can protect themselves and their organizations from liability.

What do you think?

Peter Vogel
Previous

Crypto Hacks in 2023 have declined in 2023, but likely to Increase!
Next

Shadow IT & SaaS remain major security threats!