If SolarWinds were a UK listed company, would we be seeing similar enforcement action by UK authorities?
A US company, SolarWinds, and its Chief Information Security Officer (CISO) are being prosecuted by the US Securities and Exchange Commission (SEC) for alleged misstatements on its website relating to cybersecurity and a series of cyber-attacks revealed in 2020.
The SEC has been seeking to rely on public company disclosure rules and its ability to enforce certain cybersecurity-related controls, but a recent court ruling has seen many of its claims thrown out.