Tim Brown, former CISO of SolarWinds, shared insights at RSAC 2026 about the 2020 SolarWinds supply chain attack and his personal experience as the first CISO indicted in a civil lawsuit by the SEC for alleged fraud related to cybersecurity disclosures. Brown highlighted how excessive communication and misunderstood internal language during the ensuing SEC investigation led to legal challenges, emphasizing the critical need for clear communication policies and cautious internal messaging to prevent misinterpretation and legal risks in cybersecurity incident management.
https://www.techtarget.com/searchsecurity/feature/Watch-your-words-Tim-Browns-advice-for-CISOs