The SEC and Solar Winds - What It Means for CISOs and Cyber Risk Governance

November 9, 2023

The primary focus of this discussion is to dissect the implications of the SolarWinds breach from a regulatory and governance perspective, particularly in light of the SEC's increased interest in cybersecurity as a critical component of corporate governance. The incident, a landmark in digital espionage, not only exposed risks in global supply chains but also highlighted the necessity for robust cyber risk governance and the evolving role of Chief Information Security Officers (CISOs). Panelists will explore how the incident has reshaped regulatory expectations and the subsequent impact on the roles, responsibilities, and risks of CISOs. Panelists will also examine the SEC's guidance on cybersecurity and the practical steps organizations must take to comply with these evolving standards in a growing global regulatory environment.

This session will offer insights into effective strategies for cyber risk management in a post-SolarWinds era. This will include discussions on the integration of cybersecurity into overall business risk management frameworks, the importance of transparent communication between CISOs, executive management, and boards, and the necessity for a proactive, rather than reactive, approach to cyber threats.

Please join Tim Callahan, SVP & Global CISO at Aflac, Jamil Farshchi, CISO at Equifax, and Cristin Flynn Goodwin, former lead cybersecurity lawyer for Microsoft and principal at Good Harbor Security Risk Management and Founder of Advanced Cyber Law, along with our moderator, Emilian Papadopoulos, the President of Good Harbor Security Risk Management as we delve into the intricate dynamics and implications of the SolarWinds cyberattack in the context of the U.S. Securities and Exchange Commission's (SEC) evolving stance on cybersecurity.

Interested in attending?

An invitation-only event for CISOs and senior cybersecurity policy stakeholders, the NTSC Virtual Webinars and Regional Roundtable events serve as part of our mission to provide a platform for CISOs to discuss and advocate for beneficial legislative and regulatory cybersecurity policies.

If you are a CISO or senior technology security executive interested in attending, please contact Patrick Gaul (patrick@ntsc.org) for more details.