from-tgc » Former Uber CISO Convicted

Former Uber CISO Convicted

crowd-of-people-and-judge-gavel-picture-id1314309919

October 10, 2022

Chief Information Security Officers who were watching former Uber CISO Joe Sullivan’s trial to see if they should demand coverage under their company’s D&O insurance have an answer. Maybe. Sullivan was the first in their profession to face trial. On Oct. 6 he was convicted of trying to conceal the details of a 2016 hack at Uber that exposed the email addresses and phone numbers of 57 million drivers and passengers. He faces prison time, but the appeal process is likely to be protracted. Meanwhile the regulatory protocol in respect to cybersecurity has evolved. Payoffs to extortionists are so routine that some security firms and insurance companies specialize in handling such transactions. The FBI’s official stance is against it, but unless those payments are to certain criminal gangs, mostly Russian, they ignore it. Nevertheless, Sullivan’s woes and ultimate conviction have CISOs worried that failing to follow emerging guidance might land them in the dock as well.

Share this post:

Find this article interesting?

Sign up for more with a complimentary subscription to Today’s General Counsel magazine.