Security leaders across the country have found some reassurance in a recent ruling by a federal judge that significantly undermines the U.S. Securities and Exchange Commission’s (SEC) civil fraud lawsuit against SolarWinds. This case, which represents the first instance of the regulator suing a public company over its handling of a cyberattack, has seen a notable reduction in its scope.
This development has sparked a wide range of reactions among legal and cybersecurity professionals. While some view the dismissal as a setback for the SEC’s oversight of corporate cybersecurity practices, there is a consensus that regulators will continue their push for greater transparency regarding cybersecurity risks and management strategies from firms.
The decision by Judge Paul Engelmayer to dismiss major parts of the case suggests that the SEC might face limitations in its ability to act as an aggressive regulator in this sphere. Scott Kannry, CEO of the cyber risk firm Axio, noted that this ruling “creates the notion that the SEC isn’t just going to be able to do whatever it wants going forward and serve as an ‘overzealous’ regulator.”
For additional details, refer to the full article here.