First CISO Charged by SEC: Tim Brown on Trust, Context, and Leading Through Crisis - Interview with Tim Brown | AISA CyberCon Melbourne 2025 Coverage | On Location with Sean Martin and Marco Ciappelli

Update: 2025-10-15

Description

First CISO Charged by SEC: Tim Brown on Trust, Context, and Leading Through Crisis - Interview with Tim Brown | AISA CyberCon Melbourne 2025 Coverage | On Location with Sean Martin and Marco Ciappelli

AISA CyberCon Melbourne | October 15-17, 2025

Tim Brown's job changed overnight. December 11th, he was the CISO at SolarWinds managing security operations. December 12th, he was leading the response to one of the most scrutinized cybersecurity incidents in history.

Connecting from New York and Florence to Melbourne, Sean Martin and Marco Ciappelli caught up with their longtime friend ahead of his keynote at AISA CyberCon. The conversation reveals what actually happens when a CISO faces the unthinkable—and why the relationships you build before crisis hits determine whether you survive it.

Tim became the first CISO ever charged by the SEC, a distinction nobody wants but one that shaped his mission: if sharing his experience helps even one security leader prepare better, then the entire saga becomes worthwhile. He's candid about the settlement process still underway, the emotional weight of having strangers ask for selfies, and the mental toll that landed him in a Zurich hospital with a heart attack the week his SEC charges were announced.

"For them to hear something and hear the context—to hear us taking six months off development, 400 engineers focused completely on security for six months in pure focus—when you say it with emotion, it conveys the real cost," Tim explained. Written communication failed during the incident. People needed to talk, to hear, to feel the weight of decisions being made in real time.

What saved SolarWinds wasn't just technical capability. It was implicit trust. The war room team operated without second-guessing each other. The CIO handled deployment and investigation. Engineering figured out how the build system was compromised. Marketing and legal managed their domains. Tim didn't waste cycles checking their work because trust was already built.

"If we didn't have that, we would've been second-guessing what other people did," he said. That trust came from relationships established long before December 2020, from a culture where people knew their roles and respected each other's expertise.

Now Tim's focused on mentoring the next generation through the RSA Conference CSO Bootcamp, helping aspiring CISOs and security leaders at smaller companies build the knowledge, community, and relationships they'll need when—not if—their own December 12th arrives. He tailors every talk to his audience, never delivering the same speech twice. Context matters in crisis, but it matters in communication too.

Australia played a significant role during SolarWinds' incident response, with the Australian government partnering closely in January 2021. Tim hadn't been back in a decade, making his return to Melbourne for CyberCon particularly meaningful. He's there to share lessons earned the hardest way possible, and to remind security leaders that stress management, safe spaces, and knowing when to compartmentalize aren't luxuries—they're survival skills.

His keynote covers the different stages of incident response, how culture drives crisis outcomes, and why the teams that step up matter more than the ones that run away. For anyone leading security teams, Tim's message is clear: build trust now, before you need it.

AISA CyberCon Melbourne runs October 15-17, 2025 Coverage provided by ITSPmagazine

GUEST:

Tim Brown, CISO at SolarWinds | On LinkedIn: https://www.linkedin.com/in/tim-brown-ciso/

HOSTS:

Sean Martin, Co-Founder, ITSPmagazine and Studio C60 | Website: https://www.seanmartin.com

Marco Ciappelli, Co-Founder, ITSPmagazine and Studio C60 | Website: https://www.marcociappelli.com

Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverage

Want to share an Event Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrf

Want Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us

Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Comments

In Channel

The Silent Risk in AI-Powered Business Automation: Why No-Code Needs Serious Oversight | A Conversation with Walter Haydock | Redefining CyberSecurity with Sean Martin

2025-10-1638:21

Beyond the Title: What It Really Takes to Be a CISO Today — Insights Following A Conversation with Solarwinds CISO, Tim Brown | A Musing On the Future of Cybersecurity with Sean Martin and TAPE9 | Read by TAPE9

2025-10-1608:26

First CISO Charged by SEC: Tim Brown on Trust, Context, and Leading Through Crisis - Interview with Tim Brown | AISA CyberCon Melbourne 2025 Coverage | On Location with Sean Martin and Marco Ciappelli

2025-10-1526:54

Everyone Is Protecting My Password, But Who Is Protecting My Toilet Paper? - Interview with Amberley Brady | AISA CyberCon Melbourne 2025 Coverage | On Location with Sean Martin and Marco Ciappelli

2025-10-1328:05

Beyond Blame: Navigating the Digital World with Our Kids - Interview with Jacqueline (JJ) Jayne | AISA CyberCon Melbourne 2025 Coverage | On Location with Sean Martin and Marco Ciappelli

2025-10-1124:32

The Once and Future Rules of Cybersecurity | A Black Hat SecTor 2025 Conversation with HD Moore | On Location Coverage with Sean Martin and Marco Ciappelli

2025-10-0923:37

AI Creativity Expert Reveals Why Machines Need More Freedom - Creative Machines: AI, Art & Us Book Interview | A Conversation with Author Maya Ackerman | Redefining Society And Technology Podcast With Marco Ciappelli

2025-10-0843:24

When the Coders Don’t Code: What Happens When AI Coding Tools Go Dark? | A Musing On the Future of Cybersecurity with Sean Martin and TAPE9 | Read by TAPE9

2025-10-0809:35

Lo-Fi Music and the Art of Imperfection — When Technical Limitations Become Creative Liberation | Analog Minds in a Digital World: Part 2 | Musing On Society And Technology Newsletter | Article Written By Marco Ciappelli

2025-10-0514:33

The Hidden Cost of Too Many Cybersecurity Tools (Most CISOs Get This Wrong) | A Conversation with Pieter VanIperen | Redefining CyberSecurity with Sean Martin

2025-10-0352:20

SBOMs in Application Security: From Compliance Trophy to Real Risk Reduction | AppSec Contradictions: 7 Truths We Keep Ignoring — Episode 3 | A Musing On the Future of Cybersecurity with Sean Martin and TAPE9 | Read by TAPE9

2025-10-0102:33

AI Will Replace Democracy: The Future of Government is Here. Or, is it? Let's discuss! | A Conversation with Eli Lopian | Redefining Society And Technology Podcast With Marco Ciappelli

2025-09-2736:35

Why Identity Must Come First in the Age of AI Agents | A Black Hat SecTor 2025 Conversation with Cristin Flynn Goodwin | On Location Coverage with Sean Martin and Marco Ciappelli

2025-09-2621:45

How F-Secure Transformed from Endpoint Security to Predicting Scams Before They Happen | A Brand Story Conversation with Dmitri Vellikok, Product and Business Development at F-Secure

2025-09-2636:23

Why Cybersecurity Training Isn’t Working — And What To Do Instead | Human-Centered Cybersecurity Series with Co-Host Julie Haney and Guest Dr. Aunshul Rege | Redefining CyberSecurity with Sean Martin

2025-09-2545:26

A Mystery In Florence | A Short Story Written By Lucia & Marco Ciappelli (English Version) | Stories Sotto Le Stelle Podcast | Short Stories For Children And The Young At Heart

2025-09-1815:29

Why This Cybersecurity Executive Left Corporate to Start Asimily and Secure Healthcare, Manufacturing, and Critical Infrastructure | An Asimily Brand Origin Story with Shankar Somasundaram, CEO and Founder

2025-09-1734:52

The Problem With Threat Modeling in Application Security: Too Slow, Too Theoretical, Not Agile | AppSec Contradictions: 7 Truths We Keep Ignoring — Episode 2 | A Musing On the Future of Cybersecurity with Sean Martin and TAPE9 | Read by TAPE9

2025-09-1203:58

AI in Application Security: Why False Positives Still Overwhelm Teams Despite the Hype | AppSec Contradictions: 7 Truths We Keep Ignoring — Episode 1 | A Musing On the Future of Cybersecurity with Sean Martin and TAPE9 | Read by TAPE9

2025-09-0902:37

We Have All the Information, So Why Do We Know Less? | Analog Minds in a Digital World: Part 1 | Musing On Society And Technology Newsletter | Article Written By Marco Ciappelli

2025-09-0809:45

00:00

First CISO Charged by SEC: Tim Brown on Trust, Context, and Leading Through Crisis - Interview with Tim Brown | AISA CyberCon Melbourne 2025 Coverage | On Location with Sean Martin and Marco Ciappelli

Marco Ciappelli, Sean Martin, ITSPmagazine Event Coverage, Tim Brown

#box-pro-ellipsis-176064625829478{-webkit-line-clamp:2;}First CISO Charged by SEC: Tim Brown on Trust, Context, and Leading Through Crisis - Interview with Tim Brown | AISA CyberCon Melbourne 2025 Coverage | On Location with Sean Martin and Marco Ciappelli

First CISO Charged by SEC: Tim Brown on Trust, Context, and Leading Through Crisis - Interview with Tim Brown | AISA CyberCon Melbourne 2025 Coverage | On Location with Sean Martin and Marco Ciappelli

Marco Ciappelli, Sean Martin, ITSPmagazine Event Coverage, Tim Brown

First CISO Charged by SEC: Tim Brown on Trust, Context, and Leading Through Crisis - Interview with Tim Brown | AISA CyberCon Melbourne 2025 Coverage | On Location with Sean Martin and Marco Ciappelli