Tom Fox and Jonathan Armstrong, renowned experts in cyber security, co-host the award-winning Life with GDPR. This episode discusses the complex topic of liability for the Chief Compliance Officer (CCO) and Chief Information Security Officer (CISO).

Tom and Jonathan begin by examining notable cases like Joe Sullivan, the former CISO at Uber, who faced prosecution for mishandling a ransomware threat. They also cover other significant cases like Carlos Abarca from TSB Bank and Tim Brown from SolarWinds, highlighting the increasing trend towards personal liability among high-ranking compliance and security officers. Jonathan points out that prosecutors and legislators focus more on individual accountability, driven by the belief that this approach will encourage others to adhere to standards more rigorously. They explore the implications of misleading LinkedIn profiles and the importance of thorough due diligence when taking on new roles. The episode provides practical advice for C-suite executives to protect themselves, including negotiating indemnity clauses and ensuring accurate job descriptions.

Key takeaways:

• Chief Compliance Officer Liability Overview


• Case Studies: Joe Sullivan and Uber, Carlos Barker and TSB Bank and Tim Brown and SolarWinds


• Legislation and Trends in Personal Liability


• SEC Formula for CCO Liability

Resources:

Connect with Tom Fox

• LinkedIn

Connect with Jonathan Armstrong

• Twitter


• LinkedIn


• PunterSouthall

Life with GDPR was recently honored as a Top Data Security Podcast 

Learn more about your ad choices. Visit megaphone.fm/adchoices