It was, according to NPR, a hack “unlike any other.” In 2020, SolarWinds, a Texas-based company, conducted a seemingly routine software update to its network management system. However, what happened next was anything but routine. As it turned out, hackers had inserted a code into that update that unleashed a massive cyberattack against the United States. And SolarWinds is still feeling the repercussions of that attack, known as Sunburst. In June, SolarWinds revealed that several current and former executives, including the CFO and CISO, received Wells Notices from the U.S. Securities and Exchange Commission indicating the intent to bring charges.

For many law firms and their publicly traded clients, a Wells Notice for a cyberbreach should be a serious wakeup call. In our last article, we discussed the perils of ransomware attacks and what law firms need to know about this in light of the White House’s National Cybersecurity Strategy. In this article, we discuss the cybersecurity perils involved with vendor management and the increasing liability that C-suite executives face when vendor management goes wrong.

This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.

To view this content, please continue to their sites.

Not a Lexis Subscriber?
Subscribe Now

Not a Bloomberg Law Subscriber?
Subscribe Now

Why am I seeing this?

LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.

For questions call 1-877-256-2472 or contact us at [email protected]