The Lawfare Podcast: Shoba Pillay and Jennifer Lee on the SEC SolarWinds Enforcement Action
Published by The Lawfare Institute
in Cooperation With
The fallout from the SolarWinds intrusion took a new turn with the U.S. Security and Exchange Commission’s (SEC) decision to file a cybersecurity-related enforcement action against the SolarWinds corporation and its Chief Information Security Officer (CISO), Timothy G. Brown, on October 30 of last year. To talk about the details and significance of this enforcement action, Lawfare Senior Editor Stephanie Pell sat down with Shoba Pillay, a partner at Jenner & Block and a former federal prosecutor, and Jennifer Lee, also a partner at Jenner & Block and a former Assistant Director in the SEC’s Division of Enforcement. They discussed the cybersecurity and national security implications of the SolarWinds hack, what the SolarWinds enforcement action suggests about the SEC’s expectations for disclosure obligations of companies, and whether the SEC or another agency is best suited to determine whether and how SolarWinds should be held accountable. They also discussed larger takeaways and messages sent by the SEC’s decision to charge a CISO in this case.