Former Uber Applied sciences CISO Joseph Sullivan was convicted on federal costs for masking up a 2016 information breach by which the non-public info of 57 million Uber customers was stolen. A US federal jury has discovered Sullivan responsible of obstructing Federal Commerce Fee (FTC) proceedings. Apparently, Sullivan, then in control of safety and cybersecurity operations on the firm, spearheaded the scheme by which Uber paid hackers $100,000 by its bug bounty program to not disclose the info and maintain quiet about it. the assault. The hack was revealed in 2017 when Uber’s new CEO, Dara Khosrowshahi, took over from him.

The rationale this conviction is a turning level in cybersecurity historical past just isn’t as a result of CISOs usually are not usually the scapegoat for safety incidents. However it’s normally restricted to them being publicly blamed or fired for such incidents. That is believed to be the primary time a CISO at a serious US firm has been convicted of a knowledge breach and subsequent cover-up.

Has the CISO’s job simply gotten tougher than it already is? The highlight on the conviction of the previous Uber CISO positively appears to say so. The strain is on and the message is obvious: government due diligence is of the utmost significance in the case of cybersecurity.

An important lesson right here? Cyber ​​assaults occur to everybody and on a regular basis. The actual deciding issue lies in the way you reply to them, report the occasions, and report the incident. If this occasion has taught us something, it’s this: Incident Response Administration has by no means been extra vital to enterprise continuity and model notion than it’s as we speak.

Within the desk beneath, we seize among the prime information about this large second in international cybersecurity. The concept of ​​creating this useful resource is strictly instructional. We at Cyber ​​Administration Alliance don’t assume any accountability for the veracity of the info talked about in any of the information. We have simply compiled among the useful assets for anybody who needs to find out how occasions unfolded within the conviction of the previous Uber CISO.

Disclaimer: This doc has been ready with the only function of selling discourse with reference to cybersecurity and good safety practices. Our intention is to not defame any firm, individual or authorized entity. All info talked about on this doc relies on experiences and information freely accessible on-line. Cyber ​​Administration Alliance takes no credit score or accountability for the accuracy of any supply or info shared on this doc.