Former Uber CISO Convicted

October 10, 2022

crowd-of-people-and-judge-gavel-picture-id1314309919

Chief Information Security Officers who were watching former Uber CISO Joe Sullivan’s trial to see if they should demand coverage under their company’s D&O insurance have an answer. Maybe. Sullivan was the first in their profession to face trial. On Oct. 6 he was convicted of trying to conceal the details of a 2016 hack at Uber that exposed the email addresses and phone numbers of 57 million drivers and passengers. He faces prison time, but the appeal process is likely to be protracted. Meanwhile the regulatory protocol in respect to cybersecurity has evolved. Payoffs to extortionists are so routine that some security firms and insurance companies specialize in handling such transactions. The FBI’s official stance is against it, but unless those payments are to certain criminal gangs, mostly Russian, they ignore it. Nevertheless, Sullivan’s woes and ultimate conviction have CISOs worried that failing to follow emerging guidance might land them in the dock as well.

Critical intelligence for general counsel

Stay on top of the latest news, solutions and best practices by reading Daily Updates from Today's General Counsel.

Daily Updates

Sign up for our free daily newsletter for the latest news and business legal developments.

Scroll to Top