ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "Navigating CCO and CISO Liability Trends"
Episode Synopsis
Tom Fox and Jonathan Armstrong, renowned experts in cyber security, co-host the award-winning Life with GDPR. This episode discusses the complex topic of liability for the Chief Compliance Officer (CCO) and Chief Information Security Officer (CISO).
Tom and Jonathan begin by examining notable cases like Joe Sullivan, the former CISO at Uber, who faced prosecution for mishandling a ransomware threat. They also cover other significant cases like Carlos Abarca from TSB Bank and Tim Brown from SolarWinds, highlighting the increasing trend towards personal liability among high-ranking compliance and security officers. Jonathan points out that prosecutors and legislators focus more on individual accountability, driven by the belief that this approach will encourage others to adhere to standards more rigorously. They explore the implications of misleading LinkedIn profiles and the importance of thorough due diligence when taking on new roles. The episode provides practical advice for C-suite executives to protect themselves, including negotiating indemnity clauses and ensuring accurate job descriptions.
Key takeaways:
Chief Compliance Officer Liability Overview
Case Studies: Joe Sullivan and Uber, Carlos Barker and TSB Bank and Tim Brown and SolarWinds
Legislation and Trends in Personal Liability
SEC Formula for CCO Liability
Resources:
Connect with Tom Fox
LinkedIn
Connect with Jonathan Armstrong
Twitter
LinkedIn
PunterSouthall
Life with GDPR was recently honored as a Top Data Security Podcast
Learn more about your ad choices. Visit megaphone.fm/adchoices
Tom and Jonathan begin by examining notable cases like Joe Sullivan, the former CISO at Uber, who faced prosecution for mishandling a ransomware threat. They also cover other significant cases like Carlos Abarca from TSB Bank and Tim Brown from SolarWinds, highlighting the increasing trend towards personal liability among high-ranking compliance and security officers. Jonathan points out that prosecutors and legislators focus more on individual accountability, driven by the belief that this approach will encourage others to adhere to standards more rigorously. They explore the implications of misleading LinkedIn profiles and the importance of thorough due diligence when taking on new roles. The episode provides practical advice for C-suite executives to protect themselves, including negotiating indemnity clauses and ensuring accurate job descriptions.
Key takeaways:
Chief Compliance Officer Liability Overview
Case Studies: Joe Sullivan and Uber, Carlos Barker and TSB Bank and Tim Brown and SolarWinds
Legislation and Trends in Personal Liability
SEC Formula for CCO Liability
Resources:
Connect with Tom Fox
Connect with Jonathan Armstrong
PunterSouthall
Life with GDPR was recently honored as a Top Data Security Podcast
Learn more about your ad choices. Visit megaphone.fm/adchoices
More episodes of the podcast Life with GDPR
A Compliance Roadmap for ADS/ADMT - Part 2: Understanding Opt-In and Opt-Out Requirements
14/10/2025
Cookie Compliance
27/03/2025
Navigating the EU AI Act
09/01/2025
AI Regulation in The EU
15/08/2024
In God we trust