Life With GDPR Podcast: CCO & CISO Liability Trends

Tom Fox and Jonathan Armstrong of Punter Southall Law co-host the award-winning Life with GDPR. In this episode, they discuss the complex topic of liability for the Chief Compliance Officer (CCO) and Chief Information Security Officer (CISO).

Tom and Jonathan begin by examining notable cases like Joe Sullivan, the former CISO at Uber, who faced prosecution for mishandling a ransomware threat. They also cover other significant cases like Carlos Abarca from TSB Bank and Tim Brown from SolarWinds, highlighting the increasing trend towards personal liability among high-ranking compliance and security officers.

Jonathan points out that prosecutors and legislators focus more on individual accountability, driven by the belief that this approach will encourage others to adhere to standards more rigorously. They explore the implications of misleading LinkedIn profiles and the importance of thorough due diligence when taking on new roles. The episode provides practical advice for C-suite executives to protect themselves, including negotiating indemnity clauses and ensuring accurate job descriptions.