Risky Bulletin Newsletter
October 07, 2022
Risky Biz News: Good news for the Capital One hacker, bad news for the former Uber CSO
Presented by

News Editor
Prosecutors did add wire fraud charges to Sullivan's case, related to the actual bug bounty payout to the hackers, in December 2021, but the charges were eventually dropped, leaving the core of the case to hinge around the Uber exec's obstruction of justice.
Sullivan, who once used to be a prosecutor in the same office that charged him now, faces up to eight years in prison and $500,000 in fines. His sentencing hearing has not been scheduled yet.
But regardless of the fine minutia of the case, the infosec industry has been seriously rocked by Sullivan's prosecution. Several opinions going online argue that the case will either drive away legitimate professionals from CISO/CSO roles to minor or completely different positions or industries or will drive up position salaries through the stratosphere if security execs are now literally expected to fall on the legal sword following a security breach and all the legal shenanigans that often take place in the backstage of many organizations. Because we know they do.