Skip to main content
close search
site logo
Dive Brief

Check Point Software in SEC settlement talks in connection with SolarWinds probe

The cybersecurity firm provided documents and other information related to the 2020 supply chain hack of the SolarWinds Orion platform.

Published Dec. 13, 2023
David Jones's headshot
Reporter
SolarWinds
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by ismagilov via Getty Images

Dive Brief:

  • Check Point Software Technologies said it has cooperated with a Securities and Exchange Commission inquiry related to the SolarWinds Orion cyber vulnerability, according to a Dec. 5 filing with the SEC
  • Check Point voluntarily provided documents and other information, advising the agency of its access to the software. The company had access to a limited testing environment, but did not have any access to sensitive data, customer information, code or any other company assets, according to the filing. 
  • The company is in settlement talks with the SEC about whether this should have been disclosed in an annual report. Any payment it may need to make under an agreement is not expected to have a material impact, the company said.

Dive Insight:

The SEC has been investigating SolarWinds in connection with disclosures it made regarding the 2020 nation-state supply chain attack

The agency in October filed civil charges against the company and its CISO Timothy Brown — who was a VP of security in 2020 — alleging they misled investors about the company’s security capabilities. 

SolarWinds officials have vehemently denied the allegations, claiming the entire investigation was improper, citing years of cooperation with federal authorities on working to improve the nation’s cyber infrastructure and secure development practices. 

The SEC previously sent a Wells Notice to SolarWinds in connection with an investigation of Brown as well as the company’s CFO, though the CFO was not charged.

The SEC has requested companies to voluntarily provide information in connection with the SolarWinds investigation. The questions relate to failures to disclose information to investors.  

Asked specifically about the other requests, a spokesperson for the SEC said the agency does not comment on the existence or non-existence of investigations.

Check Point said any payment to the SEC would not have a material impact on its financial results, operations or overall financial condition.

A spokesperson for Check Point declined to elaborate on the disclosures, but emphasized the talks may or may not result in a settlement. 

The company also cautioned there is no guarantee the negotiations will be settled under the current terms being discussed. Any settlement with the SEC would be subject to approval by the agency’s commissioners, according to the filing. 

It is not immediately known whether the SEC contacted other security companies.

Editors' picks

Company Announcements

View all | Post a press release
Nile Adds Industry’s First Campus Zero Trust Delivered As a Service
From Nile
November 21, 2024
DigiCert Unveils 2025 Security Predictions
From DigiCert
November 21, 2024
TrustNet Named 2024’s Best Compliance Advisory and Audit Firm at CDM’s Annual Top InfoSec Inno…
From TrustNet
November 06, 2024
Fathom5’s ARIA Technology Joins NSIN Propel Maritime Digital Defense Accelerator
From Fathom5
November 18, 2024
Editors' picks
Latest in Cyberattacks
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell