The Predictability Factor is a weekly deep dive at the intersection of AI, Security, Privacy and Tech, to help you Go From Chaos to Resilience in The World of AI.

Tim Brown, the former CISO of SolarWinds, was in Zürich when the words below hit him. No CISO wants to hear these words. Ever. It wasn't professional liability alone. It was a personal one that cost him.

Tim and I go way back. More than 7 years ago, we were the main keynote speakers at the same security conference, of all places, in Stockholm. Both Tim and I were working as CISOs when the news broke. It hit the whole community. And for those of us who were CISOs at the time, it hit differently, knowing your friend and peer is going through something you could never have imagined.

With AI, that liability has only grown. Most CISOs don't realise yet how much. Tim and I spent 1.5 hours on exactly discussing those important questions:

Liability has been shifting for CISOs and leaders responsible for AI risk.

During the legal course, this didn't just stay in the US. It affected the industry globally. Across Europe and EMEA, the questions were the same. What did it mean for Tim? What did it mean for CISOs everywhere? What did it mean for our industry?

Splunk's 2026 CISO Report puts a number on it: 78% of CISOs are concerned about personal liability for security incidents. Up from 56% the previous year.

CISOs are making consequential AI governance decisions without the necessary legal frameworks, board mandates, or regulatory safe harbours. Personal exposure is rising faster and will continue to do so than institutional protection.

The question is no longer whether CISOs can be held personally accountable.

It is this:

I sat down with Tim for 1.5 hours.

We went through the details of the SolarWinds breach. What it meant for him. What it meant for his family. The courage he showed through five years of fighting. What's necessary for every CISO, security practitioner and leader today. And what it means for every CISO navigating the era of AI.

This is one of the most emotional conversations I've had on Monica Talks Cyber since the first episode.

Tim showed up with courage for five years. He fought back when most would have folded. He sat with me and shared it in a way he has never shared before.

October 2023, Tim is in Zürich, presenting at a security conference. His phone rings. It is his attorney.

He flew home. At the airport, he could not walk from the terminal to his car without stopping. His wife drove him to the emergency room that Saturday night. Blood tests came back with the enzyme that confirmed a heart attack. 95% blockage in one artery, 75% in another. Four days in hospital.

And while Tim lay there, the SEC's settlement offer arrived. The language, in his own words, was "personally attacking." It asked him to admit to things that were completely untrue. He refused to sign.

This is not just someone else's story. It is the most documented case in this industry of what personal liability looks like when it actually arrives at your door.

The first time in history that a CISO was personally charged by SEC (United States Securities and Exchange Commission). And it did not happen because Tim was incompetent, far from it. It happened because he was in the chair when the Russian SVR decided that SolarWinds was useful. It happened because nobody else took accountability for what went wrong. It happened because they found the CISO as the scapegoat.

In the age of AI, that calculus is getting faster, harder to detect, and harder to defend. And the accountability sitting on your shoulders is not getting lighter.

December 12, 2020. A Saturday morning, right in the middle of COVID. SolarWinds' CEO got a call from Mandiant's CEO with a single message: tainted code had shipped and was being exploited.

SolarWinds had around 300,000 customers and 50 products. They had shipped a compromised version of their Orion network management software to 18,000 of those customers across the globe. The number was terrifying before anyone understood what it meant.

The attackers were the Russian SVR. And they were not interested in SolarWinds. They were interested in what SolarWinds could open for them: four government agencies, a handful of corporate targets, and information they were willing to spend years acquiring.

The attack was methodical.

As Tim himself described it, this was a very well-run mission

I have been through my own share of crises. Not at this scale, but crises where the information you need is simply not all there, where the pieces of the jigsaw keep arriving in no particular order, and your job is to bring them together faster than the situation is moving.

I have managed crises where once someone who has ties to North Korea got into our infrastructure, where attackers used us as a stepping stone into our customers, where the first call came during a vacation, where I still remember every detail even years later because a crisis burns itself into you.

It is the discipline to act on incomplete information without mistaking speed for clarity.

And still, three years later, his phone rang in Zürich.

No CISO had ever been personally charged by the SEC before Tim Brown.

The charges arrived in October 2023, following a pre-wells notice that had come through in October 2022.

A pre-wells notice means the regulator is considering charging you. It is the moment your company's lawyers stop representing you and you need your own. Until that notice, the company had covered everyone.

After it, Tim was on his own. The company paid for his attorney, but the separation was legal and real: his charges, their charges, distinct.

What followed was years of discovery, depositions, and a complaint that grew nastier with every amendment. The final version alleged that from the day Tim joined SolarWinds, he had developed a scheme to defraud investors.

In July 2024, a federal judge dismissed 90% of the case. Unprecedented.

What remained was a claim built on five internal emails about access control issues, which the SEC argued showed a systemic problem in the security program. Tim's legal team could not introduce the thousands of instances where access control was working correctly. A motion to dismiss does not allow new evidence.

In November 2025, the SEC dropped the case entirely, without admission of wrongdoing.

The company had been insistent throughout the final stages: drop Tim from the case, or there is no settlement. SolarWinds' own general counsel, through a mediation process, put the reasoning plainly: "Because he didn't do anything wrong."

Tim draws his own line on what the case meant.

The industry is truly better for what he endured. But that belief does not soften what it means for you.

If you are reading this from, from within or outside the US, you may be thinking that the SEC is an American institution and this story belongs in another jurisdiction. It does not.

I led the implementation of NIS2 and DORA in one of my Group CSO roles.

Under NIS2, management bodies across the EU are legally required to approve and oversee cybersecurity risk management measures, with personal liability and temporary bans from management functions as consequences for failure. DORA, which has been fully in force since January 2025, allows fines against individuals of up to one million Euros.

These are not theoretical frameworks waiting to be tested. They are operational law right now, across every EU member state. The accountability that Tim faced in a New York federal court exists for you in Brussels, Dublin, Frankfurt, and Stockholm.

The question is no longer whether a CISO can be held personally accountable. Tim's case settled that. The question is what you are building today so that if the regulator arrives, you are not signing a document full of lies just to make it stop.

The SolarWinds attack was sophisticated. It was also slow. The Russian SVR spent a year on reconnaissance and preparation before they moved. A year of patience. A year in which, theoretically, someone could have caught them.

AI is closing that window permanently.

I gave a keynote in Canada last year about autonomous AI hacking. We are moving from reactive security to predictive security.

AI agents will execute complete cyber kill chains without human intervention. The Russian SVR took months to execute the SolarWinds attack. A machine could execute a similar campaign in a fraction of the time.

I asked Tim:

His answer was immediate: "Time is not on our side, and that's one of the big things AI has taken away from us."

He is right, and the evidence is already on the record. In November 2025, Anthropic documented the first AI-orchestrated cyber espionage campaign at scale. According to Anthropic, a Chinese state-sponsored group designated GTG-1002 used AI agentic capabilities to execute reconnaissance, exploitation, credential harvesting, lateral movement, and data exfiltration across approximately 30 organisations. Human operators chose the targets, approved the exploits and provided strategic direction. The rest was autonomous.

The same class of operation that the Russian SVR executed over months, an AI-powered threat agent now executes at a fraction of that time. And when something goes wrong at that speed, the accountability trail runs straight to you.

Decision making is a fundamental human trait. We make thousands of decisions every day. AI has changed how those decisions happen. AI is approving loans, screening resumes and you, and making health decisions for you.

Tim's case was ultimately not decided by what SolarWinds could prove happened. It was decided by what SolarWinds could prove it was doing before anything happened.

The documentation of a real, functioning security program. The record of risk communication. The evidence of diligence that was continuous, not performed for the occasion.

The practical reality for most CISOs is that the budget will not always follow the recommendation. The board will not always act on the risk communication. The business will override controls in the name of speed or cost. None of that absolves you. But all of it can be documented.

Every time you communicate a risk upward and it goes unaddressed, that record must exist. Every time a recommendation is declined, log it with the reasoning. You are not only running a security program. You are building the defence, responsibly, with due diligence and in advance, one documented decision at a time.

This is something I have done from early in all my CISO roles.

On the defensive side, the answer to AI-powered attacks is not more human analysts.

The attacker's current advantage is speed and autonomy. The defender's answer is building environments that are harder to read and harder to traverse, managed with AI rather than simplified for human comprehension.

SolarWinds' renewal rates dropped from 92% before the incident into the 80s at the height of the crisis. By their last public quarterly reporting, they were back at 98 to 99%. Transparency worked.

Tim Brown spent five years carrying something most CISOs will never fully understand unless they are sitting in the same chair. He had a heart attack in Zürich. He spent four days in hospital. He refused to sign a settlement that would have required him to lie. He fought, and he won.

AI is accelerating the attacks. NIS2 and DORA are formalising the personal accountability in Europe. The SEC has already tested the outer edge in the United States, and the line they found is this: if you are running a reasonable program, communicating risk appropriately, and acting with integrity, you have a defense. If you are not, you do not.

The precedent Tim set is that you can fight and you can win. But that requires having built something worth defending before the call arrives.

What does your AI and Cyber program look like today? Watch/Listen to the entire conversations between Tim and I below.