This appears to be the first time that the SEC has sent a Wells Notice to a CISO. While novel, this Wells Notice furthers the SEC’s recent enforcement and rulemaking focus on meaningful and timely cybersecurity-related disclosures, as well as holding individual liable for their roles in company violations.