> Recognizing that reality, the Commission’s proposed order will follow Rellas even if he leaves Drizly. Specifically, Rellas will be required to implement an information security program at future companies if he moves to a business collecting consumer information
I'm not aware of any other decree following the CEO to other companies.
Interesting - as cybersecurity insurance becomes more popular, I'm curious how orders like this will affect that. Maybe there will be a new checkbox on insurance forms saying "I'm not personally sanctioned by the FTC for information security lapses"
That's an interesting thing to hang around his neck. You'd hope all companies like that (25k+ customers) already have an information security program though. Maybe Relias can take it as a selling point and has a future as an infosec CEO?
> Recognizing that reality, the Commission’s proposed order will follow Rellas even if he leaves Drizly. Specifically, Rellas will be required to implement an information security program at future companies if he moves to a business collecting consumer information
I'm not aware of any other decree following the CEO to other companies.