{"id":185188,"date":"2026-02-06T16:11:00","date_gmt":"2026-02-06T21:11:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/02\/06\/how-a-security-incident-impacted-one-cybersecurity-ceo\/"},"modified":"2026-02-06T16:15:09","modified_gmt":"2026-02-06T21:15:09","slug":"how-a-security-incident-impacted-one-cybersecurity-ceo","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/02\/06\/how-a-security-incident-impacted-one-cybersecurity-ceo\/","title":{"rendered":"How a security incident impacted one cybersecurity CEO"},"content":{"rendered":"<p><a href=\"https:\/\/www.itbrew.com\/stories\/2026\/02\/06\/life-post-breach-how-a-security-incident-impacted-one-cybersecurity-ceo\">How a security incident impacted one cybersecurity CEO<\/a><\/p>\n<p><a href=\"https:\/\/www.itbrew.com\/stories\/2026\/02\/06\/life-post-breach-how-a-security-incident-impacted-one-cybersecurity-ceo\">https:\/\/www.itbrew.com\/stories\/2026\/02\/06\/life-post-breach-how-a-security-incident-impacted-one-cybersecurity-ceo<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-02-06 16:11:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.itbrew.com\">www.itbrew.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points. \u2019Twas the night before Christmas, when all through the house, not a creature was stirring, not even a mouse\u2026but don\u2019t get too comfortable, because this isn\u2019t your traditional Christmas tale.Howard Ting was at home on Christmas Day 2024, playing with his kids, when he received a phone call from the CSO of Cyberhaven, alerting him to a security professional\u2019s worst nightmare: an employees\u2019 account had been compromised and used to upload a malicious version of its Chrome extension to select accounts.\u201cIt was an incredible roller-coaster of emotions,\u201d Ting, Cyberhaven\u2019s CEO at the time, told IT Brew. Cyberhaven had just wrapped up a \u201cphenomenal year,\u201d in his words: its valuation grew from $150 million to $1 billion, and it had added several marquee customers while concluding a series D funding round.\u201cI was on the highest of highs, and then less than two days later, I\u2019m in the depths of, \u2018Wow, could this kill our company?\u2019\u201d Ting, now the CEO of identity governance company Opal Security, recalled.I remember it like it was yesterday. In a December 2024 blog post\u2014penned by Ting and published two days after the incident was discovered\u2014the company confirmed the cyberattack occurred on Christmas Eve after a threat actor compromised a Cyberhaven employee account through a phishing attack.\u201cThe attacker was able to basically harvest the tokens or credentials of that developer and get access to our Chrome Store account,\u201d Ting said. \u201cWith access to our Chrome Store account, through APIs, they were able to update a malicious version of the extension to our account, which then subsequently got published and deployed to some of our customers.\u201dTing said the developer discovered and reported the incident early on Christmas Day, triggering the company to jump into incident-response mode. While Cyberhaven\u2019s CSO took the lead on the investigation, Ting recalled several decisions he had to make in his role as CEO.\u201cHow much do you disclose? How quickly do you disclose?\u201d Ting said. \u201cDo you disclose proactively to all your customers, even the ones that were not impacted? How much detail do you reveal?\u201dNeedless to say, Ting\u2019s holiday looked a little different than he expected: \u201c It was rough. I didn\u2019t have Christmas dinner with my family until the 30th that year.\u201dThe aftermath. According to the blog post, only \u201cChrome-based browsers that auto-updated\u201d in a short window of time between Dec. 25 and Dec. 26 were impacted. Cyberhaven notified both impacted and unimpacted customers of the incident and removed the compromised extension from the Chrome Web Store.While the industry has become attuned to CISOs facing the brunt of scrutiny after a security incident, BreachRx co-founder and CEO Anderson Lunsford said there have been multiple cases where CEOs and other C-suite executives are thrusted into the spotlight or held accountable for their role in the response.Top insights for IT prosFrom cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.\u201cIt\u2019s not just how the security team performs, but how the entire executive leadership performs,\u201d he said. In Ting\u2019s case, the event resulted in burnout and an emotional load for him and his team.\u201cIt\u2019s not just the chief security officers that pay that price,\u201d Ting said. \u201cI would say it\u2019s everyone around it that has ownership for the problem, that has ownership for the solution, and the breach in the first place.\u201dAfter the incident, Ting wasn\u2019t focused on how it would impact his career, but rather on how it would affect the broader company and its employees. Ting said a number of customers were impressed with how the company handled the crisis and communicated with them. However, not every stakeholder was as receptive.\u201cThere were some deals and some customers that basically were in the pipeline, that said, \u2018Look, we can\u2019t buy from a company that has an incident, period, just full stop,\u2019\u201d he said.\u201cIn the grand scheme of things\u2026it made the company a much more secure, stronger brand, and I think we built more trust with our buyers because we sell to security buyers,\u201d Ting added. \u201cWe\u2019re a cybersecurity company, and so for them to see how we responded, they also respected that.\u201dTing left Cyberhaven in 2025 for reasons unrelated to the security incident, landing at Opal Security later that year. He said the incident reinforced his commitment to the cybersecurity industry and his role in helping companies bolster their defenses to current threats.\u201cThere\u2019s so much more to do here and I want to continue on this side of the cyber battle,\u201d he said.Hear ye, hear ye. Looking back on his own experience, Ting said he wishes the industry would move past the misconception that vendors are solely worried about their own fate during security crises, rather than protecting customers. He also encouraged the industry to address the looming anxiety from CISOs of being held personally liable in security events at their companies.\u201cI wonder if there\u2019s enough there for our cyber professionals and cyber leaders to make sure that we\u2019re not scaring off great talent and disincentivizing them from doing their work to help our community be more secure,\u201d Ting said.Are you an IT pro who served as a CISO at a company when it experienced a security incident? Email [email\u00a0protected] or ask Brianna for her Signal.<br \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>How a security incident impacted one cybersecurity CEO https:\/\/www.itbrew.com\/stories\/2026\/02\/06\/life-post-breach-how-a-security-incident-impacted-one-cybersecurity-ceo Publish Date: 2026-02-06 16:11:00 Source Domain:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":185189,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/cdn.sanity.io\/images\/bl383u0v\/production\/fb2e815334fdd8733b5010f9e78a0a28758b33ad-11180x4472.jpg?rect=1331,0,8518,4472&w=1200&h=630&q=70&fit=crop&auto=format","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[30,24,25,34],"class_list":["post-185188","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-breach","tag-cybersecurity","tag-phishing","tag-threat-actor"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/185188"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=185188"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/185188\/revisions"}],"predecessor-version":[{"id":185190,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/185188\/revisions\/185190"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/185189"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=185188"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=185188"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=185188"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}