If Uber's ex-CSO Joe Sullivan answers these five questions, it will clear up a whole lot about the hack. Credit: Magdalena Petrova Uber’s CSO has been fired, according to a story in The New York Times.That begs the question — did Uber throw Sullivan under the bus, turning him into a scapegoat for the recently disclosed year-old hack?Sullivan’s reputation may suffer irreparable harm as a result of the high-profile termination, which is receiving widespread media attention.That may be OK by the ex-CSO if Uber paid him a 6-figure (or, dare anyone speculate, 7-figure) fee to keep quiet (as part of a non-disclosure, severance or some other agreement) — same as they did for the hackers who stole data and were paid $100,000 to destroy it. On the other hand, Sullivan may be getting exactly what he deserves — if in fact he knowingly violated the law.California’s new data security laws, which require businesses and government agencies to disclose hacks in a timely fashion, went into effect Jan. 1, 2016. Sullivan, an attorney, would, of course, be well aware of those laws.In fairness to anyone who gets fired, after a hack, they should be able to share their side of the story — especially someone with Sullivan’s background. He spent more than five years as CSO at Facebook and was associate general counsel for the social media giant before that. His resume includes senior legal and security roles at PayPal and eBay, and he was assistant U.S. attorney for the Computer Hacking and IP Unit, Northern District of California.In an instant, Sullivan may have gone from highly desirable to practically unhirable. Hearing his side of the story could change that.5 questions for Uber’s ex-CSOShould Sullivan be allowed to tell his story, here are five questions I hope he can answer:Did you intentionally conceal the recently disclosed Uber hack?Did you encourage Uber executive management to disclose the hack as required by law?Did you negotiate and agree to pay hackers $100,000 to destroy stolen data and keep quiet?Did you knowingly fail to encrypt Uber user and driver data, which in effect raised the severity level of the hack?Did you pay off the hackers under the guise of a bug bounty program?If and when Sullivan answers those questions, the cybersecurity community and media will have a much clearer picture of what occurred at Uber last year.Moving the questions over to a broader cyber forensics investigation, there are many more that Uber needs to answer. Cyber forensic questions for UberOndrej Krehel, CEO, founder and digital forensics lead at LIFARS — a global digital forensics and cybersecurity intelligence firm based in New York City — supplied five initial questions that his firm would ask if they were investigating the breach:How was the hacking incident discovered?What actions have been taken on the compromised system by IT administrators?How can we obtain or create a digital forensic copy of the compromised system?Are there any relevant logs or metadata information that can be beneficial for analysis and forensic triage?Can we review technical assessments conducted on the compromised infrastructure, such as secure code review or penetration test or similar?Once a qualified investigator looks under Uber’s IT hood, there’s a lot more to be learned about the epic failure to disclose.Regarding Sullivan, he’s innocent until proven guilty.Visit SteveOnCyber.com to read all of my blogs and articles covering cybersecurity. Follow me on Twitter @CybersecuritySF, or connect with me on LinkedIn. Send story tips, feedback and suggestions to me here. Related content feature Cyber NYC boosts the Big Apple's cybersecurity industry New York City Economic Development Corp. launches Cyber NYC to foster public-private partnerships focused on building a vibrant cybersecurity community and talent pool in the largest U.S. city. By Steve Morgan Feb 06, 2018 6 mins Internet Security IT Skills Careers opinion Young girls are society's future cyber crime fighters There are lots of opportunities for girls in cybersecurity. The problem is they don't know what those opportunities are. Parents and guidance counselors can help. By Steve Morgan Feb 05, 2018 5 mins Internet Security IT Skills Careers analysis Why healthcare cybersecurity spending will exceed $65B over the next 5 years Hospitals and healthcare providers remain under cyber attack, causing organizations to spend more to protect their systems and patient data. By Steve Morgan Feb 02, 2018 15 mins Data Breach Cyberattacks Hacking news Cybersecurity M&A deal flow: List of 200 transactions in 2017 Rising tide of mergers and acquisitions in the trillion-dollar cybersecurity market. By Steve Morgan Jan 26, 2018 35 mins Data and Information Security Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe