In a first, bold move by the Securities and Exchange Commission (SEC) following its new Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies, issued on July 26, 2023, this week, the SEC filed suit against SolarWinds and its Chief Information Security Officer (CISO) alleging that SolarWinds and its CISO

In a 3-2 vote, the Securities and Exchange Commission (SEC) adopted new cybersecurity rules yesterday (July 26, 2023) applicable to public companies.

The rules, which will become effective thirty days after publication in the Federal Register, require public companies to “disclose material cybersecurity incidents they experience and to disclose on an annual basis material information

The Justice Department and the Security and Exchange Commission (SEC) have charged eight men of using their social media clout to manipulate investors in a stock pump-and-dump scheme [view related]. The defendants allegedly took to Twitter and Discord to promote themselves as seasoned stock traders and, according to the SEC’s press release, fed their

Manufacturers of products often are not prepared for, or aware that cybersecurity incidents can disrupt production and distribution of product. A recent filing by Molson-Coors Beverage Company illustrates that manufacturers face similar cybersecurity risks as other industries.

On March 11, 2020, Molson-Coors filed a Form 8-K with the Securities and Exchange Commission stating that:

Molson 

It is no longer a matter of if, but when companies that suffer a data breach will be sued in a class action lawsuit following a data breach. Many of those data breach cases get dismissed, as it is difficult for consumers to show they have suffered a compensable harm from a particular data breach.

On July 10, 2020, the Securities and Exchange Commission, through its Office of Compliance Inspections and Examinations (OCIE), issued a warning to advisors and broker-dealers to “immediately” review their cybersecurity controls to prevent and respond to an increase in phishing campaigns and ransomware attacks.

The Risk Alert advises that the OCIE has “observed an apparent

The criminals behind the Maze ransomware [view recent related posts here and here] have gone big and hit Cognizant, one of the largest technology consulting companies in the U.S., with its nasty ransomware.

Cognizant stated on its website that it “can confirm that a security incident involving our internal systems, and causing service disruptions

In a contentious move, the Securities and Exchange Commission (SEC) recently sued Kik Interactive Inc. for its Initial Coin Offering of $100 million, alleging it violated securities laws by not registering the offering with the SEC.

The SEC alleges that the fundraising of $100 million was illegal because it did not provide proper disclosures to

Community Health System, located in Tennessee, has agreed to settle claims made against it arising from a 2014 data breach for $4.5 million. The data breach, believed to be caused by Chinese hackers, compromised the names, dates of birth, addresses, telephone numbers, and Social Security numbers of 4.5 million patients of the hospital system, which