The U.S. Securities and Exchange Commission's Division of Corporation Finance recently issued new Compliance and Disclosure Interpretations concerning the reporting of #cybersecurity incidents under Item 1.05 of Form 8-K, providing specific guidance addressing scenarios involving #ransomware payments. Learn more: https://bit.ly/3RQeTWk
Morrison Foerster’s Post
More Relevant Posts
-
🧐 Watch out for your bank accounts! 💸 #Carbanak, the notorious banking #malware, is back with new tricks – impersonating business software to steal your $$$ ☠️ Stay vigilant & update your #cybersecurity defenses! Read the article: 👉https://bit.ly/3O9Toya
To view or add a comment, sign in
-
#CybersecurityNews 🔒 As ransom payments reach an all-time high, it’s time to look at attacks from a data perspective and find the greatest opportunities to stop these attacks 💀 Read More to stay #InTheKnow on all things #Ransomware https://lnkd.in/grp5jE2d
To view or add a comment, sign in
-
Global Medical Lead Innovation Scouting - Corporate Division Medicine @ Boehringer Ingelheim International GmbH
Very important and significant ruling by the U.S. Securities and Exchange Commission, related to #CyberSecurity, requiring the reporting of #CyberSecurityIncidents within 72 hours, i.e. less than four days ... and on a regular, annual basis! https://lnkd.in/e8znqW2F https://lnkd.in/emb2SKhG #DataBreach #DataPrivacy #DataProtection
To view or add a comment, sign in
-
The growth and sophistication of #cybercriminals, #ransomware, and hacker attacks necessitates new protections. Visit our #FICPAKnowledgeHub to explore the layers of security that experts recommend all #tax and #accounting firms have in place: https://bit.ly/484vbRF
To view or add a comment, sign in
-
It's surprising how reluctant companies are in admitting the ransom payment. In our loss data based on companies' financial reports, only 11% 😅 mentioned the ransom amount or confirmed making the payment. This stands in stark contrast to studies by Kaspersky and Statista, which found that 56% and 73% of companies, respectively, admitted paying ransoms. Probably, it is easier to acknowledge making the payment in a global, anonymous survey than in their own annual or quarterly reports or press releases. As the motto goes, “I won't say anything unless someone asks.” Read more in our study: https://lnkd.in/e9BHwFp7 #ransomware #cyberrisk #memes #lossdata #crq #informationsecurity
To view or add a comment, sign in
-
We are witnessing a significant backlash against Dataprev due to security breaches, resulting in data leaks and disruptions in social security services. Stay informed about the latest developments on this critical issue by reading the full article at https://ift.tt/BR3NJZW.
To view or add a comment, sign in
-
Hot off the presses, here is my recent interview with NetDiligence® on ransomware, fighting the bad guys, and best practices for incident responders. Give it a read and let me know your thoughts on how else the industry can improve its approach!
Do you know where your #ransomware payment is really going? We talked to David Cole at NetDiligence Breach Coach firm Freeman Mathis & Gary, LLP about how his firm leverages tech to ensure ransom payments do not violate US #cybersecurity laws. https://hubs.la/Q01_sw7g0
Ransomware Payment Tracking | NetDiligence
To view or add a comment, sign in
-
Laws and regulations have some interesting outcomes - nobody thought the ADA would cover websites, until someone thought of it. We can be pretty sure that the SEC didn't think its new data breach rule would be a tool for bad actors, but it is. ALPHV/BlackCat, a well-known ransomware gang, claimed to have hacked publicly traded MeridianLink, a provider of cloud-based software solutions to financial institutions, in early November. BlackCat didn't get a quick response, and posted a screenshot of an SEC whistleblower complaint claiming MeridianLink didn't report the incident under Form 8-K "within the stipulated four business days, as mandated by the new SEC rules." As one commentator pointed out, the SEC probably didn't have this in mind when it adopted the new rule. #ransomware #databreach #databreachreport #SEC #BlackCat #extortion #cybersecurity
To view or add a comment, sign in
-
If a tree falls in a forest and no one is around to hear it, does it make a sound? If you are a poor ransomware threat actor and the mean old breach victim isn't negotiating, how do you make sure the tree makes a sound? You complain to the regulator. Yeah. that will teach them, for sure. The SEC's cyber disclosure rule says a breach must be disclosed to the SEC in "four days", so the ALPHV/BlackCat ransomware gang filed a complaint to the SEC when their alleged victim, MeridianLink, did not file a disclosure. Many others have pointed out that the SEC rule does not come into effect until December 15. But I still think this was an effective tactic by ALPHV/BlackCat, because it is getting huge publicity (yes, I am sharing the news too). MeridianLink may not be dinged by the SEC in this case, but now many more people know about the alleged breach. Read the gory (or funny) details here: https://lnkd.in/ed8GDnrQ (unless ALPHV is just trolling the SEC; which is unlikely but not impossible) [Image from databreaches.net; link above] #breach #cyberdisclosure #ransomware #SEC #MeridianLink #ALPHV
To view or add a comment, sign in
-
More and more security providers are being asked by their customers to provide #darkweb #intelligence. In this short video, Andy Scutt explains why this is and what MSSPs and VARs can do to meet this growing demand to help them address the blind spot in their defences and give them advanced warning of #ransomware, criminal, and threat group activity. Learn more at https://lnkd.in/eZb6xN6U .
To view or add a comment, sign in
56,387 followers