Tagged: cybersecurity controls

Episode 332 — Deep Dive into SEC’s Internal Controls and Cybersecurity Settlement with R&R Donnelly

In a significant expansion of internal controls enforcement, the SEC announced a $2.1 million settlement with R.R. Donnelley & Sons Co. (“RRD”) for its handling of a 2021 ransomware attack and resulting disclosure failures.  The settlement represents the SEC’s first application of its internal controls enforcement authority to include cybersecurity policies and procedures.  The SEC’s interpretation represents a significant expansion of its enforcement authority.  In...

The Cyber Compliance Imperative: Bringing Employees Together with Technology (Part III of IV)

The Cyber Compliance Imperative: Bringing Employees Together with Technology (Part III of IV)

It is easy to get lost in the technology world of cyber security – the information technology business relies on lots of acronyms, techno-speak and function-specific terminology.  In responding to a cyber and data security risk profile, laypersons expect to hear a lot about technology-driven solutions.  In fact, a lot of time is spent reviewing, assessing and selecting specific solutions to incorporate into an overall...