X
SEC’s X account hacked: Unlike Mandiant, no MFA was in place
"The SEC has not approved the listing and trading of spot bitcoin exchange-traded products"
SEC
New SEC cyber rules are go...
Firms need to disclose any cybersecurity incident they determine to be material and to describe the material aspects of the incident's nature, scope, and timing within four days.
CISO
As SEC’s SolarWinds charges reverberate, companies scrutinise cyber risk disclosures
'Do not state anything that is subjective and avoid adjectives (e.g., "state of the art," "mature," "advanced," "appropriate," "comprehensive," or "reasonable")' say experts.
SolarWinds
SolarWinds sued by SEC over 2019 monster hack, CISO also charged with fraud, control failures
SolarWinds’ poor controls... false and misleading statements and omissions, and the other misconduct... would have violated the federal securities laws even if SolarWinds had not experienced a major, targeted cybersecurity attack"
ESG/ClimateTech
Goldman Sachs' SEC fine shows ESG data, greenwash risks persist
Asset managers are playing fast and loose...
Enterprise IT
Shadow IT failings cost Morgan Stanley $200m as CIOs continue to grapple with WhatsApp use
UK government's self-deleting WhatsApp message use was legal, meanwhile...
Cybersecurity
SEC proposes new cybersecurity disclosure rules
XBRL filings would help investors evaluate public companies' resilience, incident reporting