SEC Charges Four Companies With Misleading Cyber Disclosures
October 2024 by Keith McCammon, CTO of Red Canary
SEC Charges Four Companies With Misleading Cyber Disclosures : comments by Keith McCammon, CTO of Red Canary, regarding cybersecurity risk and intrusions, following the compromise of SolarWinds’ Orion software
"This action is notable as the SEC is looking retroactively at major incidents such as the SolarWinds breach, and imposing fines based on violations of long-standing rules. This underscores the importance of clear, honest, and timely disclosure of material cybersecurity incidents to all stakeholders. One of the best things companies can do to prepare is to clearly define a material cybersecurity incident in the context of their business, where a key component of both the criteria and response plan is the identification of key stakeholders. We are starting to see more and clearer signals that the U.S. government at-large—via the National Cybersecurity Strategy, CISA, and other agencies—will continue to push for legislation and enforcement as it relates to cybersecurity preparedness, compliance, and reporting."