SEC Investigative Report: Public Companies Should Consider Cyber Threats When Implementing Internal Accounting Controls
According to a press release from the SEC, “The Securities and Exchange Commission [last Tuesday] issued an investigative report cautioning that public companies should consider cyber threats when implementing internal accounting controls. The report is based on the SEC Enforcement Division's investigations of nine public companies that fell victim to cyber fraud, losing millions of dollars in the process. […] The companies, which each had securities listed on a national stock exchange, covered a range of sectors including technology, machinery, real estate, energy, financial, and consumer goods. Public issuers subject to the internal accounting controls requirements of Section 13(b)(2)(B) of the Securities Exchange Act of 1934 must calibrate their internal accounting controls to the current risk environment and assess and adjust policies and procedures accordingly.” While the SEC did not press charges on the nine companies, Reuters noted in an article that this press release points out how the companies could violate federal law if cybersecurity is weak.
FICO and U.S. Chamber of Commerce Release First U.S. Cybersecurity Assessment
A report from FICO and the U.S. Chamber of Commerce made the rounds last week after its release on October 11. According to a press release, the assessment noted the following key points:
Princeton University Study Shows Connection Between Hacking IoT Devices and Disrupting Power Grid
A concerning study from Princeton University shows a connection between the hacking of IoT devices (such as appliances) and using those hacked devices to cause power outages. The abstract of the research report talks about “a new class of potential attacks on power grids called the Manipulation of demand via IoT (MadIoT) attacks that can leverage such a botnet in order to manipulate the power demand in the grid. […] [The] MadIoT attacks can result in local power outages and in the worst cases, large-scale blackouts.” In an article discussing this study, Fortune notes: “Attacks on internet-connected devices are on the rise, as the technology becomes more available, with a 600% increase in attacks in 2017 from 2016, WSJ reported.”
Cybersecurity Reports and Surveys Roundup
We’ve rounded up a few of the best cybersecurity reports and surveys released last week:
Israeli Cyber Consulting and Incident Response Company Sygnia to Be Acquired by Temasek
According to a press release, Sygnia, a cyber technology and services company providing high-end consulting and incident response support for organizations worldwide, announced last Tuesday that it will be acquired by Temasek, a global investment company headquartered in Singapore. Sygnia will maintain its operational independence while pursuing collaborations with Temasek and its portfolio companies. With the acquisition, the press release notes that Sygnia will grow its resources and expand its global reach as it continues building its capabilities as a world-class provider of cyber consulting and incident response services.