All Articles

A coalition of banking industry associations, including SIFA, the American Bankers Association (ABA), Bank Policy Institute (BPI), and several other lobbying groups have made a disgraceful appeal to the SEC to eliminate the rule requiring public disc

My article on Help Net Security highlighting how the banking industry is leveraging their powerful lobbying groups to try and undermine the U.S. Securities and Exchange Commission 4-day cybersecurity reporting rule, which has been in place for over a

Banking industry lobbyists are pressuring the SEC to gut the four-day breach disclosure rule — an essential safeguard for shareholders and potential victims. Their arguments are misleading, self-serving, and designed to protect profits over public tr

The SEC has fined four major companies for materially misleading investors regarding cyberattacks.

Tech in Trouble

Regulatory actions have been brought against Unisys, Avaya, Check Point, and Mimecast for their purposeful decisions to not clearly infor

More SEC rules, this time mandating financial firms inform victims of data breaches within 30 days!

Why wasn't this already a requirement?

Last year, the SEC instituted requirements for publicly traded companies to inform investors of material cybersec

The SEC case against SolarWinds and their CISO continues to reverberate across the cybersecurity community. I talk with Edward Amoroso, the Founder and CEO of TAG Infosphere, to discuss different aspects of the case and recent SEC requirements for di

The SEC case against SolarWinds and their CISO has opened a hornet’s nest and half of the cybersecurity community is up in arms, claiming that the SEC is unfairly making CISOs the scapegoats, when they are only trying to do their difficult job. WRONG