Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.


Status message

Start your free, no obligation 5-day trial to continue exploring with full access.

SEC warns companies to control phishing losses

Tammy Whitehouse | October 17, 2018

The Securities and Exchange Commission has put public companies on notice that their internal controls need to take into account the threat of losses resulting from cyber-attack, especially e-mail “phishing” scams.

The SEC issued an “investigative report” describing nine unnamed public companies that lost nearly $100 million, most of which could not be recovered, due to cyber-frauds. While the SEC says it did not charge any of the nine companies with any securities violations, it issued the report to explain the risks companies face and put them on notice they are potentially liable for such instances.

The SEC said the investigations focused specifically on “business e-mail compromises,” where cyber-crooks posed as company executives or vendors and used e-mail to trick someone...

Read this single article for $49, or click the subscribe button below to review subscription options.

Enjoy unlimited access to thousands of articles, browse five years of digital magazines, qualify for reduced admission to events, and more.