A business communications and marketing services company agreed to pay more than $2 million to settle charges levied by the Securities and Exchange Commission (SEC) over cybersecurity-related control violations.
Chicago-based R.R. Donnelley & Sons Company (RRD) agreed to cease and desist from further violations in reaching the settlement, the SEC announced in a press release Tuesday. RRD failed to “design effective disclosure controls and procedures to report relevant cybersecurity information to management … and failed to carefully assess and respond to alerts of unusual activity in a timely manner,” the SEC alleged.
