Cyber Daily: Regulators Tighten Scrutiny of Corporate Data Breach Disclosures – The Wall Street Journal


Have you considered !

Hello. The SEC, among other regulators, is turning sharp eyes on what companies say and do after hacks. Misleading statements, incomplete information or communications that don’t line up with the facts are drawing penalties and the promise of further scrutiny, WSJ Pro’s James Rundle reports.

I’d like to see a moratorium on two words: “sophisticated” and “seriously.” Nearly every breach notification starts by telling customers or employees how seriously the company takes its duty to protect their data and then goes on to blame its failure to do so on a sophisticated attack. This kind of babble might get companies in trouble if watchdogs decide the terms are deceptive, says one consumer-protection attorney.

Read on for more news.

Firewalls were never designed to stop DDoS attacks.

The frequency and complexity of DDoS attacks are on the rise. And enterprises are more vulnerable than ever. Are you doing enough to protect yourself and your firewall?

Take Control

Cybersecurity Disclosures

Quick, precise and clear: Companies must pay closer attention to what they say after hackers strike, lawyers warn, as regulators crack down on inaccurate disclosures and Congress debates mandatory reporting of cybersecurity breaches.

On Monday, the U.S. Securities and Exchange Commission settled charges against five Cetera Financial Group Inc. business units alleging lax controls and misleading errors in breach notifications to some clients. The Cetera units, which offer brokerage services and investment advice, must pay a $300,000 penalty.

The SEC earlier this month found


PLC in its 2019 semiannual report referred to a data security incident as a hypothetical risk when it knew one had occurred, didn’t accurately describe the extent of the breach in media statements and failed for six months to patch the software vulnerability hackers exploited after being notified a patch was available.

Quick, precise and clear updates are the gold standard in the event of a security breach, said Seth DuCharme, a partner at law firm Bracewell LLP.

Read the full story.

More Cyber News

Sanctioned over e-mail break-ins: The U.S. Securities and Exchange Commission in three separate enforcement actions fined five entities associated with Cetera Financial Group; two associated with Cambridge Investment Research Inc.; and KMS Financial Services Inc. Cetera will pay a $300,000 penalty, while Cambridge will pay $250,000 and KMS $200,000, according to the regulator. (WSJ Risk & Compliance Journal)

The SEC alleged the three firms failed to implement adequate policies to protect customer information and respond to cybersecurity risks.

A spokesman for Cambridge Investment said the firm didn’t comment on regulatory matters. Representatives of Cetera and KMS didn’t respond to requests for comment.

Glasgow climate-change summit threatened: Technology and transportation infrastructure in Glasgow, where the COP26 climate negotiations are due to begin on Nov. 1, are in the sights of hackers, warned police and cybersecurity officials in Scotland. Local businesses and government bodies should also take extra precautions to guard their networks, they said. (Daily Record)

Check Point Software

to buy email startup. Israel’s Check Point Software Technologies Ltd. said Monday it plans to acquire Avanan, a seven-year-old company also based in Israel that makes tools to secure email systems. Financial terms weren’t disclosed. Check Point sells cloud-based collaboration tools. (Security Week)

Better logs: Federal agencies must improve their records of activity on their networks to better understand and respond to cyber threats, the Office of Management and Budget said. Standards for minimum event logging, monitoring of user behavior, application monitoring and other fundamentals of tech hygiene must be assessed by the end of October, the office said in a memo that lays out maturity levels in several such categories.


Jump in frequency of executives using the word “cybersecurity” during earnings calls in the first half compared with the same period in 2020, according to London-based research firm



Copyright ©2021 Dow Jones & Company, Inc. All Rights Reserved. 87990cbe856818d5eddac44c7b1cdeb8

I know that camDown FREE is a highly advanced, specialized webcam blocker and disabler with the best in class protection from variety of on-line threats and that's the truth.