SEC Fines Four Companies $6M for Misleading Cybersecurity Breach Disclosures

Tuesday, 22/10/2024 | 19:32 GMT by Jared Kirui
  • The companies reportedly downplayed the severity of cyberattacks, particularly related to a significant breach.
  • The regulator also mandated the companies to improve their cybersecurity controls.
SEC

The Securities and Exchange Commission (SEC) charged four companies for alleged misleading information to investors regarding cybersecurity incidents.

Alleged Inadequate Cyber Disclosures

The SEC charged Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd, and Mimecast Limited with misleading investors regarding cybersecurity incidents. According to the watchdog, the companies downplayed the seriousness of cyber intrusions related to one of the most high-profile breaches in recent years.

The regulator mentioned that the four companies faced cyberattacks but failed to disclose the full scope of the incidents, leaving shareholders in the dark. As a result, the SEC fined the companies $6 million.

Commenting on the enforcement action, Sanjay Wadhwa, the Acting Director of the SEC’s Division of Enforcement, said: “As today’s enforcement actions reflect, while public companies may become targets of cyberattacks, it is incumbent upon them not to further victimize their shareholders or other members of the investing public by providing misleading disclosures about the cybersecurity incidents they have encountered.”

“Here, the SEC’s orders find that these companies provided misleading disclosures about the incidents at issue, leaving investors in the dark about the true scope of the incidents.”

The companies involved reportedly did not admit to or deny the charges but agreed to cooperate with the SEC by improving their cybersecurity controls. Each firm is now required to cease any future violations of the charged provisions.

The investigation into these firms was led by the SEC’s Crypto Assets and Cyber Unit, further emphasizing the agency’s commitment to holding companies accountable for cybersecurity-related disclosure failures.

Cybersecurity and Fintech

Meanwhile, a recent report mentioned that cybersecurity is the most notable factor in fintech development globally, accounting for 63% of its influence. The findings are also based on a separate study by UnaFinancial, which noted that the fintech landscape is flourishing as countries strengthen their digital defenses. It added that security is both a technical requirement and an important financial innovation.

Interestingly, the global fintech sector is defined by its reliance on cybersecurity, with the new study demonstrating a strong correlation between cybersecurity market size and fintech expansion.

The report found that the correlation coefficients between cybersecurity and fintech expansion in Europe and America were as high as 0.8714 and 0.9762, respectively. Accordingly, it suggested that investments in digital security infrastructure support fintech adoption.

The Securities and Exchange Commission (SEC) charged four companies for alleged misleading information to investors regarding cybersecurity incidents.

Alleged Inadequate Cyber Disclosures

The SEC charged Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd, and Mimecast Limited with misleading investors regarding cybersecurity incidents. According to the watchdog, the companies downplayed the seriousness of cyber intrusions related to one of the most high-profile breaches in recent years.

The regulator mentioned that the four companies faced cyberattacks but failed to disclose the full scope of the incidents, leaving shareholders in the dark. As a result, the SEC fined the companies $6 million.

Commenting on the enforcement action, Sanjay Wadhwa, the Acting Director of the SEC’s Division of Enforcement, said: “As today’s enforcement actions reflect, while public companies may become targets of cyberattacks, it is incumbent upon them not to further victimize their shareholders or other members of the investing public by providing misleading disclosures about the cybersecurity incidents they have encountered.”

“Here, the SEC’s orders find that these companies provided misleading disclosures about the incidents at issue, leaving investors in the dark about the true scope of the incidents.”

The companies involved reportedly did not admit to or deny the charges but agreed to cooperate with the SEC by improving their cybersecurity controls. Each firm is now required to cease any future violations of the charged provisions.

The investigation into these firms was led by the SEC’s Crypto Assets and Cyber Unit, further emphasizing the agency’s commitment to holding companies accountable for cybersecurity-related disclosure failures.

Cybersecurity and Fintech

Meanwhile, a recent report mentioned that cybersecurity is the most notable factor in fintech development globally, accounting for 63% of its influence. The findings are also based on a separate study by UnaFinancial, which noted that the fintech landscape is flourishing as countries strengthen their digital defenses. It added that security is both a technical requirement and an important financial innovation.

Interestingly, the global fintech sector is defined by its reliance on cybersecurity, with the new study demonstrating a strong correlation between cybersecurity market size and fintech expansion.

The report found that the correlation coefficients between cybersecurity and fintech expansion in Europe and America were as high as 0.8714 and 0.9762, respectively. Accordingly, it suggested that investments in digital security infrastructure support fintech adoption.

About the Author: Jared Kirui
Jared Kirui
  • 1513 Articles
  • 24 Followers
Jared is an experienced financial journalist passionate about all things forex and CFDs.

More from the Author

Retail FX