In an article published by Corporate Counsel, Bass, Berry & Sims attorney Britt Latham provided insight on how the Securities and Exchange Commission (SEC) has been holding organizations accountable for data breaches even as the SEC faced its own cyberattack by an international insider trading ring.

He noted that, when companies fail to properly disclose or protect themselves against cyberattacks, “recent history shows the SEC is more likely to pursue enforcement action.” Britt cautioned that adequate cybersecurity policies, training and compliance should be a top priority for companies to avoid significant consequences. As he noted, “[i]t is astonishing that many still don’t have policies and procedures,” or fail to ensure “compliance with their own policies.”

“Companies have to be paying attention and educating themselves on what is the latest and greatest scheme or scam, and continue to improve and update their policies and train their people. The bad guys are only going to get more sophisticated. You have to have a big lock on the barn door and you have to improve that lock as we go forward,” Britt explained.

The full article, “Cyberattack on SEC Holds Warnings for all Organizations About Data Theft,” was published on January 16, 2019, by Corporate Counsel and is available online.