Bass, Berry & Sims attorney Britt Latham provided insight for two separate articles examining the Securities and Exchange Commission (SEC) Investigative Report released on October 16 which discussed recent email spoofing schemes that caused nine public companies to lose a total of nearly $100 million.

While the SEC chose not to enforce action against the nine companies, the report serves as a reminder to publicly traded companies that they must have proper safeguards in place to avoid cyber risk and shareholder losses. “The SEC has been reluctant to pile on and seek action against these companies that have been victimized, but they also have an obligation to protect shareholders,” Britt noted in a Law360 article. Britt further noted that “with this report, and with more and more incidents, they are inching closer to the point where they are going to take action even if it seems like [adding] insult to injury.”

Britt separately told a reporter for Corporate Counsel: “I think companies will see this report as a warning that they’ve got an obligation to do all they can do to prevent the intruders from coming into the house. If they don’t lock the doors and windows properly, they can be punished for that.”

The full articles can be accessed at the links below: