←back to thread

SEC charges four companies with misleading cyber disclosures

(www.sec.gov)
87 points impish9208 | 1 comments | 22 Oct 24 16:56 UTC | HN request time: 0.271s | source
Show context
MattSteelblade ◴[22 Oct 24 18:14 UTC] No.41917058[source]
> Unisys will pay a $4 million civil penalty;

> Avaya. will pay a $1 million civil penalty;

> Check Point will pay a $995,000 civil penalty; and

> Mimecast will pay a $990,000 civil penalty.

With the exception of Mimecast, these are companies that are bringing in billions of dollars in revenue annually. How is this supposed to deter them?

replies(8): >>41917158 #>>41917164 #>>41917717 #>>41917985 #>>41918127 #>>41918370 #>>41918473 #>>41924939 #
1. Terretta ◴[23 Oct 24 13:36 UTC] No.41924939[source]
What really gets attention is "consent orders" where if the regulated entity doesn't clean up the act, then that line of business, or the whole entity, gets shut down.

Often you may see this result in a divestiture, as in, unable to clean up, so we'll sell the client base to someone with better systems. (In theory. Almost inevitably, this drags a few legacy systems over anyway.)