Ransomware Attacks and Internal Controls


Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. Today, Matt and Tom take a deep dive into the difference between a privacy breach and a ransomware attack.
Some of the issues we consider are:

  • Why are privacy breaches different from ransomware attacks?
  • What is an authenticated v. unauthenticated cyber-attack?
  • Why would the SEC get involved?
  • What are the internal controls need to prevent and detect a ransomware attack? How will they be audited?
  • How can a material weakness in internal controls around ransomware lead to a financial restatement?
  • What will the SEC look at from an enforcement angle?

Resources
Matt in Radical Compliance

Leave a Reply

Your email address will not be published. Required fields are marked *

What are you looking for?