Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. Today, Matt and Tom take a deep dive into the difference between a privacy breach and a ransomware attack.
Some of the issues we consider are:
- Why are privacy breaches different from ransomware attacks?
- What is an authenticated v. unauthenticated cyber-attack?
- Why would the SEC get involved?
- What are the internal controls need to prevent and detect a ransomware attack? How will they be audited?
- How can a material weakness in internal controls around ransomware lead to a financial restatement?
- What will the SEC look at from an enforcement angle?
Resources
Matt in Radical Compliance