BlackCat's breach of the financial services software company MeridianLink was promptly patched and fixed (according to media) - but what was unique (and scary) to those of us in the Financial Services industry was that the ransomware company then filed a complaint with the SEC that their victim failed to comply with the SEC's upcoming cyberattack disclosures rules requiring companies to report any "material cybersecurity incident." Aside from the threat of setting a horrible example, this incident brings up multiple questions about IRP, interpretations of materiality and disclosure policies and procedures and how they can not only impact any company (not just FIs) but also how this can impact the IT, Data and Security teams inside of organizations as the SEC is coming after practitioners personally (anyone watching SolarWinds?) and hackers are using the SEC requirements as part of the ransoming.
------------------------------
Weiyee In
------------------------------