The US Securities and Exchange Commission (SEC) sanctioned eight financial firms for alleged failures related to cybersecurity policies and procedures, each stemming from email account takeovers and related incident response, the regulator announced on 01 September 2021.[1]
The sanctioned firms did not admit or deny the commission's findings, but "agreed to cease and desist from future violations of the charged provisions, to be censured and to pay a penalty," according to the SEC. Cumulative fi