Ransomware Attacks and Internal Controls

Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. Today, Matt and Tom take a deep dive into the difference between a privacy breach and a ransomware attack. Some of the issues we consider are: Why are privacy breaches different from ransomware attacks? What is an authenticated v. unauthenticated cyber-attack? Why would the SEC get involved? What are the internal controls need to prevent and detect a ransomware attack? How will they be audited? How can a material weakness in internal controls around ransomware lead to a financial restatement? What will the SEC look at from an enforcement angle? Resources Matt in Radical Compliance Learn more about your ad choices. Visit megaphone.fm/adchoices