Dear Mary,
I work for a public company that recently experienced a ransomware attack. Fortunately, we were able to restore our business operations quickly by obtaining a decryption key from the threat actor. Given that we managed to get back up and running so swiftly, do we still need to determine whether the incident is material and report it?
Sincerely,
– Concerned ExecutiveContinue Reading SEC Cybersecurity Incidents Disclosures: Materiality, Decryptors, and Ransom Payments