The United States Securities and Exchange Commission (SEC) received a report from the Office of Inspector General (OIG) alleging that its cybersecurity program was lacking just two weeks before the commission’s X account was hacked on January 9, according to Fox Business reporter Eleanor Terrett.
Eleanor Terret tweeted on May 6 about the issue, highlighting a December 2023 OIG report, an independent evaluation by contractor Cotton & Company Assurance and Advisor concluded that the federal regulator fell short of “effectively mitigating security weaknesses.”
“To improve the SEC’s information security program, we urge management to take action to address areas of potential risk identified in this report,” the report read.
The nearly 30-page document highlighted a list of much-needed improvements to the SEC’s security protocols, including maintaining its vulnerability disclosure policy and logging meeting requirements.
Read more on cryptonews.com