))
Episode 6: SEC Penalties, M&A Security, and Due Diligence
Manage episode 449099870 series 3577687
Content provided by Distilled Security, Justin Leapline, Joe Wynn, and Rick Yocum. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Distilled Security, Justin Leapline, Joe Wynn, and Rick Yocum or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://staging.podcastplayer.com/legal.
Episode 6: SEC Penalties, M&A Security, and Due Diligence
Welcome back to the Distilled Security Podcast! In this episode, hosts Justin, Rick, and Joe dive into the latest in cybersecurity, from regulatory challenges to pop culture:
Topics Covered
- SEC Penalties for Cybersecurity Disclosures
Discussing recent SEC penalties due to lapses in cybersecurity disclosure, the implications for companies, and how organizations can stay compliant. - Cybersecurity Materiality and Disclosure Practices
Tips on navigating the materiality assessment of cybersecurity incidents and ensuring compliance with auditors' disclosure requirements. - Preparedness Through Tabletop Exercises
Exploring tabletop exercises as a method to enhance readiness for cybersecurity disclosures. - Security in Mergers & Acquisitions
The importance of aligning security philosophies, protecting supply chain integrity, and fast decision-making in M&A processes. - Pre-Mortem Analyses for Risk Mitigation
Utilizing pre-mortem analyses to identify risks in acquisitions and ensure security compatibility before a merger. - Best Practices for Selling a Company with Strong Security
Tips on audit readiness, maintaining a secure posture, and what security leaders should prioritize to avoid penalties or discounts during acquisitions. - Information Control in Modern Warfare
How controlling information plays a strategic role, with examples from cyberpunk themes to illustrate the power of data control. - Favorite Cybersecurity Movies
A fun review of iconic cybersecurity movies, highlighting elements like data movement, IP address inaccuracies, and common movie hacking tropes. - Due Diligence Strategies for Small Businesses
Key steps for conducting effective due diligence, including using a risk-based approach to compliance and managing contracts efficiently.
Links
Spirits
- Barrell Seagrass - A unique blend of American and Canadian rye whiskeys, each carefully selected and finished in Martinique Rhum, Madeira, and apricot brandy barrels.
Hosts
Connect with Us
- Website: Distilled Security Podcast
- Twitter: @DisSecPod
- Email: [email protected]
Time Stamps
- [00:01:25] SEC penalties for cybersecurity disclosure lapses
- [00:05:16] Working with external auditors on cybersecurity disclosures
- [00:09:30] Assessing cybersecurity materiality in disclosures
- [00:11:45] Tabletop exercises to improve disclosure preparedness
- [00:14:36] Cybersecurity considerations in M&A
- [00:19:12] Making fast, informed security decisions
- [00:23:06] Pre-mortems for assessing acquisition risks
- [00:25:12] Compatibility of security philosophies in M&A
- [00:30:20] Securing supply chains in acquisitions
- [00:34:23] Steps to sell a company securely
- [00:37:06] Preparing for audits in the sale process
- [00:42:07] Hosts discuss favorite cybersecurity movies
- [00:45:57] The strategic role of information in warfare
- [00:48:49] Data transport themes in cyberpunk films
- [00:52:36] The infamous fake IP addresses in movies
- [00:56:01] Due diligence for small businesses and startups
- [01:00:47] Centralized vs. decentralized security strategies
- [01:02:20] Adopting a risk-based approach for security questionnaires
- [01:06:05] Negotiating buyer risk assessments
- [01:10:11] Leveraging compliance automation tools
- [01:12:55] Managing contract risks effectively
- [01:16:10] Ensuring alignment between contract terms and security questionnaires
13 episodes
Share
