
In what seems is likely to be the last cybersecurity-related enforcement action by the SEC under outgoing chair Gary Gensler, the agency has brought a settled enforcement action against asset management firm Ashford, Inc., alleging that the company made misrepresentations in its periodic reporting documents about a cybersecurity-related incident at the firm. As discussed below, the action raises questions about what may come next as far as SEC cybersecurity-related enforcement under the new administration. A copy of the SEC’s January 13, 2025, complaint in the enforcement action can be found here. The SEC’s January 13, 2025, press release about the action can be found here.Continue Reading SEC Files Cyber Disclosure Enforcement Action Against Asset Manager