I'm having a tough time understanding what compelled SEC employees to bring a laptop to such a convention.
"We dodged a bullet this time."
More like the SEC employees tried to fire at us, but missed.
This isn't about policy. This is about common sense. Why wasn't the data encrypted? Why were the employees allowed to leave the company buildings with the information? Why didn't they have the common sense to leave them at home before attending said conference?
And, that being said... You would assume that those attending a hacking convention would normally be smart enough to know the risks (and especially not to bring an official work laptop). Alas, it's funny and worrisome to see that Wall Street is being run by people incompetent with technology.