In an investigative report by the U.S. Securities and Exchange Commission's Enforcement Division into nine cases of cyber fraud, public companies have been advised to stay cautious of cyber threats when they are implementing internal accounting controls.

According to the report, the nine subject companies lost at least $1 million each, and one of the companies lost more than $45 million. According to the press release by the regulator, the companies and their personnel were not charged considering the circumstances.

Stephanie Avakian, co-director of the regulator's enforcement division, said public companies are obligated to maintain sufficient internal accounting controls and should consider cyber threats when practicing those controls.