The chair of the U.S. Securities and Exchange Commission warned that cybersecurity is the biggest risk facing our financial system today. At an industry conference yesterday, SEC Chair Mary Jo White said that major exchanges, clearing houses and other players in the financial system did not have cyber defenses in place that aligned with the risks they faced.
“What we found, as a general matter so far, is a lot of preparedness, a lot of awareness but also their policies and procedures are not tailored to their particular risks,” said White. “We can’t do enough in this sector.”
White noted that the SEC is proactive in its examinations of broker-dealers and registered investment advisers, and in particular, in assessing gaps between existing policies and practices and the nature of the threats these organizations confront. “As we go out there now,” White said, “we point that out.”
White’s blunt comments were made only days after SWIFT — the Society of Worldwide Interbank Financial Telecommunications – issued an alert to global financial institutions that malware attacks have hit at least two member banks. In the notice sent to its 11,000 members, SWIFT warned that the cyber attackers had “deep and sophisticated knowledge of specific operational controls within the targeted banks” and urged institutions to shore up their cyber defenses. “As a matter of urgency, we remind all customers to urgently review controls in their payment environments, to all their messaging, payments and ebanking channels.”