As we start the new week, a recap of major cybersecurity developments:
- Equifax CEO Faces Senate Committee – Senate staffers are busy readying cross examination scripts for the testimony next week of Equifax Inc. Chief Executive Officer Richard F. Smith. In an open hearing, members of the Senate Committee on Banking, Housing and Urban Affairs will question Smith about Equifax’s handling of the data breach, which has potentially affected the personal information of 143 million Americans. The hearing will be webcast live on October 4th at 10 a.m. Here’s is a link to the hearing webcast.
- Questions Raised Over SEC Hack Disclosure – The U.S. Securities and Exchange Commission is under fire over the disclosure last week that the agency’s computer system was hacked in 2016. Few details are known and not many within the agency were even aware of the breach. In a public statement, SEC Chair Jay Clayton said he found out about the hack only after he had ordered an agency-wide cybersecurity assessment in May. In an odd twist, disclosure of the breach was buried in the 17th paragraph of Clayton’s 45-paragraph statement made last week about the agency’s focus on cybersecurity risks.
Yet, this breach shouldn’t be a surprise. Last week, Reuters reported that a confidential report issued in January 2017 by the U.S. Department of Homeland Security found five “critical” cybersecurity weaknesses on the agency’s computers.
And more recently, the Government Accountability Office – the watchdog arm of Congress – found weaknesses in the SEC’s data security controls. In a public report issued two months ago, the GAO found that the “SEC did not fully implement an intrusion detection capability for key financial systems. As a result, the SEC may not be able to detect or investigate some unauthorized system activity.”
- Energy Cyber Spending to Skyrocket – Finally, in a report released on Friday, the National Institute of Standards and Technology – NIST – focused on the cybersecurity challenges faced by the energy sector and different technology solutions available to deter and respond to cyberattacks. A recent study estimates that U.S. utilities will spend more than $7 billion by 2020 to protect power grids against cyberattacks.