September 6, 2017 by

Cybersecurity Risks are Substantial, Says SEC Chief

The chairman of the Securities and Exchange Commission has urged Wall Street to educate everyday investors on teh ‘substantial risk’ of cybersecurity threats.

Newly appointed SEC chairman Jay Clayton was speaking at a panel discussion at New York University’s School of Law on Tuesday when he revealed his take on the state of cybersecurity and the threat posed by hackers on investors.

He stated:

 I am not comfortable that the American investing public understands the substantial risk that we face systemically from cyber issues and I would like to see better disclosure around that.

The SEC has previously been called on by cybersecurity experts to mandate specific disclosures by US public sector companies about cyber-risks and attacks, particularly in the aftermath of the 2013 Target breach. A noteworthy, infamous data breach, the Target cyberattack compromised the credit and debit card details of millions of customers. An SEC investigation into the breach determined that Target failed to provide reasonable data security for consumers. Ultimately, Target agreed to pay a substantial $18.5 million fine to resolve the SEC probe.

Clayton further confirmed that the SEC would investigate companies that misled investors about any potential cyber-risks. Still, the chairman added that the battle against hackers shouldn’t be confined to government silos and ought to take a wider impetus.

“We have to have our individual responsibilities, but we also have to do our best to foster a collective approach to the issue,” Clayton said.

One particular concern, as pointed out by SEC’s enforcement division co-director Stephanie Avakian, underlines the rising trend of information theft and data breaches by hackers to gain some sort of market advantage.

While the SEC has occasionally taken action against financial firms for leaving customers’ details unsecured, it has gone after malicious hackers and individuals who broke into press agencies, newswires and brokerages accounts to carry out insider trading or other related fraud. However, it is yet to sue a publicly listed company over how it communicated a cyberattack or data breaches suffered due to any malicious actors.

Image credit: Flickr.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

SEC Publishes Guidance on Cybersecurity Breach Disclosures

In the aftermath of the sweeping, infamous breach of Equifax, the SEC has now provided additional...

Read more arrow_forward

SEC Chairman Confirms Compromise of Personal Information in 2016 Hack

The United States Securities and Exchange Commission chairman Jay Clayton said that the personal...

Read more arrow_forward

Report: The SEC is Probing Yahoo Over Data Breaches

Authorities are investigating whether Yahoo should have reported its two significant data breaches...

Read more arrow_forward