SEC's Chairman Makes Changes After the Agency's Latest Cyber-Attack

The Securities Exchange Commission ("SEC") has been busy the last couple months on the cyber front. On September 20, the SEC announced a renewed focus on cybersecurity efforts and disclosed that it had been a victim of a cyber-attack, which may have allowed hackers to use nonpublic information to make illicit gains. The press release revealed that the breach was induced by software vulnerability in the SEC's EDGAR system. In a more detailed statement on the matter, SEC Chairman Jay Clayton opened the door for cyber-attack related enforcement actions directed at public companies. He warned them that the failure to "take their periodic and current disclosure obligations regarding cybersecurity risks seriously… may result in an enforcement action."

In an effort to reduce the risk of cyber-attacks (and the embarrassment that comes with them), the SEC appears to be putting its money where its mouth is-perhaps not by choice. Clayton recently told the Senate Banking Committee that the SEC is hiring additional employees to aid in cybersecurity prevention efforts and creating a new cybersecurity unit (discussed in more detail on this blog). In October, the House Financial Services Committee approved a bill directing the SEC to examine and further develop its internal cybersecurity risk controls. The bill was approved 59-1 in committee.

Expect more guidance on both cyber-attack enforcement actions and the SEC's cybersecurity controls in the coming months.

Posted in: Cyber Security
Jump to Page
Arrow icon Top

Contact Us

We use cookies to improve your website experience, provide additional security, and remember you when you return to the website. This website does not respond to "Do Not Track" signals. By clicking "Accept," you agree to our use of cookies. To learn more about how we use cookies, please see our Privacy Policy.

Necessary Cookies

Necessary cookies enable core functionality such as security, network management, and accessibility. These cookies may only be disabled by changing your browser settings, but this may affect how the website functions.

Analytical Cookies

Analytical cookies help us improve our website by collecting and reporting information on its usage. We access and process information from these cookies at an aggregate level.