Legislation that directs the Securities and Exchange Commission (SEC) to accelerate cybersecurity risk controls to prevent future hacker attacks was advanced by the House Financial Services Committee last week.
The Market Data Protection Act (H.R. 3973), sponsored by Rep. Warren Davidson (R-OH), was approved 59 to one and now moves to the full House for a vote.
The Government Accountability Office (GAO) reports that deficiencies in the SEC computing environment may jeopardize the confidentiality, integrity, and availability of information residing in and processed by its systems.
The Market Data Protection Act addresses these deficiencies by requiring the SEC to develop internal risk controls and freeze reporting to the Consolidated Audit Trail (CAT) until proper protections are in place to secure personal information.
“We need to make sure our house is in order at the SEC,” Davidson said. “We know there are serious flaws in the way the SEC maintains its data, and in the ways they respond to and communicate errors and omissions. These flaws undermine the trust and confidence of the customers the SEC regulates,” he added.
The SEC was hit by a cyberattack in 2016 where hackers got the names, dates of birth, and social security numbers of two individuals. More recently, Equifax was hacked where some 145 million people had their personal information exposed.
“The Equifax breach and the recent cyber-attack at the SEC only exacerbate the need to ensure top cybersecurity controls are in place at our securities regulator which is why I look forward to this bill swiftly making its way to President Trump’s desk and being signed into law,” Davidson said.
The measure has garnered the support of the financial industry, including the Financial Services Institute (FSI).
“Cyberattacks are steadily growing in terms of both frequency and sophistication. We thank you both as well as the Committee for the introduction of the H.R. 3973 Market Data Protection Act of 2017 in the 115th Congress, and we hope that both the committee and the House as a whole will consider this sensible piece of legislation that will safeguard the storage of market data,” David Bellaire, general counsel at FSI, said.