22 February 2017
visit nextgenbanking.co.uk

Watchdog criticises SEC cybersecurity

22 April 2014  |  4647 views  |  0 safelock

The Securities and Exchange Commission has been criticised by a US congressional watchdog over cybersecurity weaknesses, including the failure to authenticate users and encrypt sensitive data.

In an information security report (PDF), the Government Accountability Office (GAO) says that the SEC did not "consistently protect its system boundary from possible intrusions".

In addition, the regulator failed to audit and monitor actions taken on its networks, systems and databases. It even failed to restrict physical access to "sensitive assets".

In particular, the GAO found that the SEC did not securely configure the system at a new data centre, was lax in applying software patches and sloppy in disaster recovery planning. This was in part because of a failure to adequately oversee a contractor brought in to migrate to the new data centre last year.

The report comes just days after the SEC warned more than 50 registered broker-dealers and investment advisors that it would be checking their ability to counteract cyber-security threats.

The GAO says that because the SEC plays such an important role in the securities markets and relies heavily on computerised systems, it is essential that the commission has strong controls in place to protect information from misuse, fraudulent use, improper disclosure, manipulation, or destruction.

It is recommending that more effective oversight of contractors is introduced and risk management processes are tightened up.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

SEC to conduct market-wide cyber-security checks

SEC to conduct market-wide cyber-security checks

16 April 2014  |  5557 views  |  0 comments | 3 tweets | 3 linkedin
As cyber threat grows, EU regulators warn FS firms on IT budgets

As cyber threat grows, EU regulators warn FS firms on IT budgets

03 April 2014  |  6407 views  |  0 comments | 9 tweets | 2 linkedin
White House sets out voluntary cybersecurity framework

White House sets out voluntary cybersecurity framework

13 February 2014  |  5490 views  |  0 comments | 12 tweets | 8 linkedin
SEC proposes new crowdfunding rules; FCA begins consultation

SEC proposes new crowdfunding rules; FCA begins consultation

24 October 2013  |  4848 views  |  0 comments | 4 tweets | 3 linkedin
SEC preps public Web site for HFT data and research

SEC preps public Web site for HFT data and research

04 October 2013  |  9298 views  |  0 comments | 7 tweets | 2 linkedin

Related company news

 

Related blogs

Create a blog about this story (membership required)
Visit contisgroup.comvisit dh.comvisit BNP paribas

Top topics

Most viewed Most shared
IBM and Visa join forces to turn billions of connected devices into points of saleIBM and Visa join forces to turn billions...
18014 views 11 comments | 54 tweets | 89 linkedin
Jaguar embeds payments into digital dashboardJaguar embeds payments into digital dashbo...
10422 views comments | 49 tweets | 59 linkedin
Nesta launches £5 million Open API challengeNesta launches £5 million Open API ch...
10407 views comments | 21 tweets | 19 linkedin
Kevin the bot uses blockchain to offer insurance for P2P transactionsKevin the bot uses blockchain to offer ins...
8478 views comments | 17 tweets | 15 linkedin
RBS to become fintech fund and high street outlet for challenger banks under HMT remedyRBS to become fintech fund and high street...
6792 views comments | 35 tweets | 32 linkedin

Featured job

Six Figure Base + Commission + Stock Options
London

Find your next job