The Securities and Exchange Commission today announced that it has named Todd K. Scharf, Sr. as Chief Information Security Officer and Associate Director in the agency's Office of Information Technology.
"Todd Scharf has an extensive technical and operational background in information security," said Thomas A. Bayer, the SEC's Chief Information Officer. "Todd's knowledge of market operations, along with his leadership efforts to improve the SEC's information security operations already have had a significant effect on the agency, and we're pleased to welcome him to this new position."
In recent years, the SEC has taken steps to enhance its technological capabilities, modernize its computer systems, and transform the way it performs its mission. It has deployed a centralized database for the tips and complaints it receives, installed an automated work-flow system to track and triage enforcement actions, created an automated e-discovery system to help investigators rapidly review evidence, established a national standardized collection and storage system for SEC inspections and examinations, procured a system to analyze market data, and refurbished its financial management system.
Mr. Scharf joined the SEC in 2009 as the Assistant Director for Corporate Information Security, where he helped develop, maintain, and oversee agency-wide information technology security programs. During his tenure, Mr. Scharf implemented industry-leading security measures and programs that led to significant improvements in the SEC's information technology and financial reporting processes. In two years, the SEC succeeded in reducing the information technology and financial reporting deficiencies identified by the agency, its Inspector General, and the Government Accountability Office to a level that, in November 2011, the GAO concluded that there were no longer "material weaknesses" in the SEC's internal controls.
Mr. Scharf began his civilian career in 1996 as a Data Security Analyst at GE Information Services, and spent 11 years at the Financial Industry Regulatory Authority (FINRA), where he worked in various capacities, starting as an Operations Manager for Information Security. He was named Director of Network Operations and Information Security at the self-regulatory organization in 2001, and became FINRA's Associate Vice President for Corporate Information Security in 2003, overseeing information security and strategy.
Mr. Scharf received his undergraduate degree in Criminal Justice from Penn State University and completed his master's level courses in Business Management at Troy State University. He was honorably discharged from the U.S. Navy in 1996 as a Lieutenant after serving nine-and-a-half years in various capacities, from propulsion engineer to data center manager.
Mr. Scharf will continue to lead the SEC's Office of Information Security, which is responsible for identifying and mitigating potential information-technology security risks and information breaches. Mr. Scharf has been actively involved in directing SEC efforts to identify and resolve security risks and exposures and will continue those efforts in his new role.