SEC’s Clayton To Advocate For Better Cybersecurity


The chairman of the U.S. Securities and Exchange Commission (SEC) is calling for more money from Congress to protect itself against “advanced” and “persistent” cyber threats.

According to prepared remarks seen by Reuters, SEC chairman Jay Clayton will testify before the Financial Services and General Government Subcommittee of the Senate Committee on Appropriations to ask for an increase in the agency’s budget.

Clayton, appointed by President Donald Trump a year ago, is set to speak about how the SEC has taken various steps to reinforce the security of its electronic database, EDGAR, which hackers broke into to make illegal trades.

He will also discuss how the agency is trying to strengthen EDGAR through penetration testing, as well as a review of the database’s security code to identify and fix vulnerabilities.

Clayton is expected to ask for a modest budget increase for 2019, to $1.658 billion from 2018’s $1.652 billion.

“Uplifting the agency’s cybersecurity program will remain a top priority,” Clayton will say. “Our request would support investment in tools, technologies and services to protect the security of the agency’s network, systems and sensitive data.”

In addition, the additional funds would enable the SEC to lift its two-year hiring freeze to staff a new cyber unit and fund the appointment of a new chief risk officer to focus on cyber threats.

“Our (budget) request would allow for critical investments in our ability to protect investors,” Clayton will say.

Last year, Steven Peikin, along with Stephanie Avakian, were appointed new co-directors of enforcement at the SEC, both very concerned with cyberattacks on brokerage firms. “The greatest threat to our markets right now is the cyber threat,” said Peikin. “That crosses not just this building, but all over the country.”

At the time, it was reported that the SEC has seen an increase in the number of investigations that involve hacking and an increase in the number of attempts to break into brokerage accounts. The types of crimes include everything from stealing information for insider trading to stealing assets.