SEC Info Security Still Shaky

Chidem Kurdas

While the U.S. Securities and Exchange Commission has improved controls over the security of its information systems, it has not taken corrective actions recommended in the past two or three years and needs to do more, a new report says.

Accusations that SEC staff exposed sensitive financial exchange information to hackers was one of the many scandals that beset the agency since the financial crisis— for the realities vs. myths of the regulatory state, click for Ponzi Regulation

The SEC watchdog hired a technology company to study how well the SEC is implementing the Federal Information Security Act. In the latest of a series of reports on the subject, the investigator says significant progress was made in several areas. For instance, risk management, incident response and reporting, and disaster recovery programs were established.

But the SEC did not address other issues identified in Fiscal Year 2011 and 2012 reports. Also, it will need to beef up security for contractor systems and user accounts.

Possibly the massive leak by former National Security Agency contractor Edward Snowden inspired a look at the SEC contractor systems.

The report is not made public because it contains security information, according to the SEC watchdog.


Tags: ,

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: