A top financial regulator faces big questions about how they prepare for cyber-attacks, after disclosing a breach of a key database of company filings. The Securities and Exchange Commission (SEC) said a software vulnerability allowed access to private information and may have led to illicit trading. The SECs security practises has previously been identified as having numerous security gaps by federal inspectors.
Questions remain about the scope of the breach, including such things as when the breach occurred, how long it persisted and how many companies it may have affected. With the information available, it is also not clear who might be behind the attack. Experts say that the possibilities range from organized crime groups to a state-backed entity. Tom Kellermann, a cyber-security expert and chief executive of Strategic Cyber Ventures, thinks that a group backed by a non-state may be at work in this instance as well, as these are the types of groups who have succeeded at a high level in the past.
The SEC presents a rich target for criminals looking for information about companies and other parts of the financial system. After this latest breach, it raises concerns whether the SEC took cyber security protection seriously enough, it is important that as a business you take appropriate measures to make sure you are cyber safe. If you are interested in learning more about cyber security contact us on 01684 377980.
You can read our previous blog here on ‘The Future of Cyber Security’.