On September 20, 2017, SEC Chairman Clayton issued a statement after reports circulated that the SEC’s EDGAR filing system had been hacked. Chairman Clayton disclosed that the SEC learned in August 2017 that a breach previously detected in 2016 may have resulted in illicit trading based on the hacked information. The SEC’s statement sought to assure the market that the SEC was taking seriously the cybersecurity risks to its own systems. This comes on the heels of the SEC stating that cybersecurity was one of its top enforcement priorities with respect to regulated entities. In his statement discussing the SEC’s own breach, Chairman Clayton said: “We also must recognize—in both the public and private sectors, including the SEC—that there will be intrusions, and that a key component of cyber risk management is resilience and recovery.”
Click here for the full statement.