New York Investment Management partner Kay Gordon was quoted in a HFM Week article titled, “Cyber Troubles at the SEC.” The article discussed the US Government Accountability Office’s (GAO) prognosis of the SEC’s cybersecurity defenses. The report reached a conclusion that while the SEC’s information security practices have improved since a previous 2014 audit, the regulator is still falling short on several critical areas. With rising concerns, the SEC is faced with a difficult task.
Kay explained that even if the SEC is granted its full requested budget and is able to introduce changes to its technology, there is no guarantee that such latest technology would fully protect the data (even with improved compliance) and it appears to be no accountability for the SEC if it becomes the victim of a breach.
“My concern is where there is never a guarantee with even a highest level of protection and there is no accountability in the event that the SEC is breached by hackers,” said Kay. “Looking at the R.T. Jones case, it doesn’t appear that they acted with malicious intent or that there was anything deliberately wrong, it’s just that their protections were inadequate. But they were subjected to enforcement action, so what happens if the SEC is similarly breached?” she added.