Cybersecurity: A Top SIFMA Priority

The pandemic has put technology at the forefront of the financial services industry – transforming the way firms, advisors, clients, managers and employees work. It has allowed the industry to continue to innovate how it communicates and has provided clients with new ways to consume information. With a continued shift more firms are moving to cloud platforms, utilizing big data queries and leveraging APIs, technology continues to help the industry advance its business practices and improve client services.

However, with this evolution comes new risks and vulnerabilities. That is why SIFMA and its members remain diligent and focused on cybersecurity efforts to protect clients, data, networks and operations from diverse cyber threats including theft, disruption and destruction.

As we recognize October as Cybersecurity Awareness Month, we are reminded of the financial services industry’s efforts to enhance privacy and data protections, and our many resources for the industry to draw on in their own cyber work:

  • Cross-Sector Coordination to Enhance Response & Recovery: Since 2011, SIFMA has conducted a series of bi-annual industry-wide Quantum Dawn exercises covering physical, cyber, terrorism and natural disaster risks to synchronize response and recovery playbooks across financial firms, SIFMA and U.S. Treasury.  In November 2019, SIFMA conducted its first global cyber exercise, Quantum Dawn V, with 150 entities across 19 countries. The goal was to implement a network of contacts for response and recovery, which resulted in SIFMA’s Global Directory of over 250 crisis management contacts across the public and private sectors to respond to a global event. Later this year, SIFMA will hold it sixth biannual Quantum Dawn exercise with a focus on ransomware recovery plans.
  • Industry-Led Data Protection Collaboration: The SolarWinds and Microsoft incidents highlighted the need for greater collaboration between industry, regulators, and government agencies to ensure transparency and timely disclosure of data breaches in the private and public sector. The goal is to improve the protection of sensitive financial and regulatory data held by industry participants or the government. In light of concerns raised by financial firms, the Financial Services Sector Coordinating Council (FSSCC) Working Group is focused on this issue working across sectors to develop joint solutions.
  • Best Practices for Insider Threats: For the last decade, SIFMA has hosted quarterly Insider Threat Forums to share information among industry participants on the best practices in identifying and protecting against insider threats. As threats evolve, so have the industry’s response capabilities, through advancements in the use of anomaly detection and big data techniques, evolving privacy issues including restrictions on employee surveillance, the use of automated decision making tools, and legal and practical barriers to performing employee background checks.
  • Partners in Penetration Testing: Since 2017, SIFMA has been leading a global effort to work with financial firms and regulators around the world on a collaborative approach to penetration testing a firm’s cybersecurity defenses and to identify vulnerabilities. In July 2019, SIFMA published, and updated in 2020, guidance on principles and best practices for financial firms and regulators to follow, which ultimately led to the development the globally harmonized threat-led penetration testing environment that exists today.

This is just a snapshot of SIFMA’s ongoing work to improve cybersecurity practices and stay one step ahead of current and future cyber threats.  But the securities industry cannot do it alone. That is why all our efforts include close coordination across the financial services industry and with government, regulators, third parties and law enforcement agencies, to protect our clients and financial services infrastructure, improve data sharing between public and private entities and safeguard customer information.

In light of recent and frequent data breaches, we have already seen heightened government attention to this issue, and we expect Congress and federal regulators to further engage moving forward. As they work to further address the cybersecurity risk, we encourage them to continue to collaborate with the industry on best practices to collectively improve our defense, resiliency and recovery efforts.

By working together, we can continue to build a stronger and more integrated network of cyber protections that maintain public trust and confidence in our financial markets, while bringing greater privacy and data protections to our increasingly interconnected and digital world.

 Tom Price is a managing director and head of technology, operations and business continuity for SIFMA.