Good morning. I’m Melissa MacGregor, managing director and associate general counsel at SIFMA. Thank you for joining us today to discuss the critically important issue of cybersecurity through the lens of legal and compliance professionals.

There’s no question that cyber threats are increasing in frequency and sophistication. These threats posed by cyber criminals, hackavists, nation-states and terrorists are among the most serious risks facing financial services firms. A robust partnership between the industry and the
government is the most effective way to mitigate these threats. This is truly an issue where the industry, regulators and policymakers are aligned in a common goal to protect sensitive client information and the integrity of our nation’s critical infrastructure.

The constantly evolving and increasingly malicious nature of cyber threats raises important questions regarding what a firm can and can’t do when responding to threats. Firms look to compliance and legal professionals to help them draw the line and answer questions such as: How much can firms share cyber threat related information given the recent adoption of CISA? What can be done proactively to prevent an attack from occurring? What should a firm do when dealing with threats that cross jurisdictional lines? Further, compliance and legal professionals are well positioned to play an integral role in promoting robust cybersecurity practices across a firm.

As various regulators consider their cybersecurity guidance to the industry, the input of legal and compliance professionals will help to promote regulatory policy that is feasible in the marketplace today. Consider that there are at least 10 regulatory agencies that oversee our industry, each of which could have their own cybersecurity initiatives. SIFMA is advocating for coordination across regulatory agencies and across borders, to avoid conflicting or needlessly redundant rules that could be counterproductive to our shared goal. Coordinated rules streamline operations and compliance, instead of diverting resources to comply with a multitude of different rules that aim to accomplish the same goal.

This is true on a global scale – last month, SIFMA’s global affiliate, GFMA, along with the European Banking Federation and ISDA, published a set of principles for promoting effective
global policy on cybersecurity, data and technology.

For our part, SIFMA and our members have been focused on a variety of cybersecurity initiatives, including:

•Developing a range of tools and recommendations to help our members better defend against cyber threats, including resources for small firms and roundtables to address insider threats;
•Enhancing incident recovery protocols and promoting industry wide information sharing, including implementation of CISA;
•An annual test of backup systems to further promote resilient operations; and
•Organizing a series of exercises and drills, among other initiatives.

Over the course of today’s program, expert speakers from across the sector will share their insight on the best path forward for managing cyber threats from the legal and compliance perspective.

Before we get started, I’d like to take this opportunity to thank all of our speakers for making time to join us today. I’d also like to recognize our platinum sponsor, Ernst and Young, our gold sponsor, Sidley, and our contributing sponsor, Allen and Overy, for their help in making this
event possible.

It is now my privilege to introduce our keynote speaker, Stevan E. Bunnell, General Counsel, U.S. Department of Homeland Security.

As General Counsel, Steve is the chief legal officer for the Department, and is responsible for advising the Department’s senior leadership on all significant legal, policy, and operational issues.

Prior to joining the Department, he was the Managing Partner of the Washington, DC office of O’Melveny & Myers LLP. Steve’s legal practice at O’Melveny focused on government enforcement matters, corporate internal investigations, and complex litigation. Steve previously served for 17 years as a career federal prosecutor in the Criminal Division of the U.S. Department of Justice and in the U.S. Attorney’s Office for the District of Columbia.

Stevan has also been an associate with the law firm of Miller, Cassidy, Larocca& Lewin, in Washington, DC, an adjunct professor of law at the Georgetown University Law Center and the George Washington University Law School, and a law clerk to Judge Laurence H. Silberman of the U.S. Court of Appeals for the D.C. Circuit.

Please join me in welcoming Stevan Bunnell.