Alert July 22, 2014

Secretary of the Treasury Lew Urges Financial Institutions to Enhance Their Cybersecurity Defenses

Secretary of the Treasury Jacob J. Lew presented remarks at a conference hosted by CNBC and Institutional Investor in which he urged financial institutions to increase their cybersecurity defense efforts because cyber intrusions are now a daily event, and “successful attacks on our financial system would compromise market confidence, jeopardize the integrity of data, and pose a threat to financial stability.”  “Far too many hedge funds, asset managers, insurance providers, exchanges, financial market utilities and banks,” said Secretary Lew, “should and could be doing more to enhance their cybersecurity defenses.”

Secretary Lew stressed that in 2013 the Obama Administration issued an executive order that provided a new voluntary cybersecurity framework that firms (including financial institutions and their outside vendors) are urged to use “to evaluate, maintain and improve the resiliency of their computer systems.”  Secretary Lew next discussed the need for increased information sharing (with respect to cybersecurity issues) across the financial services industry and with governmental authorities.  He then noted that the Treasury Department has established an information sharing and analysis unit named the Financial Sector Cyber Intelligence Group.  That Group, said Secretary Lew, “is delivering timely and actionable information that financial institutions can use to protect themselves.”  He also noted that firms must disclose cybersecurity breaches where necessary, and that the information provided through such disclosure helps protect U.S. financial and economic security.  Secretary Lew further stated that “my Deputy Secretary, Sarah Bloom Raskin, will be working with federal and state financial regulatory agencies to reduce cyber risks to the financial system.”  Finally, Secretary Lew urged Congress to pass legislation that fosters information sharing with respect to cybersecurity and protects the public from cyber threats.