Cybersecurity must be a collaborative effort between the industry, regulators and policymakers, the president and CEO of the Securities Industry and Financial Markets Association said Wednesday.
During remarks at the FINRA/SIFMA Cybersecurity Conference, Kenneth Bentsen said the most important takeaway the organization has learned through all of its simulations and work with firms and government partners is that information sharing is essential to an effective cybersecurity defense.
“The most effective way to address these threats is through a robust partnership between the private sector and government,” he said. In the past, SIFMA has held its Quantum Dawn 2 exercise, a simulation of a systemic attack on the equity markets that enabled firms, exchanges and regulators to run through their response procedures.
The industry goup also has developed best practices for its members to help manage insider threats and third party risks, and a specific cybersecurity guidance for small firms. “As the saying goes, we are only as strong as our weakest link, and our board has directed us to develop standards that apply across the entire industry,” Bentsen said.
SIFMA also has set a goal to have 100 percent of its members join the Financial Services Information Sharing and Analysis Center (FS-ISAC). To help jumpstart that initiative, SIFMA has underwritten FS-ISAC membership for over 180 smaller member firms.
Bentsen added that there was an opportunity for Congress to strengthen cyber defenses across the U.S. through legislation that would provide liability protections and promote enhanced information sharing between the industry and government. But this must be done with the understanding that privacy protections for individuals also must be upheld, he said.
“We strongly encourage Congress to make cybersecurity a priority and pass legislation that facilitates improved information sharing and enables the industry and government agencies to work together in the most effective way possible,” he added.