GAO to SEC: strengthen cyber controls: watchdog's report outlines information security weaknesses.

Author:Steffee, S.
Position:Practices/Update - Government Accountability Office - Securities and Exchange Commission - Brief article

Lax cybersecurity controls at the U.S. Securities and Exchange Commission (SEC) are putting financial data at risk, a U.S. Government Accountability Office (GAO) report finds. The report came out just two days after the SEC posted a cybersecurity checklist on its website detailing protections it expects firms to provide.

"Although the SEC had implemented and made progress in strengthening information security controls, weaknesses limited their effectiveness in protecting the confidentiality, integrity, and availability of a key financial system," the GAO report asserts. These included deficiencies in controls over access, configuration management, and segregation of duties.

The report...

To continue reading