SEC chair to stress cyber risk in Congressional budget testimony

WASHINGTON (Reuters) - The head of the U.S. Securities and Exchange Commission (SEC) will warn of the need to boost its defenses against “advanced” and “persistent” cyber threats when he asks Congress on Tuesday for more funding, according to prepared remarks seen by Reuters on Monday.

FILE PHOTO: Jay Clayton, Chairman of the Securities and Exchange Commission, testifies at a Senate Banking hearing on Capitol Hill in Washington, U.S. September 26, 2017. REUTERS/Aaron P. Bernstein

SEC chairman Jay Clayton will testify on Tuesday before the Financial Services and General Government Subcommittee of the Senate Committee on Appropriations to make the case to increase the agency’s budget.

In prepared remarks, he will tell lawmakers that the agency has taken various steps to reinforce the security of its electronic database, EDGAR, after a 2016 cyber intrusion.

Clayton, appointed by President Donald Trump a year ago, will also highlight the agency’s effort to strengthen the system through penetration testing and a review of the database’s security code to help identify and fix system vulnerabilities.

The SEC disclosed last September that the database, which houses millions of filings on corporate disclosures, had been hacked and the information potentially used for insider trading.

The SEC is still investigating the breach and has disclosed little information about it.

Natalie Strom, a spokeswoman for Clayton, declined to comment on Monday.

On Tuesday, Clayton will ask lawmakers on the U.S. Senate Appropriations panel for a 2019 modest budget increase to $1.658 billion from 2018’s $1.652 billion.

“Uplifting the agency’s cybersecurity program will remain a top priority,” Clayton will say. “Our request would support investment in tools, technologies and services to protect the security of the agency’s network, systems and sensitive data.”

The budget increase would also permit the agency to lift its two-year hiring freeze to help staff a new cyber unit and fund the appointment of a new chief risk officer to focus on cyber threats.

“Our (budget) request would allow for critical investments in our ability to protect investors,” Clayton will say.

Reporting by Katanga Johnson and Patrick Rucker; Editing by Michelle Price and Clive McKeef