“The dependence of the global financial system on a rapid and accurately functioning technological infrastructure cannot be overstated,” Amri-Mokri said in remarks prepared for the Securities Industry and Financial Markets Association’s Operations Conference. “We as consumers and market participants take the seamlessness of transactions and the accuracy of our books and records for granted…But we should not take this relative success as a given. [V]igilance must be heightened even further in a world where individual actors deliberately and routinely intend to cause harm.”
Cyberattacks, which have become more common and more destructive, targeting U.S. banks have cost millions of dollars. Michael Daniel, the White House’s cybersecurity coordinator, said companies need to bolster their network security as part of a “spectrum of responsibility,” and Treasury officials told bank executives during a March meeting that they cannot rely solely on the government to provide cyber security, The Washington Post reports.
“We recognize that government alone cannot keep our financial system safe,” Amri-Mokri said. “The responsibility of protecting our financial sector rests also with the sector itself…It is critically important for the financial sector to develop robust mechanisms for sharing information among itself…Information dissemination is important not just between organizations and institutions but also vertically within an organization…Develop, adopt and maintain best practices…[and] maintain and develop robust communications with your various government contacts.”
The U.S. Treasury is in the process of implementing President Obama’s executive order—Improving Critical Infrastructure Cybersecurity—issued in February as part of an effort to “maintain a cyber environment that encourages efficiency, innovation and economic prosperity while promoting safety, security, business confidentiality, privacy and civil liberties.”
The executive order directs the National Institute of Standards and Technology to spearhead the development of cybersecurity framework in order to reduce risks to critical technological infrastructure in the financial services industry.
After the framework is established by the NIST, the Department of Homeland Security will establish a voluntary program to support its implementation by infrastructure owners and operators.
“We have had important recent reminders that our financial institutions and markets are vulnerable to malicious cyber-attacks and operational failures,” Amri-Mokri said. “Working to prevent the realization of such threats and to be prepared to manage, mitigate and recover from any harm that might occur should be a top priority for all of us.”