A crucial component of its oversight function, the CFTC announced it would increase its focus on cybersecurity. Given the increase in attacks on a variety of financial services targets, we applaud this proactive response.
Timothy Massad, the new chairman of the US Commodity Futures Trading Commission (CFTC), didn't begin his speech by focusing on cybertopics, but they did make up a substantial portion of his comments. "An increasingly important aspect of our oversight of CCPs [central counterparty clearinghouses], as well as exchanges and other key institutions that we regulate, is cyber security and business continuity disaster recovery generally," Massad said during this morning's keynote address. "The need to strengthen the security and resilience of our financial markets against cyberattacks is clear." Massad said the CFTC is increasing its oversight of cyber preparedness in the industry. Its updated cybersecurity safeguards require that exchanges, clearinghouses, and other market infrastructure entities have four things. 1. Risk analysis: "a program of risk analysis and oversight to identify and minimize sources of cyber and operational risk" 2. Automation: "automated systems that are reliable, secure, and have adequate scalable capacity" 3. A plan: "emergency procedures, backup facilities, and a business continuity-disaster recovery plan" 4. Regular testing: "regular, objective, independent testing to verify that the system safeguards program is sufficient to fulfill its regulatory responsibilities"