Senior Communications Manager
Kirk Nahra Discusses GAO Report on SEC Data Security Practices
Kirk J. Nahra, chair of Wiley Rein’s Privacy Practice, was quoted in the May 2014 issue of E-Finance & Payments Law & Policy, in an article about the U.S. Securities and Exchange Commission’s (SEC) data security practices.
The U.S. Government Accountability Office (GAO) said in an April 17 report that the SEC has not taken adequate steps to protect its systems and data from cyber risks. The GAO identified problems such as failing to sufficiently encrypt data, according to the article.
“It will always be easy for an entity like the GAO to find that not enough is being done on this issue, because it is essentially impossible to do and evaluate everything,” Mr. Nahra said.
“In general, these developments reflect an ongoing nervousness from government regulators about the preparation of American industry for significant cybersecurity problems,” he added. “There isn’t anything specifically wrong or worse about financial services, but it is an industry at the nexus of various cybersecurity concerns.”