Financial markets in the U.S. have continued to grow increasingly complex, volatile, and competitive since the pandemic. With this rapid change comes an increased threat of cyber-attacks from bad actors who wish to take advantage of possibly distracted investment managers.
It is evident the SEC has designated cybersecurity a primary focus as attacks, such as ransomware and phishing, grow in popularity among bad actors. The need for thoughtful monitoring for these types of threats has dramatically increased as geopolitical tensions across the globe rise, especially because of the conflict in Ukraine.
As a result of Russia’s invasion of Ukraine, the SEC issued a warning earlier this year to investment managers around cybersecurity risk. The SEC is continuously assessing the Russian government’s malicious cyber activities, especially those that put U.S. investors at risk. It declared that the conflict could impact firms both on U.S. soil and beyond its borders, illustrating that the Russian government is engaging in malicious cyber activities in order to carry out cyber espionage, steal intellectual property, disrupt social and political activity and cause significant harm to both regional and international adversaries.
Firms are warned to keep a watchful eye
In an Annual Threat Assessment conducted by the U.S. Office of the Director of National Intelligence, the agency declared that “Russia is continuing to target critical infrastructure. This targeting includes industrial control systems and underwater cables in the U.S. and the country’s partners and allies. As Russia becomes more sophisticated in compromising such infrastructure, its chances to cause damage during a crisis increase for us all.”
The U.S. Office of the Director of National Intelligence also believes that Russia will consider responding with cyberattacks as a way “to deter adversaries, prosecute conflicts and control escalation.” With evolving intelligence indicating that threat activity from the Russian Government is becoming increasingly more probable, the SEC has cautioned U.S. firms to be prepared for if and when an attack could arise.
As part of the caution issued by the SEC, it was stated that the CISA, the national cyber defense agency in the U.S., has asked firms to report any cyberattacks from Russia quickly. When reported quickly, the CISA can use the information to prevent other organizations becoming a victim to a similar attack.
The Importance of cybersecurity support
Preparing for disruptive cyber incidents is crucial for all organizations, regardless of their size. In the event of a cyber intrusion, firms must be able to respond quickly and be able to mitigate the impact of such an event. Firms should carry out a risk-based approach to cybersecurity attacks, particularly through managed detection response methods, such as all-inclusive anomaly detection and real-time risk containment 24/7/365, if available. By applying this approach, firms can identify the highest areas of risk within the infrastructure of their organization to develop strategies to manage and mitigate those risks.
With its guidance and support to empower investment companies, broker-dealers, investment advisors, hedge funds and other market participants, the SEC has made it clear that all organizations should be prepared for cyberattacks that are event driven in the wake of the Russia-Ukraine War.