Members of the Senate Banking Committee told Securities and Exchange Commission Chairman Jay Clayton on Monday, a day before he is to appear before the Committee, to have SEC staff review whether the agency's 2011 guidance regarding disclosure obligations related to cybersecurity risks needs updating, in light of the Equifax and EDGAR hacks.
In addition, the lawmakers asked Clayton in their letter to consider if there "needs to be other SEC guidance or rulemakings in this [cybersecurity] area."
Late Monday, the SEC announced two new cyber-related initiatives: the creation of a Cyber Unit that will focus on targeting cyber-related misconduct as well as a retail strategy task force that will implement initiatives that directly affect retail investors.
Clayton is to testify on Tuesday morning that the cyber breach matter that he announced on Sept. 20 involving the SEC's EDGAR system for corporate filings "concerns me deeply. I recognize that I am not the only one who is deeply concerned."
Clayton will also tell the committee, as his prepared testimony states, that he has "made clear in public statements that I am focused on the standards of conduct that investment professionals must follow in providing investment advice to Main Street investors," adding that the SEC is "engaging expeditiously and constructively" with Labor Department colleagues "to best serve the interests of investors."