CFTC Commissioner Goldsmith Romero Touts Importance of Cyber Resilience
"If the public and private sector can work together to build resilience, we can collectively harden our defenses, making it that much harder for cyber criminals to be successful."
CFTC Commissioner Christy Goldsmith Romero
"If the public and private sector can work together to build resilience, we can collectively harden our defenses, making it that much harder for cyber criminals to be successful."
CFTC Commissioner Christy Goldsmith Romero
CFTC Commissioner Christy Goldsmith Romero argued that the financial industry must move from a "mentality of incident response to one of cyber resilience."
In remarks before the FIA International Derivatives Conference, Ms. Goldsmith Romero said that the financial markets "face ever-evolving threat vectors" due to cyber threats (i.e., ransomware, zero-day vulnerability and third-party servicer vulnerability) coupled with cyberattacks caused by artificial intelligence.
To further the advance from incident response to cyber resilience, Ms. Goldsmith Romero recommended:
- a tailored approach that fits each organization and is proportionate with the risks faced;
- generally accepted standards to promote cyber resilience, including training, review of resilience plans and testing;
- building operational resilience by "elevating responsibility" to those who make strategic decisions for an organization;
- ensuring third parties are equipped to guard against cyber criminals; and
- coordinating efforts with prudential regulators and NFA.
Ms. Goldsmith Romero said that she anticipates a CFTC rule proposal to be released in the coming months on operational and cyber resilience.