Former officials are also urging confirmation of Biden’s nominee to the Federal Reserve to strengthen banks’ resilience in the event of emergent risks following the Kremlin’s invasion of Ukraine.
The Securities and Exchange Commission will meet March 9 to consider changes to its cybersecurity enforcement as lawmakers look to bolster the financial sector from disturbance following the exclusion of Russian banks from the Society for Worldwide Interbank Financial Telecommunication, or SWIFT, and other sanctions against Russian entities.
“The Commission will consider whether to propose amendments regarding cybersecurity risk management, strategy, governance and incident disclosure,” according to a notice set to publish in the Federal Register.
The SEC recently proposed new cybersecurity rules for some industry stakeholders. It wasn’t quite what leading cybersecurity policymakers were hoping for, although SEC Chairman Gary Gensler suggested there could be more action to come. Then Russia invaded Ukraine. The sanctions that followed are causing current and former federal officials to worry Russia will target the financial sector to both soften the blow of sanctions and in turn damage the U.S. economy with ransomware and other cyberattacks. The cryptocurrency industry is of particular concern.
“Sanctions on Russian financial institutions and individuals, and a potential exclusion of Russia from SWIFT and the Western financial system, increase risks of criminality and cyberattack,” reads a Feb. 24 letter Simon Johnson, professor of entrepreneurship at the MIT Sloan School of Management and a senior fellow at the Peterson Institute for International Economics, sent to Sen. Elizabeth Warren, D-Mass. “The extreme volatility of crypto assets which are directly or indirectly tied to activities in Russia and Eastern Europe also are likely to undermine confidence among a subset of small investors and may provoke cyberattacks on the U.S. financial system.”
Johnson’s letter was packaged with those from two other former Treasury officials—Michael Barr and Greg Feldberg—now in the academic sector. They were responding to inquiries Warren made about Sarah Bloom Raskin, President Joe Biden’s nominee for the position of Vice Chair for Supervision on the Board of Governors of the Federal Reserve System.
The SEC and Federal Reserve share cybersecurity responsibilities for banks since they are often public companies. The letters urged no delay on Raskin’s confirmation, with Johnson describing the Senate’s failure to fill the post as “reckless.”