May 25, 2018

Crapo Statement at Cybersecurity Hearing

WASHINGTON – U.S. Senator Mike Crapo (R-Idaho), Chairman of the U.S. Senate Committee on Banking, Housing and Urban Affairs, delivered the following remarks at a hearing entitled “Cybersecurity: Risks to the Financial Services Industry and Its Preparedness.”
The text of Chairman Crapo’s remarks, as prepared, is below.
“Today, we will hear about cybersecurity in the financial sector.
“Today’s witnesses come from a wide range of organizations, and can provide us with insight on the threats faced by and the preparedness of the financial sector when it comes to cyber.
“Four years ago, this Committee held a similar hearing where I noted that a recently aired ‘60 Minutes’ segment called 2014 ‘the year of the data breach.’
“Given the various data breaches over the past few years, most notably the Equifax data breach last year, I am not sure 2014 still holds that title.
“As our society increases its reliance on technology and becomes accustomed to immediate access to information and services from companies, the risk of – and the potential damage caused by – data breaches continually increases.
“Americans are becoming more aware of the amount of information, including personally identifiable information or PII, that is stored by companies and there is a growing realization that this information can be stolen or misused.
“The collection of PII by both the government and private companies is something that has long troubled me.  Many question how both use the data collected and how such data is secured and protected. 
“The collection and use of PII will be a major focus of the Banking Committee moving forward, as there is broad-based interest on the Committee in examining this. 
“Today, we will hear from our witnesses regarding cybersecurity and about the risks to the financial services industry and its preparedness.
“We have heard from many regulators before this committee about their focus on and oversight of cybersecurity and how it is critical to the operations of companies and our markets. 
“This is especially true for companies in the financial services space.
“The financial sector itself is a main target for hackers because, as many have said, ‘that’s where the money is.’
“Banks are under constant attack every day.
“Because of this, they and other firms in the financial services industry have devoted substantial resources to protecting information systems, and the industry is widely viewed as one of the most advanced sectors in terms of prioritizing cybersecurity.
“Today, I hope to learn more about: the risks to the financial services industry from cyberattacks and cyber threats; the work being done in the financial services industry to increase cyber readiness, combat cyberattacks, and increase resiliency; and what more needs to be done by the private sector and government to help protect companies’ and consumer’s information.

“It is critical that personal data is protected, consumer impact in the event of a breach is minimized, customers’ ability to access credit and their assets is not harmed, and the financial sector is resilient enough to continue to function despite a cyber breach at a financial sector company.”