Washington, D.C. — Heather Hogsett, senior vice president, technology and risk strategy for BITS — the technology policy division of the Bank Policy Institute — will testify today before the U.S. House Subcommittee on Cybersecurity and Infrastructure Protection. The testimony examines the state of cybersecurity in the United States and how the Cybersecurity and Infrastructure Security Agency plays an important role in protecting U.S. cyberspace. It also offers recommendations to further CISA’s objectives and improve the collaboration already underway.
What BPI is saying:
“There have been notable improvements since CISA’s formation in faster declassification and sharing of threat information, including a significant increase in publications, alerts and joint advisories with other government agencies,” stated Hogsett. “We encourage CISA to continue to invest in these efforts while prioritizing cross-sector coordination and fully implementing the Cyber Incident Reporting for Critical Infrastructure Act with consideration given to harmonizing existing regulations.”
Collaboration is underway; however, threats are on the rise:
Banks and other financial institutions have recently faced an increase in cyberattacks by foreign nations and criminal groups intending to undermine the functioning of the U.S. economy. The financial sector — one of the 16 critical infrastructure sectors in the U.S. — recognizes the gravity of these risks and has a long history of working with industry partners and the government to address and manage such risks.
The sector established the Financial Services Information Sharing and Analysis Center in 1999, the first of its kind, which has served as a model that other sectors have sought to replicate. It also established the Financial Services Sector Coordinating Council and regularly engages the U.S. Department of Treasury, CISA, the Office of the National Cyber Director, the Federal Bureau of Investigation, the U.S. Secret Service and the banking regulators to mitigate threats, share information and foster private-public collaboration. CISA is uniquely positioned to further enhance the effectiveness of these efforts by addressing longer-term strategic planning between government and industry and supporting cross-sector risk mitigation.
Recommendations to further enhance and scale CISA’s contributions:
As CISA continues to mature its operations, BPI encourages it to focus on the following areas:
- Implement the Cyber Incident Reporting for Critical Infrastructure Act with a focus on harmonizing and streamlining existing reporting requirements;
- Work with industry to identify and prioritize national systemic risks while avoiding duplicating existing designations such as Systemically Important Financial Institutions; and
- Support cross-sector collaboration and joint planning to proactively defend against threats.
“This is no small task and will require CISA to refine its focus and strategically apply resources to be successful. However, BPI remains committed to supporting these efforts and doing its part to protect the nation’s economy,” Hogsett concluded.
About Bank Policy Institute.
The Bank Policy Institute (BPI) is a nonpartisan public policy, research and advocacy group, representing the nation’s leading banks and their customers. Our members include universal banks, regional banks and the major foreign banks doing business in the United States. Collectively, they employ almost 2 million Americans, make nearly half of the nation’s small business loans, and are an engine for financial innovation and economic growth.