May 21 - The U.S. financial services industry is a leader in cybersecurity practices with a solid framework and existing regulations, the American Bankers Association has testified.
Charles Blauner, global head of information security for Citi, testified on behalf of ABA before the House Energy and Commerce Committee. Blauner also serves as the chairman of the Financial Services Sector Coordinating Council, which organizes the protection of critical financial services infrastructure and focuses on operational risks.
“The public-private partnership between the government and the financial services sector is critical to protecting firms against cyber threats, and we pledge to continue this collaboration to further our mutual goals,” said Blauner.
He noted that the development and implementation of cybersecurity framework by the National Institute of Standards and Technology should leverage existing standards, regulations and processes to prevent redundancies.
“The NIST Cybersecurity Framework should be complementary to the existing audit and examination processes,” Blauner said. “Otherwise, we will end up with redundant audit requirements that become a compliance exercise and do absolutely nothing to enhance cybersecurity.”
Blauner also testified about the importance of timely cross-sector information sharing.
“It is of utmost importance to increase the volume, timeliness and quality of threat information shared by U.S. law enforcement and intelligence agencies with private sector entities so that they may better protect themselves against cyber threats,” said Blauner.
In addition, he noted that foundational work needs to be done to support enhanced cybersecurity, including the development of technical capabilities and a skilled workforce.
Blauner also expressed support for the Cyber Intelligence Sharing and Protection Act recently passed by the House and the Administration’s executive order, which provides important direction to both the public and private sector to protect our nation’s critical infrastructures.
He concluded by emphasizing that cybersecurity is a top priority for banks.
“We have invested an enormous amount of time, energy and resources to put in place the highest level of security, and we are subject to stringent regulatory requirements. We look forward to continuing to work with Congress and the Administration toward our mutual goal of protecting our nation’s critical infrastructure.”
Click here for the full testimony.