For Immediate Release - September 12, 2016

Office of Consumer Affairs and Business Regulation Hosts Cybersecurity for Financial Services Conference

Boston, MA (September 12, 2016) - The Massachusetts Office of Consumer Affairs and Business Regulation is partnering with law enforcement and security experts on Tuesday, September 13th to present best practices for achieving and maintaining effective cybersecurity for financial services companies. Cybersecurity is now a top priority of enterprise risk management, and one of the most challenging.

“Cybersecurity is not just about keeping personal and financial information secure,” said Jay Ash, Secretary of the Executive Office of Housing and Economic Development. “It’s about being prepared for a breach, educating employees on how to handle sensitive material, and knowing what to do if a breach occurs.”

The costs of cyber attacks and cybersecurity are on the rise. According to the Ponemon Institute, cyber crime rose 19 percent globally last year and the cost of an attack to companies averaged $7.7 million. PricewaterhouseCoopers Global State of Information Security survey found that average information security spending in the financial services industry is up 14 percent with budgets of $1million to $4.9 million for almost 20 percent of global companies. The study also reinforces the benefits of collaboration between industry, government, and law enforcement in addressing cybersecurity challenges, a theme heavily emphasized at today’s conference.

“Cybersecurity is one of the most significant investments a business should make,” said John Chapman, Undersecretary of the Office of Consumer Affairs and Business Regulation. “As chair of the Financial Services Advisory Council, I know how critical a comprehensive cybersecurity plan is to financial services companies and to protecting our economy at large. As the risks of cybersecurity breaches increase, the financial services industry needs to be prepared to meet the ever-changing challenges of keeping consumer’s information and finances protected.”

“At a time when the economy is embracing digital technologies, the opportunities for criminals are increasing at an even faster pace,” said Federal Reserve Bank of Boston Senior Vice President and Chief Information Officer Don Anderson. “Organizations can protect themselves through increased collaboration and a prioritized risk management approach.”

“In the recent past, the ways companies dealt with cybersecurity breaches was reactive and focused on damage control. That won’t work anymore,” said Donald K. Stern, Managing Director, Affiliated Monitors, Inc. and former U.S. Attorney for the District of Massachusetts. “You need a detailed plan, accountability, adequate resources, on-going monitoring, relations with law enforcement and buy-in from management and the Board. It is a major enterprise risk and everyone top-down needs to treat it as such.”

Stephen Chow, Partner with Burns & Levinson LLP, presented on Cyber Threats and the Techno-Legislative Frontier. He reviewed the existing legislative and regulatory framework for financial services industry operations and provided a briefing of current legislative initiatives, particularly technological innovations such as Bitcoin and other distributed ledger systems.

The Office of Consumer Affairs and Business Regulation is committed to protecting consumers through consumer advocacy and education, and also works to ensure that the businesses its agencies regulate treat all Massachusetts consumers fairly. Follow the office at its blog, on Facebook, and on Twitter @Mass Consumer.