WASHINGTON, D.C. — U.S. Sen. Sherrod Brown (D-OH) – ranking member of the U.S. Senate Committee on Banking, Housing, and Urban Affairs – released the following opening statement at today’s hearing entitled “Cybersecurity: Risks to the Financial Services Industry and Its Preparedness.”
Sen. Brown’s remarks, as prepared for delivery, follow:
Thank you Chairman Crapo.
This Committee last considered cyber preparedness of financial institutions three and a half years ago. Since then, sophisticated, targeted cyber-attacks have become all too frequent, exposing the personal information of millions of Americans and costing billions of dollars.
Cutting corners on cybersecurity risks real harm to real people’s lives. Each data breach or cyber heist that makes the news seems larger than the one before, and after a while, we barely raise an eyebrow. But think about a family trying to get a mortgage, who finds out their credit score has been wrecked through no fault of their own.
And it’s clear these risks to the financial system and Americans’ personal data are growing.
Today’s hearing will give us a window into how the financial services sector is working on cyber preparedness, fighting cyber-attacks, and promoting cooperation among private and public entities.
Financial institutions must work diligently not just to maintain standards set by industry and government, but also to improve protections for financial infrastructure and customer data wherever possible. As risks increase and threats become more advanced, financial institutions and government agencies must facilitate and encourage information sharing.
Banks certainly have the resources to invest in protecting their customers. The FDIC reported on Tuesday that banks are doing better than ever—including the benefit from the tax bill, net bank income increased 27.5 percent compared to 2017. Even without the tax benefits Republicans in Congress bestowed on the largest corporations and the wealthy, bank profits would have been up 12.6 percent.
Record profits for banks shouldn’t just mean that top executives get bigger bonuses and the largest shareholders benefit from stock buybacks and dividends.
Banks should be investing in their businesses, whether it is cybersecurity or a living wage for their employees. Rather than lobbying to be let off the hook from rule after rule, big banks should focus their time and effort on securing financial infrastructure against attacks and protecting sensitive customer data.
Law enforcement also plays a critical role in assessing and warning about cyber threats, and its ability to share sensitive cyber threat information more quickly will help combat those threats. I know there has been good work done in this area, but we need to build on it – we can’t let up now.
A secure and resilient financial system is the foundation of commerce and our economy. There is always the risk that cyber thieves will try to steal money and consumers’ personal data, or that a hostile country will seek to disrupt our financial system. We can’t risk undermining faith in that entire system.
It could take just one cyber-attack to undermine our trust in financial institutions. Once that happens, it will take more than hearings, legislation, or policy changes to restore that trust.
I look forward to hearing from our witnesses today about how cyber preparedness can be improved, consumers’ information can be better protected, and information sharing can be enhanced.
Thank you Mr. Chairman.