September 28, 2011—Greg Shannon, chief scientist for the SEI's CERT Program, testified on September 14 before the House Committee on Financial Services, Subcommittee on Financial Institutions and Consumer Credit. Shannon was called as a witness for the hearing titled “Cybersecurity: Threats to the Financial Sector.” Shannon’s testimony centered on the nature of these threats and measures CERT is undertaking to combat them.

In his remarks, Shannon noted that “Cyber attacks have become big business,” explaining that the opportunity for significant financial gain has attracted great interest and investment by criminal operations in conducting cyber attacks on financial institutions. Shannon suggested a data-driven approach to research, development, policies, and regulations is essential for a realistic, outcomes-based approached to fighting these threats to the financial sector.

Shannon highlighted four areas in which CERT is working to mitigate cyber threats to the financial area: insider threat, secure coding, operational resilience, and computer forensics. He also called for a more robust resource agenda informed by improved data sharing within the research community.

To read the report Shannon submitted to the Subcommittee on Financial Institutions and Consumer Credit, visit http://financialservices.house.gov/UploadedFiles/091411shannon.pdf.

To watch an archived webcast of the entire hearing, visit: http://mfile3.akamai.com/65722/wmv/sos1467-1.streamos.download.akamai.com/65726/hearing091411.asx.

For more information on CERT, visit http://www.cert.org.