For years before the Securities and Exchange Commission suffered a massive breach last year, federal watchdogs had warned the agency to encrypt the sensitive financial data stored in its networks.
The Government Accountability Office delivered the admonition most recently in July, a month before the SEC’s leadership learned of the 2016 hack. But the agency’s advice to the SEC on this issue dates to at least 2008, when the GAO said the SEC’s lack of encryption would make it easier for attackers to gain access to sensitive information.
via SEC ignored years of warnings about cybersecurity before massive breach – The Washington Post
