SEC shuffle: CIO, top cyber adviser to step down

The personnel moves come as the agency looks to FireEye for cyber forensic support.

SEC Headquarters Washington DC photo credit: By Andriy Blokhin shutterstock image number 1128744890

The Securities and Exchange Commission is losing two top tech officials. Agency CIO Pamela C. Dyson is leaving the SEC to join the Federal Reserve Bank of New York as CIO and executive vice president and head of the technology group.

The agency also announced the impending departure of Christopher R. Hetner, the senior adviser for cybersecurity policy. Hetner helped set up the cyber adviser post in 2016-- the same year that the SEC's signature public-facing system EGDAR was reportedly breached. News of the breach was not made public until September 2017.

Charles Riddle, who serves as the agency's CTO, will take on the role of acting CIO upon Dyson's departure. Henter, according to an agency release, will stick around to assist with the transition to a yet-to-be-named successor.

The news comes as the SEC tapped cybersecurity vendor FireEye to serve as a forensics investigator in a sole-source deal, according to contracting documents posted on FedBizOpps Sept. 19. The contract arises directly in response to the 2016 EDGAR system breach.

The FireEye deal is a five-year contract to be paid for out of fiscal year 2018 funds. FireEye will be working with the agency's office of general counsel. The amount of the award was redacted from the sole-source justification document.

"The nature of the apparent intrusion potentially exposes the SEC to claims that it did not properly secure non-public information in the EDGAR system," the document stated. "Accordingly, the SEC requires the services of an expert for such potential disputes to assess the merit and disposition of any such potential claims."

According to an Oct. 2, 2017, statement from the SEC, the breach included the disclosure of personally identifiable information including names, dates of birth and Social Security numbers on two individuals named in an EDGAR test filing that was accessed by hackers.

The apparent worry is that the breach could also involve the theft of pre-publication versions of financial statements and disclosures containing inside information hackers could use in stock trading. Investors or companies could sue the agency on the basis of losses incurred by trading on stolen information. The SEC's response to the breach includes an investigation into illicit trading.

In a September 2017 hearing, SEC Chairman Jay Clayton told lawmakers that the agency was hiring outside help to run penetration tests on its systems.

The EDGAR system dates back to the very early days of the web. The first version of the site was established in the 1990s, and the current version was launched in 2001 although it has been updated on a regular basis.