Heather Hogsett, Senior Vice President and Deputy Head of BITS, the technology policy division of the Bank Policy Institute (BPI), is set to testify before the U.S. House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection. Her testimony will focus on the need to streamline cybersecurity regulations that are currently overlapping and conflicting.
"The current patchwork of duplicative cybersecurity regulations stretches banks’ cybersecurity teams thin and hinders their ability to combat cyber threats and safeguard the nation’s financial system," said Hogsett. "A more coordinated and streamlined regulatory approach would not only enhance security and operational efficiency but also strengthen the financial sector’s collective defense against evolving threats."
Hogsett's written testimony suggests several government actions for reexamining existing cyber regulations:
- Withdraw and reissue CISA’s proposed Cyber Incident Reporting Rule, which she argues is overly broad and diverts resources from threat mitigation.
- Rescind the SEC’s Cyber Incident Disclosure Rule, as it may inadvertently aid cybercriminals by exposing vulnerabilities.
- Eliminate redundant cyber incident reporting requirements, suggesting CIRCIA as a primary framework.
- Streamline cybersecurity regulatory requirements across multiple agencies to improve resource allocation.
Additionally, Hogsett emphasized the importance of Congress reauthorizing the Cybersecurity Information Sharing Act of 2015 to maintain critical information sharing between public and private sectors.
The Bank Policy Institute represents leading banks in the United States, including universal, regional, and major foreign banks operating in the country. These institutions collectively employ nearly 2 million Americans and play a significant role in small business lending and economic growth.
For further details or inquiries, contact Austin Anton at austin.anton@bpi.com.