The hack of the U.S. Securities and Exchange Commission’s X account earlier this week is shining a light on an uncomfortable truth: Cybersecurity measures at Wall Street’s chief regulator have repeatedly been found to be lacking.
The agency wasn’t fully adhering to federal cybersecurity standards, including a requirement that public-facing systems support multifactor-authentication, as of a review by its internal watchdog last year. A separate, independent evaluation performed a year earlier identified weaknesses in security measures at the commission, such as protocols for preventing unauthorized access to networks.
The SEC is by no means the only federal agency that has c