Scarinci Hollenbeck, LLC
The Firm
201-896-4100 info@sh-law.comFirm Insights
SIMFA Releases Cybersecurity Principles for Regulating Financial Industry
Author: Scarinci Hollenbeck, LLC
Date: November 4, 2014
Key Contacts
Back
Improving cybersecurity remains a top priority for the financial services industry, which has been one of the hardest hit by data breaches in recent years.
Improving cybersecurity remains a top priority for the financial services industry, which has been one of the hardest hit by data breaches in recent years. However, in order to develop effective state and federal regulations, the public and private sectors will need to work together. With this in mind, SIMFA Releases Cybersecurity Principles, which are recommendations for improving cybersecurity regulation. According to the Wall Street trade organization, the recommended principles by the Securities Industry and Financial Markets Association are intended to assist regulators as they move forward with plans to review, update and harmonize their cybersecurity policies, regulations, and guidance.
SIFMA’s ten principles are as follows:
- Principle 1: The U.S. Government Has a Significant Role and Responsibility in Protecting the Business Community
- Principle 2: Recognize the Value of Public-Private Collaboration in the Development of Agency Guidance
- Principle 3: Compliance with Cybersecurity Agency Guidance Must be Flexible, Scalable and Practical
- Principle 4: Financial Services Cybersecurity Guidance Should be Harmonized Across Agencies
- Principle 5: Agency Guidance Must Consider the Resources of the Firm
- Principle 6: Effective Cybersecurity Guidance is Risk-Based and Threat-Informed
- Principle 7: Financial Regulators Should Engage in Risk-Based, Value-Added Audits Instead of Checklist Reviews
- Principle 8: Crisis Response is an Essential Component to an Effective Cybersecurity Program
- Principle 9: Information Sharing is Foundational to Protection, Must Be Limited to Cybersecurity Purposes, and Must Respect Firms’ Confidences
- Principle 10: The Management of Cybersecurity at Critical Third Parties is Essential for Firms
“Cybersecurity is a top priority for the financial services industry, which is dedicating significant resources to protect the integrity of the markets and the millions of Americans who use financial services every day. Effective and consistent regulatory guidance is a critical component of the broader cyber defense effort, as it promotes best practices and accountability across the financial sector,” said Kenneth E. Bentsen, Jr., SIFMA president & CEO.
SIMFA’s principles reflect many of the challenges that both regulators and financial services firms will face as they tackle cybersecurity. Most notably, there cannot be a “one size fits all approach” given the variances in corporation size, resources, and risk. Yet, at the same time, the legal requirements placed on companies should be streamlined, predictable, and harmonious so as to reduce the regulatory burden.
The full text of SIFMA’s “Principles for Effective Cybersecurity Guidance” can be found here: http://www.sifma.org/issues/item.aspx?id=8589951691.
If you have any questions about this post or would like to discuss the issues involved, please contact me, Fernando Pinguelo, or the Scarinci Hollenbeck attorney with whom you work. To learn more about data privacy and security, visit eWhiteHouseWatch (http://ewhwblog.com).
No Aspect of the advertisement has been approved by the Supreme Court. Results may vary depending on your particular facts and legal circumstances.
Related Posts
See all
Does Your Homeowners Insurance Provide Adequate Coverage?
Your home is likely your greatest asset, which is why it is so important to adequately protect it. Homeowners insurance protects you from the financial costs of unforeseen losses, such as theft, fire, and natural disasters, by helping you rebuild and replace possessions that were lost While the definition of “adequate” coverage depends upon a […]
Author: Jesse M. Dimitro
Understanding the Importance of a Non-Contingent Offer
Making a non-contingent offer can dramatically increase your chances of securing a real estate transaction, particularly in competitive markets like New York City. However, buyers should understand that waiving contingencies, including those related to financing, or appraisals, also comes with significant risks. Determining your best strategy requires careful analysis of the property, the market, and […]
Author: Jesse M. Dimitro
Fred D. Zemel Appointed Chair of Strategic Planning at Scarinci & Hollenbeck, LLC
Business Transactional Attorney Zemel to Spearhead Strategic Initiatives for Continued Growth and Innovation Little Falls, NJ – February 21, 2025 – Scarinci & Hollenbeck, LLC is pleased to announce that Partner Fred D. Zemel has been named Chair of the firm’s Strategic Planning Committee. In this role, Mr. Zemel will lead the committee in identifying, […]
Author: Scarinci Hollenbeck, LLC
Novation Agreement Process: Step-by-Step Guide for Businesses
Big changes sometimes occur during the life cycle of a contract. Cancelling a contract outright can be bad for your reputation and your bottom line. Businesses need to know how to best address a change in circumstances, while also protecting their legal rights. One option is to transfer the “benefits and the burdens” of a […]
Author: Dan Brecher
What Is a Trade Secret? Key Elements and Legal Protections Explained
What is a trade secret and why you you protect them? Technology has made trade secret theft even easier and more prevalent. In fact, businesses lose billions of dollars every year due to trade secret theft committed by employees, competitors, and even foreign governments. But what is a trade secret? And how do you protect […]
Author: Ronald S. Bienstock
What Is Title Insurance? Safeguarding Against Title Defects
If you are considering the purchase of a property, you may wonder — what is title insurance, do I need it, and why do I need it? Even seasoned property owners may question if the added expense and extra paperwork is really necessary, especially considering that people and entities insured by title insurance make fewer […]
Author: Patrick T. Conlon
No Aspect of the advertisement has been approved by the Supreme Court. Results may vary depending on your particular facts and legal circumstances.
Sign up to get the latest from our attorneys!
Explore What Matters Most to You.
Consider subscribing to our Firm Insights mailing list by clicking the button below so you can keep up to date with the firm`s latest articles covering various legal topics.
Stay informed and inspired with the latest updates, insights, and events from Scarinci Hollenbeck. Our resource library provides valuable content across a range of categories to keep you connected and ahead of the curve.
SIMFA Releases Cybersecurity Principles for Regulating Financial Industry
Author: Scarinci Hollenbeck, LLC
Improving cybersecurity remains a top priority for the financial services industry, which has been one of the hardest hit by data breaches in recent years.
Improving cybersecurity remains a top priority for the financial services industry, which has been one of the hardest hit by data breaches in recent years. However, in order to develop effective state and federal regulations, the public and private sectors will need to work together. With this in mind, SIMFA Releases Cybersecurity Principles, which are recommendations for improving cybersecurity regulation. According to the Wall Street trade organization, the recommended principles by the Securities Industry and Financial Markets Association are intended to assist regulators as they move forward with plans to review, update and harmonize their cybersecurity policies, regulations, and guidance.
SIFMA’s ten principles are as follows:
- Principle 1: The U.S. Government Has a Significant Role and Responsibility in Protecting the Business Community
- Principle 2: Recognize the Value of Public-Private Collaboration in the Development of Agency Guidance
- Principle 3: Compliance with Cybersecurity Agency Guidance Must be Flexible, Scalable and Practical
- Principle 4: Financial Services Cybersecurity Guidance Should be Harmonized Across Agencies
- Principle 5: Agency Guidance Must Consider the Resources of the Firm
- Principle 6: Effective Cybersecurity Guidance is Risk-Based and Threat-Informed
- Principle 7: Financial Regulators Should Engage in Risk-Based, Value-Added Audits Instead of Checklist Reviews
- Principle 8: Crisis Response is an Essential Component to an Effective Cybersecurity Program
- Principle 9: Information Sharing is Foundational to Protection, Must Be Limited to Cybersecurity Purposes, and Must Respect Firms’ Confidences
- Principle 10: The Management of Cybersecurity at Critical Third Parties is Essential for Firms
“Cybersecurity is a top priority for the financial services industry, which is dedicating significant resources to protect the integrity of the markets and the millions of Americans who use financial services every day. Effective and consistent regulatory guidance is a critical component of the broader cyber defense effort, as it promotes best practices and accountability across the financial sector,” said Kenneth E. Bentsen, Jr., SIFMA president & CEO.
SIMFA’s principles reflect many of the challenges that both regulators and financial services firms will face as they tackle cybersecurity. Most notably, there cannot be a “one size fits all approach” given the variances in corporation size, resources, and risk. Yet, at the same time, the legal requirements placed on companies should be streamlined, predictable, and harmonious so as to reduce the regulatory burden.
The full text of SIFMA’s “Principles for Effective Cybersecurity Guidance” can be found here: http://www.sifma.org/issues/item.aspx?id=8589951691.
If you have any questions about this post or would like to discuss the issues involved, please contact me, Fernando Pinguelo, or the Scarinci Hollenbeck attorney with whom you work. To learn more about data privacy and security, visit eWhiteHouseWatch (http://ewhwblog.com).