Scarinci Hollenbeck, LLC
The Firm
201-896-4100 info@sh-law.comFirm Insights
SIMFA Releases Cybersecurity Principles for Regulating Financial Industry
Author: Scarinci Hollenbeck, LLC
Date: November 4, 2014
Key Contacts
Back
Improving cybersecurity remains a top priority for the financial services industry, which has been one of the hardest hit by data breaches in recent years.
Improving cybersecurity remains a top priority for the financial services industry, which has been one of the hardest hit by data breaches in recent years. However, in order to develop effective state and federal regulations, the public and private sectors will need to work together. With this in mind, SIMFA Releases Cybersecurity Principles, which are recommendations for improving cybersecurity regulation. According to the Wall Street trade organization, the recommended principles by the Securities Industry and Financial Markets Association are intended to assist regulators as they move forward with plans to review, update and harmonize their cybersecurity policies, regulations, and guidance.
SIFMA’s ten principles are as follows:
- Principle 1: The U.S. Government Has a Significant Role and Responsibility in Protecting the Business Community
- Principle 2: Recognize the Value of Public-Private Collaboration in the Development of Agency Guidance
- Principle 3: Compliance with Cybersecurity Agency Guidance Must be Flexible, Scalable and Practical
- Principle 4: Financial Services Cybersecurity Guidance Should be Harmonized Across Agencies
- Principle 5: Agency Guidance Must Consider the Resources of the Firm
- Principle 6: Effective Cybersecurity Guidance is Risk-Based and Threat-Informed
- Principle 7: Financial Regulators Should Engage in Risk-Based, Value-Added Audits Instead of Checklist Reviews
- Principle 8: Crisis Response is an Essential Component to an Effective Cybersecurity Program
- Principle 9: Information Sharing is Foundational to Protection, Must Be Limited to Cybersecurity Purposes, and Must Respect Firms’ Confidences
- Principle 10: The Management of Cybersecurity at Critical Third Parties is Essential for Firms
“Cybersecurity is a top priority for the financial services industry, which is dedicating significant resources to protect the integrity of the markets and the millions of Americans who use financial services every day. Effective and consistent regulatory guidance is a critical component of the broader cyber defense effort, as it promotes best practices and accountability across the financial sector,” said Kenneth E. Bentsen, Jr., SIFMA president & CEO.
SIMFA’s principles reflect many of the challenges that both regulators and financial services firms will face as they tackle cybersecurity. Most notably, there cannot be a “one size fits all approach” given the variances in corporation size, resources, and risk. Yet, at the same time, the legal requirements placed on companies should be streamlined, predictable, and harmonious so as to reduce the regulatory burden.
The full text of SIFMA’s “Principles for Effective Cybersecurity Guidance” can be found here: http://www.sifma.org/issues/item.aspx?id=8589951691.
If you have any questions about this post or would like to discuss the issues involved, please contact me, Fernando Pinguelo, or the Scarinci Hollenbeck attorney with whom you work. To learn more about data privacy and security, visit eWhiteHouseWatch (http://ewhwblog.com).
- Practices: Intellectual Property
- Locations: Red Bank, NJ, New York City, Little Falls, NJ
No Aspect of the advertisement has been approved by the Supreme Court. Results may vary depending on your particular facts and legal circumstances.
Related Posts
See all
What Founders Can Learn From Start-up Suits
High-profile founder litigation is more than just a media spectacle. For startup founders, these cases underscore the legal and structural risks that can arise when rapid growth outpaces formal oversight. While launching a new company can be both an exciting and deeply rewarding endeavor, founders must be mindful that it also comes with significant risks. […]
Author: Dan Brecher
Corporate Governance Reviews: A Practical Guide for New Jersey Companies
Every New Jersey company should periodically evaluate its governance framework. Strong corporate governance protects directors and officers, builds investor confidence, reduces litigation exposure, and positions a company for sustainable growth. The first quarter of the year is a great time to evaluate your corporate governance practices and perform any routine maintenance needed to keep that […]
Author: Ken Hollenbeck
What to Do After Being Served with a Lawsuit: Steps to Protect Your Legal Rights
Being served with a lawsuit is one of the most stressful legal events a business or individual can face. Whether the claim involves a contract dispute, an employment matter, an intellectual property issue, or another legal challenge, the actions you take in the first few days can significantly shape the outcome of your case. Acting […]
Author: Robert E. Levy
Will 2026 Be a Banner Year for SPACs? Understanding the Risks and Opportunities
Special Purpose Acquisition Companies (SPACs) continue to gain momentum as we move through 2026. After enduring a significant contraction following the 2021 boom and the regulatory scrutiny that followed, SPAC activity rebounded sharply in 2025 and now carries forward into 2026 with real momentum. The SPAC resurgence reflects broader improvements in both market conditions and the […]
Author: Dan Brecher
Why Compliance Monitoring Matters for NY and NJ Businesses
Compliance programs are no longer judged by how they look on paper, but by how they function in the real world. Compliance monitoring is the ongoing process of reviewing, testing, and evaluating whether policies, procedures, and controls are being followed—and whether they are actually working. What Is Compliance Monitoring? In today’s heightened regulatory environment, compliance […]
Author: Dan Brecher
When Are New Jersey Business Owners Personally Liable for Corporate Debt?
New Jersey personal guaranty liability is a critical issue for business owners who regularly sign contracts on behalf of their companies. A recent New Jersey Supreme Court decision provides valuable guidance on when a business owner can be held personally responsible for a company’s debt. Under the Court’s decision in Extech Building Materials, Inc. v. […]
Author: Charles H. Friedrich
No Aspect of the advertisement has been approved by the Supreme Court. Results may vary depending on your particular facts and legal circumstances.
Sign up to get the latest from our attorneys!
Explore What Matters Most to You.
Consider subscribing to our Firm Insights mailing list by clicking the button below so you can keep up to date with the firm`s latest articles covering various legal topics.
Stay informed and inspired with the latest updates, insights, and events from Scarinci Hollenbeck. Our resource library provides valuable content across a range of categories to keep you connected and ahead of the curve.