Purpose
To provide financial institutions an overview of the developments in cybersecurity regulation of financial institutions during 2015 by the United States, the United Kingdom, and the European Union, as well as guidance for developing effective cyber-risk management programs in light of evolving cyber-threats and cyber-regulatory expectations.
Design/methodology/approach
Reviews US, UK and EU regulatory developments in the cybersecurity area and provides several best practice tips financial institutions should consider and implement to improve their cybersecurity compliance programs.
Findings
While cyber-threats and financial regulators’ expectations for cyber-security are constantly evolving, recent guidance and enforcement efforts by the US, UK and EU illustrate the need for financial institutions to develop effective cybersecurity programs that address current regulatory compliance requirements and prepare for emergency cyber responses.
Practical implications
Financial institutions should utilize the Federal Financial Institutions Examination Council’s Cybersecurity Assessment Tool to assess their cyber-risk profile and cyber-preparedness.
Originality/value
Practical guidance from experienced financial regulatory and privacy lawyers that provides a survey of the current regulatory environment and recommendations for cyber-security compliance.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.