Cybersecurity Compliance in the Financial Sector
The financial industry represents a vast assortment of firms, agencies and institutions with operations ranging from small community banks to massive, international corporations. Managing the financial sector in the U.S. presents a herculean task to lawmakers and regulators charges with its oversight. The management of cybersecurity takes on greater complexity in considering multinationals with global partners and operations in countries with varying levels of cybersecurity sophistication. This paper investigates laws and regulations within the financial industry applicable to cybersecurity It analyzes both compliance and regulatory issues across the financial sector at federal and state levels. It also reviews similarities and differences among compliance environments created by financial regulations. The paper distinguishes the cybersecurity operational differences and repercussions that result from the joint requirements of the Gramm-Leach-Bliley, Sarbanes-Oxley, and Dodd-Frank Acts on both small and large institutions. Finally, this paper contrasts the values and issues created by increasing compliance requirements for the financial sector.