Abstract
AbstractCybersecurity in the financial sector is a dynamic and evolving policy field with unique challenges and specific characteristics. While it has recently received a lot of attention from disciplines like Economics and Politics, legal literature on this topic, especially with regard to EU law, still lags behind. This is surprising, given that cybersecurity in the EU is characterized by complex governance structures, a variety of legal sources, and a wide range of different rule makers and involved actors, and given that only a clear legal framework with efficient institutions at both EU and Member State level can provide for a safe digital environment. The purpose of this Article, therefore, is twofold: On the one hand, it aims to introduce the legal aspects of cybersecurity in the financial sector while taking stock of existing cybersecurity schemes, including their strengths and weaknesses from a legal perspective. On the other hand, it will set out key elements that cybersecurity regulation in the financial sector must respect in order to be effective and come up with reform proposals to make the EU financial sector more cybersecure.
Highlights
Cybersecurity in the financial sector is a dynamic and evolving policy field with unique challenges and specific characteristics. While it has recently received a lot of attention from disciplines like Economics and Politics, legal literature on this topic, especially with regard to EU law, still lags behind
This is surprising, given that cybersecurity in the EU is characterized by complex governance structures, a variety of legal sources, and a wide range of different rule makers and involved actors, and given that only a clear legal framework with efficient institutions at both EU and Member State level can provide for a safe digital environment
Financial Stability Board (FSB) member jurisdictions mainly described their regulatory schemes on cybersecurity as principles-based,64 as opposed to rule-based
Summary
Categories of Cyber Threats In recent years, cyber-attacks have grown rapidly in scale, scope, and sophistication.10 They concern the entire ecosystem, whether states, individuals, or businesses, and question a number of important dichotomies, including internal/external, public/private, and civilian/military.. Cyber War Cyber war, or hybrid forms of it, is usually a state-sponsored form of action against another state carried out via electronic networks It includes warfare against another state’s military, public, and private sectors, as well as the civilian population. The most affected sectors are banking and utilities—with 18.37 and 17.84 million US dollars on average annual cost of cybercrime for each organization in the industry in 2018.20 Cyber-attacks can ruin the reputation of companies building their business model on private data or, like financial institutions, on confidence and trust.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
