Cybersecurity in Finance: Getting the policy mix right!
CEPS-ECRI launched a Task Force on: "Cybersecurity in Finance: Getting the policy mix right!" on 19 September at CEPS. The different consensuses achieved during the Task Force will result in a list of recommendations and an action plan that will be submitted to the European regulators (primarily DG FISMA, DG Connect, DG Justice, ESAs, ECB, and European Parliament).
During the kick-off meeting, Task Force Members will agree a priority list of issues to be discussed among the below topics:
✔ drawing up recommendations to reinforce the consistency of the regulatory framework for cybersecurity (especially by analysing the interplay between the GDPR, the PSD2, the NIS Directive, etc.);
✔ drawing up recommendations to facilitate the emergence of an EU labelling scheme for ICT security products;
✔ drawing up recommendations to determine a risk threshold beyond which financial providers have to notify customers of data breaches;
✔ drawing up recommendations to enhance the harmonisation of rules, guidelines and standards for clouds, and determine if prescriptive regulations on data location (GDPR, Art. 30) need to be removed;
✔ drawing up recommendations to facilitate the emergence of a balanced digital authentication system that strikes the right balance between security and convenience for customers;
✔ drawing up recommendations to stimulate the development of the blockchain and to alleviate specific risks related to this technology.
The kick-off meeting will comprise three presentations from European regulators and practitioners. The contribution of these experts will help shape the final agenda of the Task Force. Three more meetings will be organised before February 2018.
Kick-off meeting: Tuesday, 19 September 2017
Date 2nd meeting: Monday, 20 November 2017 - Agenda
Date 3rd meeting: Tuesday, 6 February 2018 - Draft Agenda
Date 4th meeting: Thursday, 17 May 2018