New EU-wide policies designed to improve cyber security may have the most impact on hedge funds and securities lending firms, according to one industry expert.
Following approval earlier this week for new EU cyber security polices, Mark Clancy, chief executive of cyber security software firm Soltra, believes that companies not used to a stringent regulatory environment will feel the most impact.
“If you have a smaller financial institution that doesn’t operate at scale, these changes could be quite complex regulations to address,” said Clancy.
“Looking outside of the traditional larger retail banking structure such as hedge funds and securities lending firms, these new policies will be new for them as they haven’t seen such heavy regulation.”
Under the new framework, EU member states will have to identify concrete ‘operators of essential services’ using set criteria including whether the service is critical for society and the economy and whether an incident could have significant disruptive effects on service provision.
Clancy believes the policy hasn’t allowed for a distinction between larger and smaller firms.
“We will see more impact outside of the larger banking structures, which is probably what the commission was aiming for as it attempted to encompass everything,” he added.
“I don’t believe that this distinction has made it through to this policy, so I still think that there is some room for risk tiering in this requirement.
The European Parliament approved a draft framework last week ordering firms supplying essential services to improve their cyber security procedures.
According to Michael Cooper, CTO of BT Radianz, the new EU policies will be the first step in a global cyber security initiative.
“Approval on these measures could be the first step towards a more globally consistent response and support against what is a significant threat for banks and financial industries,” said Cooper.
The new framework has also proposed a strategic cooperation group allowing for easier exchange of information and Cooper believes the sharing of expertise will be critical in tackling the the cyber threat.
“One of the key elements in responding to the adversaries in the financial space is having a complete share of information,” adds Cooper.
“The industry can be more effective in responding is by mirroring our adversaries in being able to share information and these new policies will focus those in the industry towards this goal.”