Full Sail Strategic
Full Sail Strategic

  • Cayman Islands Monetary Authority (CIMA)

    Cybersecurity for Regulated Entities

    In May 2020 the Cayman Islands Monetary Authority (CIMA) published a Statement of Guidance and made a new rule on Cybersecurity for Regulated Entities. The Statement of Guidance and Rule are now in force. Entities regulated by CIMA, including controlled subsidiaries, are required to comply.

    These new regulations require regulated entities in the Cayman Islands to develop, implement, and monitor a robust cybersecurity framework in an effort to reduce the threat of cyber attacks, protect sensitive data, and to recover from cybersecurity related threats, incidents, and breaches.

    With over 20 years of experience, our Cybersecurity professionals can help your CIMA regulated entity to easily and affordably comply with the new cybersecurity regulations.
    Who Must Comply?
    Regulation Overview
    Our Services
    About our Team
    Who Must Comply?

    This regulation applies to any Cayman entity regulated under any of the following:

    Banks and Trust Companies Law

    Insurance Law

    Mutual Funds Law (regulated mutual funds are exempt)

    Securities Investment Business Law (SIBL)

    Building Societies Law

    Cooperative Societies Law

    Development Bank Law

    Money Services Law

    Companies Management Law

    Directors Registration and Licensing Law

    Private Trust Companies Regulations


    If your entity is regulated under any of the above laws and regulations of the Cayman Islands, then you are in-scope and will be expected to demonstrate compliance as part of your next CIMA inspection.

    Regulation Overview

    Cybersecurity Regulation Overview

    In summary, regulated entities must:

    1. Establish, implement and maintain a documented cybersecurity framework;
    2. Identify, document, and manage all material cybersecurity risks;
    3. Have necessary policies and procedures, including for managing those risks and responding to cyber attacks;
    4. Clearly identify managerial responsibilities and controls to ensure adherence to the cybersecurity framework;
    5. Establish a comprehensive training and awareness program for cybersecurity;
    6. Ensure sufficient and suitable personnel are in place to maintain the cybersecurity framework;
    7. Regularly review emerging or evolving cybersecurity threats and IT landscape and ensure that their cybersecurity framework continues to be appropriate. 


    View CIMA Regulations

    Cybersecurity for Regulated Entities

    Our Services

    Our Services

    Our team of Cybersecurity experts are able to provide everything your registered entity needs to fully comply with the new cybersecurity regulations. 

     We recognize that not all entities are coming from the same starting point and that each entity will have unique levels of needs, complexity, risk, and budget.  For this reason we offer different types of services: 

    Complete Turnkey Solutions

    For entities with less mature or nonexistent cybersecurity frameworks, we offer three tiers of cyber security packages that are designed to help entities of various needs and budget to reach regulatory compliance and beyond.

    • Basic Package: Provides you with the minimum required to met the new regulations so you can pass your next inspection without a hitch.
    • Enhanced Package: For those who are willing and able to go beyond the bare minimum and wish to better protect their entity and their clients information from cyber attacks.
    • Platinum Package: for those looking for complete cybersecurity certification against any of the internationally recognized standards, such as NIST, CIS, ISO/IEC, IASME, SOC 2, PCI DSS, COBIT, GDPR, NY DFS, and several others)

      

    Compare Plans

    Bespoke Cybersecurity Services



    For entities with more mature cybersecurity frameworks or who are further along in meeting the requirements but may need to identify, enhance, or update areas of their existing frameworks, we offer bespoke services that we can custom quote to address your specific needs.

    Request a custom quote
    About our Team

    Our Team of Cybersecurity Experts

    You can edit text on your website by double clicking on a text box on your website. Alternatively, when you select a text box a settings menu will appear. your website by double clicking on a text box on your website. Alternatively, when you select a text box

    Daniel Ayers

    You can edit text on your website by double clicking on a text box on your website. Alternatively, when you select a text box a settings menu will appear. your website by double clicking on a text box on your website. Alternatively, when you select a text box.

    Jerome Hutchenson

    You can edit text on your website by double clicking on a text box on your website. Alternatively, when you select a text box a settings menu will appear. your website by double clicking on a text box on your website. Alternatively, when you select a text box.

    Ernest Park

    You can edit text on your website by double clicking on a text box on your website. Alternatively, when you select a text box a settings menu will appear. your website by double clicking on a text box on your website. Alternatively, when you select a text box.

    Raul Lopez

    You can edit text on your website by double clicking on a text box on your website. Alternatively, when you select a text box a settings menu will appear. your website by double clicking on a text box on your website. Alternatively, when you select a text box.

    James Schraepfer

    You can edit text on your website by double clicking on a text box on your website. Alternatively, when you select a text box a settings menu will appear. your website by double clicking on a text box on your website. Alternatively, when you select a text box.

    Read More