In Crypto Cybersecurity, Ambiguity May Help - Ex-BNY Mellon Exec

cryptonews.com:

Leaving room in guidelines for interpretation and for a developing sector to self-regulate, grow, and change – instead of setting rigid laws to strictly follow – is likely the best choice for crypto cybersecurity regulation, said David Schwed former head of digital assets technology at banking giant BNY Mellon.

Schwed is the Chief Operating Officer for blockchain cybersecurity firm Halborn. He started working at the company in June 2022.

His previous roles include Global Head of Digital Assets Technology at BNY Mellon and Managing Director and Chief Information Security Officer at Galaxy Digital.

Speaking with Blockworks, Schwed took the Gramm–Leach–Bliley Act (GLBA) as an example. This particular law, enacted in November 1999, requires financial institutions “to explain their information-sharing practices to their customers and to safeguard sensitive data,” according to the US Federal Trade Commission.

Schwed pointed out the GLBA’s broad language around certain relevant parts of the law – for example, around “maintaining appropriate safeguards.” This, he argued, enabled financial companies to continue “raising the bar” around what the industry saw as acceptable, the report said.  

Now, when this is moved to the crypto industry, similar legislation may be written with “vague and ambiguous” language, he said, adding:

“Once you kind of set that bar, you’re giving banking regulators the ability now to come in and maybe start setting that standard through banking examination. I don’t think explicit regulation is the way to go, because once you give people a framework and say you must do A, B, C and D, they’re only going to do A, B, C and D.”

There is a good reason behind this position, the Halborn COO argued: technology is