The Securities Industry and Financial Markets Association proposed 10 principles to help encourage a partnership between financial regulators and the financial services industry to better protect the financial sector’s data security and infrastructure from cyber-based attacks. As part of its rollout of these principles, SIFMA argued that coordination between regulators and industry is critical to ensure the “harmonization of regulatory guidance.” According to SIFMA, “[t]he proliferation of different government and private sector security standards creates confusion and fosters an environment in which noncompliance is at risk.” Among the principles is (1) an acknowledgment that the US government has a key role and responsibility in protecting the business community; (2) a recommendation that all US regulators, including self-regulatory organizations, should take a “consistent and coordinated” approach to cybersecurity to avoid overlapping activities; and (3) a recommendation that regulatory guidance should reflect the different nature of risks, and the different sizes and resources of firms. SIFMA also points out that no matter how good cybersecurity programs may be, they may be compromised. As a result it is important that regulators and firms work together to prepare for a response to a cyber-attack. Finally, SIFMA urges regulators to increase their involvement with systemically important third parties relied on by the financial services industry that may be unregulated but may not have robust cybersecurity protections.