Participation is available to U.S. financial institutions of all types and sizes.
Sheltered Harbor is a not-for-profit, industry-led initiative. Participation is voluntary. We can best protect our customers, ourselves, and the entire U.S. financial system when every financial institution joins and implements the industry developed resilience standards - the only standard and best practices for protecteion of isolated data, relsilience and recovery.
Regulators provide guidance in this space, which is complimentary and supportive of Sheltered Harbor:
OCC& FDIC: Cybersecurity: Joint Statement on Heightened Cybersecurity Risk
FFIEC: Financial Regulators include Sheltered Harbor in IT Examination Handbook
FSSCC Business Services Resilience and Restoration Guide
NCUA Report to Congress on Cyber Security and Credit Union System Resilience
Join today.
The Specification and resources to help with implementation are only available to Participants.
Participation fees to join Sheltered Harbor are minimal. Implementation costs vary by size and complexity of institution as well as infrastructure, operations and skills base.
Click here for annual participation fees.
While effort required varies according to size and complexity as well as pre-existing infrastructure, operations, and skills base, Sheltered Harbor is not especially difficult to implement. Smaller institutions have declared their first Sheltered Harbor milestone in as little as three months, while it takes longer for large, complex institutions.
The key factors are prioritization by top leadership and building a cross-functional team to manage the process. Your team should include operations, technology, information security, risk management, audit and compliance, and other relevant departments.
We’ve developed many resources to help you get Sheltered Harbor Certified as quickly as possible, which you can access as soon as you join:
In addition to the resources available to all Participants on our content portal, we have created alliance partnerships with several select firms to help you plan, implement, and certify. Through this growing ecosystem of providers, your options to become resilient against cyber attacks are broader, deeper, quicker, cheaper and less risky than building it all independently.
Yes. If you use a Service Provider for core processing and elect to use their Data Vaulting Solution, you still need to join Sheltered Harbor to receive the services. You also need to develop your own Sheltered Harbor Resiliency Plan in order to achieve Sheltered Harbor Certification.
The following providers are currently developing Sheltered Harbor Vaulting Solutions:
If you do not see your provider, please contact them directly. They may have joined Sheltered Harbor, but not yet made public announcements. If they haven't joined Sheltered Harbor yet, either ask them to do so or send us a note with their contact information and we will reach out to them about joining the initiative.
Check out our Fact Sheet for answers to many questions.
Don't hesitate to get in touch for more information.
For banks and credit unions, Participant fees are determined based on Participant's total US banking assets to more accurately reflect bank size. The schedule below describes current fees applying at each level of Participant’s assets.
Assets |
Fee |
Join Sheltered Harbor |
||
---|---|---|---|---|
Onlne |
Download |
|||
<$100MM | $250 | ![]() |
OR | ![]() |
>$100M | $500 | ![]() |
OR | ![]() |
>$500M | $1,000 | ![]() |
OR | ![]() |
>$1B | $2,500 | ![]() |
OR | ![]() |
>$5B | $5,000 | ![]() |
OR | ![]() |
>$10B | $10,000 | ![]() |
OR | ![]() |
>$50B | $25,000 | ![]() |
OR | ![]() |
>$250B | $50,000 | ![]() |
OR | ![]() |
If your operations include brokerage and/or asset management accounts, please check those fee schedules as well, because you will pay a single fee based on the larger of the banking or brokerage or asset management fee calculation.
For securities firms, Participant fees are determined based on both client assets* and the number of clearing clients. The schedule below describes current fees applying at each level of Participant’s assets and clearing clients.
* Including discretionary and non-discretionary assets
If your operations include banking and/or asset management accounts, please check those fee schedules as well, because you will pay a single fee based on the larger of the banking or brokerage or asset management fee calculation.
Participant fees or asset managers, transfer agents and recordkeepers are determined based on AUM or plan assets. The schedule below describes current fees applying at each level of Participant's AUM or plan assets.
AUM or Plan Assets |
Fee |
Join Sheltered Harbor |
||
---|---|---|---|---|
Online |
Download |
|||
<$20B | $1,000 | ![]() |
OR | ![]() |
$5B - $20B | $2,500 | ![]() |
OR | ![]() |
$20B - $50B | $15,000 | ![]() |
OR | ![]() |
$50B - $200B | $25,000 | ![]() |
OR | ![]() |
> $200B | $50,000 | ![]() |
OR | ![]() |
If your operations include banking and/or brokerage accounts, please check those fee schedules as well, because you will pay a single fee based on the larger of the banking or brokerage or asset management fee calculation.
Sheltered Harbor standards, best practices, and other materials are developed by collaborative working groups, composed of subject matter experts, mainly from Sheltered Harbor participant institutions and partners.
The working groups are highly active, meet often, and produce concrete deliverables. Therefore, joining is a real commitment. In return, members get to shape the development of the standard, build their own skills and expertise in various aspects of cyber resilience, and grow their professional networks through substantive work with peers around the country.
Current Working Groups:
If you are a participant interested in joining a working group, please contact Sheltered Harbor at This email address is being protected from spambots. You need JavaScript enabled to view it..
Sheltered Harbor has engaged the following list of advisory, assurance and technology solution provider firms as our Alliance Partners, to help Participants with implementation.
We will continue to expand relationships with other select firms in an effort to support the market with a broad menu of options, so keep checking for updates.
Advanced Software Products Group (ASPG) Inc. | Brand Ambassador | ||
Lisa Hamilton | Executive VP Sales | 239-649-1548 x2031 | This email address is being protected from spambots. You need JavaScript enabled to view it. |
Capgemini | Advisory | ||
Rob Jepson | Senior Manager, Cybersecurity Center of Execellence | 720-480-4538 | This email address is being protected from spambots. You need JavaScript enabled to view it. |
Cobalt Iron | Solution Provider | ||
Andy T. Hurt | Chief Marketing Officer | 720-891-0053 | This email address is being protected from spambots. You need JavaScript enabled to view it. |
Cobalt Iron Compass® for Sheltered Harbor will protect consumer account data via SaaS delivery for on-premises or cloud deployment options. | |||
Cohesity | Brand Ambassador |
||
Lina Parness | Marketplace Alliances Manager | 650-576-8540 | This email address is being protected from spambots. You need JavaScript enabled to view it. |
Dell Technologies | ENDORSED Solution Provider | ||
Jim Shook | Director, Cybersecurity & Compliance | 678-230.0525 | This email address is being protected from spambots. You need JavaScript enabled to view it. |
Learn how Dell Technologies can help your U.S. financial institution expedite Sheltered Harbor “Data Protected” Certification with “Dell EMC PowerProtect Cyber Recovery for Sheltered Harbor”, the first turnkey data vaulting solution to receive endorsement for meeting all of the requirements of the Sheltered Harbor standard |
|||
Grant Thornton | Assurance - Qualified Assessor | ||
Vincent Concialdi | Partner | 312-602-8731 | This email address is being protected from spambots. You need JavaScript enabled to view it. |
Learn how Grant Thornton can help your U.S. financial institution with independent attestation services for Sheltered Harbor Certification and annual recertification. |
|||
Mainline Information Systems | Brand Ambassador | ||
Chris Dedham | Solutions Architect | 703-608-0330 | This email address is being protected from spambots. You need JavaScript enabled to view it. |
PwC | Advisory | ||
Shawn Lonergan, Ph.D. | Principal - Cyber, Risk & Regualtory | 917-683-9049 | This email address is being protected from spambots. You need JavaScript enabled to view it. |
PwC | Assurance - Qualified Assessor | ||
Jeff Trent | Partner | 646-471-7343 | This email address is being protected from spambots. You need JavaScript enabled to view it. |
RSM | Assurance | ||
Melissa Harp | Principal | 612-376-9871 | This email address is being protected from spambots. You need JavaScript enabled to view it. |
John Huyette | Principal | 215-648-3181 | This email address is being protected from spambots. You need JavaScript enabled to view it. |
Veritas Technologies LLC | Solution Provider | ||
Liji Kuruvilla | Sr. Principal Product Manager, NBU Product Management | 407-417-5523 | This email address is being protected from spambots. You need JavaScript enabled to view it. |
Elias AbuGhazaleh | Director, Product Management | 321-578-1979 | This email address is being protected from spambots. You need JavaScript enabled to view it. |
Veritas Technologies, a leader in multi-cloud data management, has joined the Sheltered Harbor Alliance Partner Program as a solution provider. This reinforces Veritas’ commitment to ensuring that critical customer data in the financial sector remains protected from cyber threats, including ransomware. |
|||
21st Century Software Technologies, Inc. | Brand Ambassador | ||
Eddy Cilliendo | Vice President of Business Development | 919-703-9098 | This email address is being protected from spambots. You need JavaScript enabled to view it. |
Below is a current list of Sheltered Harbor Solution Providers, firms that have demonstrated a complete understanding of Sheltered Harbor's data vaulting standards, and which are implementing those standards in their products. Those firms whose products have demonstrated complete adherence to the standards in at least two production installations qualify for Sheltered Harbor Endorsement and can use the "Endorsement" seal. For additional details, contact the solution provider firm directly.
We will continue to expand relationships with other select firms in an effort to support the market with a broad menu of options, so keep checking for updates.
Cobalt Iron | Solution Provider | ||
Andy T. Hurt | Chief Marketing Officer | 720-891-0053 | This email address is being protected from spambots. You need JavaScript enabled to view it. |
Cobalt Iron Compass® for Sheltered Harbor will protect consumer account data via SaaS delivery for on-premises or cloud deployment options. | |||
Dell Technologies | ![]() |
ENDORSED Solution Provider | |
Jim Shook | Director, Cybersecurity & Compliance | 678-230-0525 | This email address is being protected from spambots. You need JavaScript enabled to view it. |
Learn how Dell Technologies can help your U.S. financial institution expedite Sheltered Harbor “Data Protected” Certification with “Dell EMC PowerProtect Cyber Recovery for Sheltered Harbor”, the first turnkey data vaulting solution to receive endorsement for meeting all of the requirements of the Sheltered Harbor standard |
|||
FIS | ![]() |
ENDORSED Solution Provider | |
Scott Yoshimura | Senior Director, Product Management | 602-337-3347 | This email address is being protected from spambots. You need JavaScript enabled to view it. |
Learn how FIS, a global leader in fintech and the first service provider officially certified with an endorsed solution and service for Sheltered Harbor Data Protection, can streamline and expedite your Sheltered Harbor Certification with FIS Data Restore. |
|||
Veritas Technologies LLC | Solution Provider | ||
Liji Kuruvilla | Sr. Principal Product Manager, NBU Product Management | 407-417-5523 | This email address is being protected from spambots. You need JavaScript enabled to view it. |
Elias AbuGhazaleh | Director, Product Management | 321-578-1979 | This email address is being protected from spambots. You need JavaScript enabled to view it. |
Veritas Technologies, a leader in multi-cloud data management, has joined the Sheltered Harbor Alliance Partner Program as a solution provider. This reinforces Veritas’ commitment to ensuring that critical customer data in the financial sector remains protected from cyber threats, including ransomware. |