Over the past several years, the cybersecurity regulatory landscape has undergone unprecedented change. Bespoke cybersecurity laws and regulations have replaced pre-existing general risk management and business continuity rules in a number of jurisdictions, including the European Union, Hong Kong, Russia, the USA, and Singapore. Cybersecurity has also become the focus of international rules and recommendations adopted by numerous international organizations. The financial sector lies at the centre of the new regulatory initiatives—which, in the absence of an agreed international approach, vary substantially across jurisdictions. This article analyses these emerging legal frameworks by (i) conducting a comparative study of the novel cybersecurity regulations in finance; (ii) identifying the common features of such frameworks; and (iii) assessing the prospect of their harmonization at an international level. It argues that international harmonization in this area is necessary to overcome the underlying regulatory challenges and outlines the scope of rules amenable, first, to initial (de minimis) and, second, subsequent (more expansive) harmonization. The article concludes with a list of main upcoming challenges in designing and harmonizing cybersecurity regulations in finance and practical recommendations for overcoming them.