ICT risk
-
EU revises cybersecurity rules to shield critical infrastructure and supply chains
New cybersecurity package includes changes to the Cybersecurity Act and NIS 2 Directive.
-
Cyber incident response and compliance with DORA
A consideration of the expectations and processes to follow should an in-scope entity, (including banks, assets managers, and insurers), suffer a cyberattack.
-
What you need to know about ESMA’s new Registration Guide
While not legally binding, the guide provides clarity on ESMA’s assessment process for financial entities navigating the registration process.
-
BaFin publishes DORA document requirements cheat sheet
Comprehensive register of key documents is relevant to all organizations running digital systems and needing to ensure their security.
-
ESAs make progress on critical ICT third-party oversight framework
ICT providers designated critical under DORA will get six weeks to challenge the designation.
-
EBA narrows existing ICT guidelines
DORA ICT risk management requirements apply to financial entities in their place.
-
DORA: Navigating the path ahead
With DORA now in effect, the EU’s financial sector is entering a new phase of operational resilience obligations, where firms must shift from preparation to action.
-
DORA implementation guidance published by BaFin
Although non-mandatory and applicable to regulated entities in Germany the practical guidance offers helpful insight into key aspects of the new regime.