13 November 2024
ECB Banking Supervision continuously evaluates banks’ management of IT risk, with supervisors’ findings from on-site inspections and banks’ IT risk reporting providing two major sources of information. As has been emphasised in recent years, banks still have work to do across a range of measures. They must ensure that their defences and their risk management framework are fit for purpose. IT risks and cyber threats are constantly evolving as bad actors innovate and try to find new ways of penetrating a bank’s defences. It is therefore critical that banks invest in their resilience and that they can quickly respond and recover if necessary.
Rising cybersecurity threats: ransomware and ICT third-party service providers
The banking sector has witnessed a surge in significant cyber incidents over the last year. There has been no major impact to date, but banks should not become complacent – instead, they should stay alert to threats and well prepared to deal with them.
Ransomware attacks have emerged as a particularly concerning threat with the potential to disrupt banking operations and compromise sensitive information. Attacks on information and…
