The Eurosystem has updated its cyber resilience strategy for financial market infrastructures (FMIs), first adopted in 2017, with the objective of enhancing the security of the European financial ecosystem in light of the increased interdependencies, new cyber threats and the forthcoming entry into force of the European DORA Regulation, which aims to toughen and harmonize the rules on digital operational resilience in the sector.
The new strategy broadens the scope of application beyond financial infrastructures and payment systems, extending it to entities falling within the Eurosystem's oversight framework for electronic payment instruments, schemes and arrangements (PISA framework).
At the same time, the strategy introduces new tools for assessing the level of cyber risk management maturity (e.g. cyber resilience stress testing) and for a harmonized EU-wide monitoring approach to assess the cyber preparedness of individual entities and of the financial ecosystem as a whole.
Annexes:
ECB, Revised Eurosystem cyber resilience strategy, news, October 2024.
ECB, Eurosystem Cyber Resilience Strategy, public version, October 2024.
