Managed SASE
Managed Infrastructure
Analytics as a Service
Information Security as Service
Security Strategy
Security Architecture
Technology Consulting
GRC
Security Awareness
Cyber Resilience
Network Security
Content Security
Application Security
Cloud Security
Infrastructure Security
OT Security
Endpoint Security
Security Analytics
Team
Working at ensec
Facts and Figures
As part of the 2024 regulatory audit, the cybersecurity capabilities of the financial institutions were subjected to a comprehensive assessment by the audit firms. Both existing security measures and their effectiveness in dealing with current threat scenarios were evaluated. The resulting need for action requires prompt and targeted measures to mitigate identified deficiencies, proactively counter future threats and be resilient in the long term.
Evolving threat landscape and regulatory developments
Cybersecurity requirements in the financial sector are constantly evolving and becoming increasingly stringent. Financial institutions are faced with the challenge of consecutively adapting their security measures to meet regulatory requirements and protect themselves against sophisticated threats. Cyber criminals are using sophisticated attack techniques such as ransomware, targeted phishing campaigns and advanced persistent threats (APT) to gain access to sensitive customer data or compromise critical systems. In addition, the risk of geopolitically motivated cyberattacks that specifically target financial institutions is increasing. This requires continuous adaptation of the cybersecurity framework to remain resilient in the long term.
Cybersecurity focus for financial institutions
FINMA is also monitoring these developments closely and adapting its regulatory requirements accordingly where necessary. FINMA Guidance 03/2024 “Findings from FINMA’s cyber risk supervision, clarification of FINMA Guidance 05/2020 and scenario-based cyber risk exercises” from June 2024 underlined this and highlights the need for a proactive and systematic cybersecurity approach.
It is crucial for financial institutions to strengthen not only their technical security measures, but also organizational and procedural aspects. Attention should be paid to the integration of cyber risks into company-wide risk management and the inclusion of corresponding controls in the internal control system (ICS). It is also important to ensure that service providers have appropriate cybersecurity measures in place and to strengthen resilience to serious cyber incidents, such as the large-scale encryption of data by ransomware. Another key element is the regular testing of response plans and the implementation of scenario-based cyber exercises to verify and continuously optimize the effectiveness of security measures in the event of an emergency and to be ready once an emergency occurs.
We can support you in the further development of your cybersecurity framework
We support you in mastering your cybersecurity challenges with customized solutions. With our support, you can efficiently address the need for action identified in the 2024 regulatory audit and strengthen your cybersecurity framework in the long term. Together, we will develop a plan that closes your security gaps and meets regulatory requirements at the same time.
Learn more about our Governance, Risk und Compliance Services
