Nos derniers articles

The 𝗖𝗲𝗻𝘁𝗿𝗮𝗹 𝗕𝗮𝗻𝗸 𝗼𝗳 𝗜𝗿𝗲𝗹𝗮𝗻𝗱 guidance highlights 𝗰𝘆𝗯𝗲𝗿 𝗿𝗶𝘀𝗸𝘀 as a central component of 𝗼𝗽𝗲𝗿𝗮𝘁𝗶𝗼𝗻𝗮𝗹 𝗿𝗲𝘀𝗶𝗹𝗶𝗲𝗻𝗰𝗲 𝗶𝗻 𝗳𝗶𝗻𝗮𝗻𝗰𝗶𝗮𝗹 𝘀𝗲𝗿𝘃𝗶𝗰𝗲𝘀, framing them under 𝗜𝗖𝗧 𝗿𝗶𝘀𝗸 and 𝗱𝗶𝗴𝗶𝘁𝗮𝗹 𝗼𝗽𝗲𝗿𝗮𝘁𝗶𝗼𝗻𝗮𝗹 𝗿𝗲𝘀𝗶𝗹𝗶𝗲𝗻𝗰𝗲. It identifies cyber incidents and attacks as major disruptive events, alongside technology failures and insider threats. ICT risk is defined broadly, encompassing threats to systems, operations, and services. Firms are expected to align ICT resilience strategies with critical business services and integrate incident management into resilience frameworks. The guidance emphasizes alignment with 𝗗𝗢𝗥𝗔 and 𝗡𝗜𝗦𝟮, marking a regulatory shift from earlier cybersecurity guidance toward 𝙝𝙖𝙧𝙢𝙤𝙣𝙞𝙯𝙚𝙙, 𝙝𝙤𝙡𝙞𝙨𝙩𝙞𝙘 𝙧𝙚𝙨𝙞𝙡𝙞𝙚𝙣𝙘𝙚 𝙥𝙧𝙖𝙘𝙩𝙞𝙘𝙚𝙨.

𝗘𝗜𝗢𝗣𝗔 released its July 2025 𝙄𝙣𝙨𝙪𝙧𝙖𝙣𝙘𝙚 𝙍𝙞𝙨𝙠 𝘿𝙖𝙨𝙝𝙗𝙤𝙖𝙧𝙙, offering an assessment of the European insurance sector's financial health as of Q1 2025 Solvency II data and Q2 2025 market data. Overall, the report indicates a stable risk landscape at a medium level for the European insurance sector, demonstrating notable resilience. However, it also highlights a negative outlook in certain areas over the next year, influenced by complex global dynamics such as geopolitical tensions and market volatility. Specifically, market risks due to fixed income volatility and cyber and digitalization risks are identified as growing concerns, necessitating continued vigilance despite general stability.

A joint initiative by the American Bankers Association and the Financial Services Coordinating Council supports expanding cloud deployment while aiming to mitigate associated risks. Published July 29, 2025, the ABA Banking Journal outlines collaboration among federal regulators, banks and major cloud providers (AWS, Microsoft Azure, Google Cloud, IBM). It highlights key risks—such as CSP‑related operational incidents, misconfigurations under shared‑responsibility models, monitoring gaps, tool and talent deficiencies, and market concentration. The article details a voluntary 16‑section reference tool covering audit, supply‑chain risk, contractual provisions, operational resilience and more. It aims to enhance transparency, cyber‑resilience and regulatory alignment in cloud adoption.

This UK National Audit Office report reveals the UK is far behind its 2025 cybersecurity goals. Significant IT system vulnerabilities, high vacancy rates in cyber roles, and recent attacks on public bodies highlight the urgent need for a cross-government plan, legacy system upgrades, and improved cyber skills. Meeting targets by 2030 is considered ambitious.

Financial institutions must enhance cyber defenses and regulatory frameworks must adapt to new risks. International agencies are creating coherent cybersecurity standards, exemplified by the EU's Digital Operational Resilience Act (DORA). Effective defense also requires robust institutional governance and sector-led standards.