The European Central Bank (ECB) believes that banks can still improve their ability to respond to and recover from cyber-attacks after conducting the first cyber stress test.
The ECB said on Friday it had completed a cyber stress test it began in January to assess how banks would respond to and recover from a serious but plausible cybersecurity incident.
The study, which analysed 109 banks, of which 28 were subjected to more rigorous testing, found that banks have response and recovery mechanisms in place but there are still areas for improvement.
During the test, banks had to answer a questionnaire and provide documentation, while the 28 selected banks had to conduct an actual computer recovery and demonstrate that they had passed the test.
In particular, banks had to activate their crisis response plans, contact third parties, conduct an analysis to determine which services would be affected and how to implement mitigation measures.
Moreover, to test their ability to recover, they had to activate their recovery plans, ensure the reopening of affected areas and apply lessons learned.
Following this exercise, the results of which will feed into the 2024 Supervisory Review and Evaluation Process (SREP), the ECB provided individual “feedback” to each credit institution, with some of them already making improvements or planning to correct the deficiencies identified.
Author: Lusa
Source: CM Jornal
I’m Tifany Hawkins, a professional journalist with years of experience in news reporting. I currently work for a prominent news website and write articles for 24NewsReporters as an author. My primary focus is on economy-related stories, though I am also experienced in several other areas of journalism.