The European Central Bank (ECB) is gearing up to put major banks in the Eurozone to the test against cyber threats. In early 2024, they’re rolling out the first-ever Cyber Resilience Stress Test, a move reported by the Deutsche Presseagentur (dpa).
Anneli Tuominen, a member of the ECB’s banking supervision board, explained in an interview with the Börsen-Zeitung that they’re planning to simulate a serious cyber attack that would disrupt regular business operations. For these banks, it’s going to be a real-deal scenario. The goal? To see how these banks handle a cyber hit, recover, and get back to their usual business rhythm. The main aim is to pinpoint any vulnerabilities lurking within these financial institutions.
Come January 2nd, the industry’s set to receive an in-depth questionnaire loaded with nearly 500 queries regarding the potential fallout from a cyber attack and the emergency measures these banks have in place.
Pretty much all of the 113 banks directly overseen by the ECB are expected to jump on board, according to Tuominen. But about 20 of them might face an even more detailed assessment starting from March, needing to provide a deeper dive into their information.
The ECB’s focusing its attention on instances where banks outsource their IT stuff to third-party vendors to save some bucks. Tuominen stressed that this move doesn’t always align with solid risk management. She pointed out that IT or cloud service providers are areas needing a closer look.
The hefty data volumes held within these banks’ IT systems are a prime attraction for cyber criminals. The ECB’s noticed an uptick in cyber attacks compared to pre-pandemic times, signaling an increased threat level. Tuominen highlighted that while there hasn’t been a major attack destabilizing banks or the entire system yet, she warned that the possibility of a successful attack remains very real.