Revised Eurosystem Cyber Resilience Strategy Published

The Eurosystem revised its cyber resilience strategy to further address evolving cyber threats. The revised strategy updates the original 2017 Strategy taking account of the evolving threat landscape and leveraging industry best practices, lessons learnt from the original strategy and the practical application of the Cyber Guidance issued by the Committee on Payments and Market Infrastructures and the International Organization of Securities Commissions.

Revisions to the strategy include: (i) the incorporation of new non-FMI entities that are overseen under the Eurosystem oversight framework for electronic payment instruments, schemes and arrangements – the PISA framework. These entities are encouraged to use tools developed by the Eurosystem to periodically assess and continuously enhance their cyber resilience; (ii) measures to address threats linked to geopolitical tensions or technological innovation such as artificial intelligence and quantum computing; and (iii) amendments to take into account recent EU regulation, namely the EU Digital Operational Resilience Act, which applies to certain FMIs covered by the strategy including central securities depositories and central counterparties. The strategy also includes a new overarching component for monitoring implementation, which is designed to promote harmonisation.

Return to main website.