On June 30th, new EU guidelines regarding cybersecurity for banks came into force. Now it is clearer how various financial services are expected to manage internal and external risks linked to IT and security. Segmentation using data diodes is an essential measure to mitigate security risks.
The new guidelines from the European Banking Authority, EBA, are the European standard for managing security and IT risks. It describes how banks, fund managers and providers of payment services operating within the EU are to manage internal and external risks linked to IT and security. The objective is to reduce the likelihood of cyberattacks, data leaks, disruptions and intrusions.
Among other things, the guidelines point out which security measures have to be developed and implemented to mitigate IT and security risks that financial institutions are exposed to.
It is essential to understand that the guidelines have legal status and that the operators covered, therefore, are obliged to justify any deviations from its application.