EU regulation on banks’ reliance on cloud giants

The EU is set to introduce new regulations that will see financial services firms having to show how quickly they could recover from a cyberattack. This comes as regulators fear their increasing reliance on a small pool of cloud vendors could result in downtime at a range of banks as the result an outage at just one of the major cloud players.

Thomas Eeles, CSIRT Manager at Orange Cyberdefense, Europe’s largest MSSP, has shared comment below based on his experience of incident response. He has provided thoughts on the dangers of not having a seamless incident response and recovery plan in place ahead of time, and how financial services firms can ensure these plans are implemented before they’re needed.

“A major part of incident response, especially when dealing with large scale incidents, is recovery and remediation. Typically, the immediate action will be to block the specific attack vector linked to the incident at hand, and then firms will move on to long term recovery and take steps to get everything back to normal.

“It is abundantly clear to those in the industry which companies have a disaster recovery plan, and which don’t. From my perspective, those that don’t have a recovery plan always – without fail – end up spending more money and time on recovery than on the actual investigation itself. I would say this reaches a rough 70/30 split.

“Businesses that do have a recovery plan will save time and money by planning their recovery strategy before it’s needed, as well as reducing stress and the risk of staff turnover after an incident. Ultimately, if financial services firms plan how long it would take to completely rebuild their network before any incident has taken place and present this plan to the powers that be for sign off, the process will be much smoother in the event that it’s needed. The rush and pressure will be alleviated, and the process will likely be completed more smoothly as a result.”

To read other news stories and exclusives, see our latest issue here.

Never miss a story… Follow us on:
LinkedIn Security Buyer
Twitter logo @SecurityBuyer
Facebook @Secbuyer

Media Contact
Rebecca Morpeth Spayne,
Editor, Security Portfolio
Tel: +44 (0) 1622 823 922
Email: [email protected]

About Security Buyer

Security Buyer is the leading authority in global security content, delivering expert news, in-depth articles, exclusive interviews, and industry insights across print, digital, and event platforms. Published 10 times a year, the magazine is a trusted resource for professionals seeking updates and analysis on the latest developments in the security sector.

To submit an article, or for sponsorship opportunities, please contact our team below.

Rebecca Spayne picture 2025

Rebecca Spayne

Managing
EDITOR

Georgina Turner image

Georgina Turner

Sales
Manager

Afua Akoto image - Security Buyer

Afua Akoto

Marketing Manager

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

Christina Alexander Judge - SecurityBuyer

Christina Alexander Announced as Security Buyer Awards Judge

Security Buyer is proud to announce Christina Alexander as the latest addition to the distinguished judging panel for the Security…
Milestone - SecurityBuyer

Milestone Systems updates across XProtect, BriefCam, Arcules

Milestone Systems today announced updates across its complete security technology portfolio with releases for XProtect
Big Interview Abdullah Tanoli

Big Interview – Hero of Leicester Square

Rebecca Spayne of Security Buyer has the privilege of speaking with a real-life hero, Abdullah Tanoli, the hero of Leicester Square..
Altronix - SecurityBuyer

Altronix POE367 Delivers 277VAC Support

Altronix has expanded its power product line with the new POE367 power supply/charger designed specifically for 277VAC input environments.
IFPO x GSA - Security Buyer

New Corporate Members for IFPO

The Global SecurAlliance (GSA)summer meeting on 16 June was held again at the stunning Château de Méry-sur-Oise on the outskirts of Paris.
Product Spotlight - HID

Product Spotlight – HID

Access control is evolving into a smart, responsive platform—integrating embedded apps, IoT, and cybersecurity to deliver…
Genetec

Genetec brings new capabilities to Security Center SaaS

Genetec announced new updates to Security Center SaaS, the company’s enterprise-grade Security-as-a-Service (SaaS) solution..
I-Pro

i-PRO Launches Revamped EMEA Partner Program

i-PRO announced a major expansion of its EMEA Partner Program. The move supports i-PRO’s long-term growth strategy and…
ASIs international

ASIS International Introduces New ANSI-Approved Investigations Standard

ASIS International, a leading authority in security standards, is excited to announce the release of its revised American National Standards.
Gallagher Security and Yusuf Bin Ahmed Kanoo Company Limited sign MOU in Riyadh

Gallagher Security MOU with Yusuf Bin Ahmed Kanoo Company

Gallagher Security is proud to announce the signing of a Memorandum of Understanding (MOU) with Yusuf Bin Ahmed Kanoo Company…
Scroll to Top