EU regulation on banks’ reliance on cloud giants

The EU is set to introduce new regulations that will see financial services firms having to show how quickly they could recover from a cyberattack. This comes as regulators fear their increasing reliance on a small pool of cloud vendors could result in downtime at a range of banks as the result an outage at just one of the major cloud players.

Thomas Eeles, CSIRT Manager at Orange Cyberdefense, Europe’s largest MSSP, has shared comment below based on his experience of incident response. He has provided thoughts on the dangers of not having a seamless incident response and recovery plan in place ahead of time, and how financial services firms can ensure these plans are implemented before they’re needed.

“A major part of incident response, especially when dealing with large scale incidents, is recovery and remediation. Typically, the immediate action will be to block the specific attack vector linked to the incident at hand, and then firms will move on to long term recovery and take steps to get everything back to normal.

“It is abundantly clear to those in the industry which companies have a disaster recovery plan, and which don’t. From my perspective, those that don’t have a recovery plan always – without fail – end up spending more money and time on recovery than on the actual investigation itself. I would say this reaches a rough 70/30 split.

“Businesses that do have a recovery plan will save time and money by planning their recovery strategy before it’s needed, as well as reducing stress and the risk of staff turnover after an incident. Ultimately, if financial services firms plan how long it would take to completely rebuild their network before any incident has taken place and present this plan to the powers that be for sign off, the process will be much smoother in the event that it’s needed. The rush and pressure will be alleviated, and the process will likely be completed more smoothly as a result.”

To read other news stories and exclusives, see our latest issue here.

Never miss a story… Follow us on:
LinkedIn Security Buyer
Twitter logo @SecurityBuyer
Facebook @Secbuyer

Media Contact
Rebecca Morpeth Spayne,
Editor, Security Portfolio
Tel: +44 (0) 1622 823 922
Email: [email protected]

About Security Buyer

Security Buyer is the leading authority in global security content, delivering expert news, in-depth articles, exclusive interviews, and industry insights across print, digital, and event platforms. Published 10 times a year, the magazine is a trusted resource for professionals seeking updates and analysis on the latest developments in the security sector.

To submit an article, or for sponsorship opportunities, please contact our team below.

Rebecca Spayne picture 2025

Rebecca Spayne

Managing
EDITOR

Georgina Turner image

Georgina Turner

Sales
Manager

Afua Akoto image - Security Buyer

Afua Akoto

Marketing Manager

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

Product Spotlight - HID

Product Spotlight – HID

Access control is evolving into a smart, responsive platform—integrating embedded apps, IoT, and cybersecurity to deliver…
Genetec

Genetec brings new capabilities to Security Center SaaS

Genetec announced new updates to Security Center SaaS, the company’s enterprise-grade Security-as-a-Service (SaaS) solution..
I-Pro

i-PRO Launches Revamped EMEA Partner Program

i-PRO announced a major expansion of its EMEA Partner Program. The move supports i-PRO’s long-term growth strategy and…
ASIs international

ASIS International Introduces New ANSI-Approved Investigations Standard

ASIS International, a leading authority in security standards, is excited to announce the release of its revised American National Standards.
Gallagher Security and Yusuf Bin Ahmed Kanoo Company Limited sign MOU in Riyadh

Gallagher Security MOU with Yusuf Bin Ahmed Kanoo Company

Gallagher Security is proud to announce the signing of a Memorandum of Understanding (MOU) with Yusuf Bin Ahmed Kanoo Company…
Mike Hurst - Security Buyer

Zygal appoints Mike Hurst CPP CPOI

Zygal, which produces cutting edge AI cloud VMS and monitoring solutions for connecting, managing, and monitoring assets…
Secure Logiq

Secure Logiq expands into APAC

Secure Logiq is heading into the Asia-Pacific region with big plans and a clear focus on Australia and New Zealand. Helping to steer…
Sophos

Sophos Enhances Protection and Incident Response

Sophos announces an update to its Sophos Firewall, now including Sophos NDR Essential, which is free for all customers with an…
Dallmeier

Tenerife Airport relies on video technology

Tenerife Norte-Ciudad de La Laguna Airporthas significantly improved its safety by installing state-of-the-art video technology..
ICT

ICT announces Stewart Meyer as Chief Marketing Officer

Integrated Control Technology (ICT®), a leading provider of intelligent access control, intrusion detection, building automation and…
Scroll to Top