Helpful links

Popular Topics

ICT security and cyber risk monitoring

Published
Updated

Objective of ICT security and cyber risk monitoring

The objective of information and communication technology (ICT) security and cyber risk monitoring is to promote the availability of safe, secure, reliable and at the same time innovative financial services. Therefore, the digital operational resilience of the financial market is one of the supervisory priorities of Latvijas Banka.

Market participants are tasked with developing and enhancing their capabilities to defend against growing and evolving cyber threats by strategically planning ICT protection and responding effectively to ICT vulnerabilities and security incidents, thereby ensuring the protection and viability of ICT.

This includes both the necessary technological resources and the awareness and knowledge of the capabilities to protect themselves – both for the financial institution itself and for society at large.

Digital transformation of the financial market and digitalisation processes inevitably entail challenges related to:

  • the organisation's ability to manage a sizeable portfolio of ICT projects;
  • testing of emerging and unconfirmed technologies;
  • insufficient staff experience and expertise;
  • managing the life cycle of outdated technologies;
  • cross-border cooperation with suppliers.

When embarking on ambitious digitalisation projects, the management body of an organisation should have such a risk management culture in place that includes development based on cutting-edge and innovative technologies, for example, the artificial intelligence.

The cornerstone of this risk culture is effective communication across all organisational levels involved in digital transformation projects. This includes clear accountability for risks, their management and monitoring based on pre-defined criteria, while at the same time allowing for the testing of digital transformation initiatives.

The risk management culture can be enhanced by implementing targeted programmes, such as innovation laboratories, where participants can directly assess the opportunities and risks associated with technologies.

With financial market services becoming increasingly digitalised, the level of potential threats and damage arising from cyberattacks is rising. Having an effective risk management framework and an adequate risk appetite can help to strike balance between development and limiting the potential losses.

According to the European Union Agency for Cybersecurity (ENISA; see Threat Landscape — ENISA), these are the prime cyber threats with a potential to pose risks also to financial market participants:

  • threats against availability (Denial of Service or DDoS) and ransomware remain amongst the top threat types also in 2024;
  • Living Off Trusted Sites (LOTS): threat actors extend their stealth techniques into the cloud platforms, using trusted sites and legitimate services to avoid detection and disguising their activities as ordinary network data traffic or innocuous messages on platforms like Slack and Telegram;
  • geopolitics continues to be a strong driver of cybercrime;
  • business e-mail compromise (BEC) incidence is rising rapidly;
  • extortion by weaponising disclosure requirements: companies are pushed to fulfil extortion demands ahead of the required reporting deadline;.
  • AI tools: cyber criminals use tools like FraudGPT and large language models to create scam e-mails and generate malicious PowerShell scripts;
  • hacktivists overlapping their activities with state-sponsored cybercriminal groups: there is an increasing similarity between both groups;
  • a surge in mobile banking malware coupled with an increase in the complexity of their attack vectors;
  • malware-as-a-Service (MaaS) offerings continue to be a significant and rapidly evolving threat, particularly since mid-2023;
  • third-party compromises through social engineering are becoming increasingly wide-spread;
  • data compromise has increased in 2024, and it shows signs of maintaining this momentum;
  • DDoS-for-Hire allows large-scale attacks to be launched by unskilled users;
  • information manipulation continues to be the key element of Russia’s war of aggression against Ukraine. An effort to further localise content while simultaneously globalising its presence;
  • the threat of AI-enabled information manipulation has grown, for example, some experiments with AI for information manipulation to assess the potential use of technologies.

Three European Supervisory Authorities – the European Banking Authority, the European Securities Market Authority and the European Insurance and Occupational Pensions Authority – are compiling questions and answers to support consistent and effective application of the European Union regulation in the area of financial services. The database of questions and answers regarding DORA is available on the website of the European Insurance and Occupational Pensions Authority (see Joint Q&As - EIOPA) and can be navigated by selecting appropriate filters.

The questions published there are the ones that market participants have most often found confusing. If you cannot find an answer to your question via the resources of the European Supervisory Authorities or Latvijas Banka, you can e-mail it to dora@bank.lv or submit your question via the EIOPA's web resource Joint Q&As – EIOPA.

How valuable was this information for you?
Not valuable Very valuable
How can we improve your experience in our site

This page is protected by Google’s reCAPTCHA and visitors are subject to Google Terms of Service and Google Privacy Policy