The #SafebyRaiffeisen project focuses on improving cybersecurity and ensuring compliance with the NIS2 directive within Raiffeisenbank. The project's emphasis on cybersecurity processes and mechanisms directly corresponds to the objective of improving the security of digital and financial service providers within the EU.
Main activities:
- Creation of new processes and analyses related to new cybersecurity tools and trends
- Review of security policies and standards to ensure compliance with legislative requirements
- Review of the risk assessment strategy for cybersecurity management
- Implementation of advanced solutions such as SIEM, PAM and Zero Trust
- Evaluation of preparedness for threats related to the use of quantum computers
- Sharing knowledge and creating a platform for exchanging best practices and knowledge with other financial institutions in the EU
These steps will ensure that the bank is able to detect and respond quickly to cyber incidents and, where appropriate, inform competent authorities, thereby contributing to the overall security of digital services in the EU.
Collaboration and information sharing
The project promotes cooperation with other organisations within the EU, such as CSIRTs or ENISA, and initiates information sharing between financial institutions and regulators, building an interconnected and pro-active cybersecurity community.
The project will also include workshops and training sessions to share information. The aim is to actively participate in inter-institutional forums focused on cybersecurity, creating a platform for dialogue and cooperation among key stakeholders.
Compliance with legislation
Support for the project aimed at increasing the visibility of cybersecurity coincides with the intention of the Cyber Security Act (181/2014 Coll.). The project includes activities such as awareness-raising, training programs and solutions for security incident management. The aim of the project is to support the certification of the bank's cyber practices and alignment with generally accepted recommendations issued by the National Cyber and Information Security Agency, for example.
The project supports the adoption of recognised security standards and practices in the banking sector and promotes the certification of substantive cybersecurity measures. The outputs developed by the project, namely the analysis of quantum computer readiness requirements and the quantum threat preparedness plan, will support the development of the future EU framework for the certification of Quantum Ready financial institutions.
Conclusion
The project fits into the EU's objectives as it strengthens cybersecurity practices. It improves incident management, contributes to the overall security and trustworthiness of digital technologies and services in the Czech Republic and the EU. This confirms the commitment of Raiffeisenbank and the wider financial sector to strengthen the European Cyber Shield.