Search Results for “Cybersecurity” – Page 2

supplementing Regulation (EU) 2022/2554 of the European Parliament and of the Council with regard to regulatory technical standards specifying ICT risk management tools, methods, processes, and policies and the simplified ICT risk management framework

Lien

Link

RTS

Published on 25.06.2024

Commission Delegated Regulation (EU) 2024/1773 of 13 March 2024

supplementing Regulation (EU) 2022/2554 of the European Parliament and of the Council with regard to regulatory technical standards specifying the detailed content of the policy regarding contractual arrangements on the use of ICT services supporting critical or important functions provided by ICT third-party service providers

Lien

Link

RTS

Published on 25.06.2024

Commission Delegated Regulation (EU) 2024/1772 of 13 March 2024

supplementing Regulation (EU) 2022/2554 of the European Parliament and of the Council with regard to regulatory technical standards specifying the criteria for the classification of ICT-related incidents and cyber threats, setting out materiality thresholds and specifying the details of reports of major incidents

Lien

Link

EU regulation

Published on 30.05.2024

Commission Delegated Regulation (EU) 2024/1502 of 22 February 2024

supplementing Regulation (EU) 2022/2554 of the European Parliament and of the Council by specifying the criteria for the designation of ICT third-party service providers as critical for financial entities

Lien

Link

EU regulation

Published on 30.05.2024

Commission Delegated Regulation (EU) 2024/1505 of 22 February 2024

supplementing Regulation (EU) 2022/2554 of the European Parliament and of the Council by determining the amount of the oversight fees to be charged by the Lead Overseer to critical ICT third-party service providers and the way in which those fees are to be paid

Lien

Link

EU directive

Published on 27.12.2022

Directive (EU) 2022/2556 of the European Parliament and of the Council of 14 December 2022

amending Directives 2009/65/EC, 2009/138/EC, 2011/61/EU, 2013/36/EU, 2014/59/EU, 2014/65/EU, (EU) 2015/2366 and (EU) 2016/2341 as regards digital operational resilience for the financial sector (Text with EEA relevance)

Lien

Link

EU regulation

Published on 27.12.2022

Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022

on digital operational resilience for the financial sector and amending Regulations (EC) No 1060/2009, (EU) No 648/2012, (EU) No 600/2014, (EU) No 909/2014 and (EU) 2016/1011 (Text with EEA relevance)

Lien

Link

Page

Published on 01.04.2025

Digital Operational Resilience Act (DORA)

Page

Communiqué

Published on 25.03.2024

Digital Operational Resilience Act (DORA)

Page

Communiqué

Published on 09.02.2024

Critical FortiOS vulnerabilities

Page

Technical document

Published on 19.01.2024

Summary table of information systems for external use (Reference RD-16)

In accordance with Annex 2 to Circular CSSF 24/850 and point 2.6.1. of Annex 1 to Circular CSSF 24/850.

PDF (148.33Kb)

Technical document

Published on 19.01.2024

Summary table of information systems for internal use (Reference RD-11)

In accordance with Annex 2 to Circular CSSF 24/850 and point 2.6.1. of Annex 1 to Circular CSSF 24/850.

PDF (141.71Kb)

Technical document

Published on 19.01.2024

Table of recommendations of the internal audit (Reference RD-5.1)

In accordance with Annex 2 to Circular CSSF 24/850. This table is a supplement to the summary report on the controls carried out by the internal audit during the previous financial year (RD-5).

PDF (119.4Kb)

Technical document

Updated on 16.05.2024 - Published on 19.01.2024

Table of recommendations of the “réviseur d’entreprises agréés” (approved statutory auditor) (Reference CL-11)

As detailed in point 4.2. of Circular CSSF 24/850

PDF (115.82Kb)

Name	Description	Duration
cssf_cookies	Saves information regarding the user's consent to the use of cookies for each optional category.	1 year
ROUTEID	Technical cookie allowing load distribution.	Deleted when the browsing session ends
TBMCookie*	Security: This cookies protects the website against automated attacks.	Deleted when the browsing session ends
__utmvc	These first party cookies are set by a third party service to filter out malicious requests.	Deleted when the browsing session ends
__utmvm*	These first party cookies are set by a third party service to filter out malicious requests.	15 minutes

Name	Description	Duration
cssf_profile	This cookie adapts the website pages to the profile chosen by the visitor (professionals, markets, consumers).	1 year
pll_language	This cookie saves the user’s language choice.	1 year

Name	Description	Duration
_pk_id.#	Collects anonymous statistical data on the website consultations, such as the number of visits or the average time spent on the website. The data is processed in-house and is not shared with a third party.	1 year
_pk_ses.#	Collects anonymous statistical data for the tracking of the pages consulted during the browsing session. The data is processed in-house and is not shared with a third party.	30 minutes

Search Results for Cybersecurity

Advanced filters

79 Result(s)

Voluntary dry run exercise for the collection of the registers of information required by DORA

Critical vulnerability on Palo Alto Networks PAN-OS (CVE-2024-3400)

CSSF 24/847 Major ICT-related incident notification, DORA Major ICT-related incident and significant cyber threats reporting

Communiqué regarding new reporting procedure for ICT-related incident reporting according to Circular CSSF 24/847

Joint RTS on subcontracting ICT services supporting critical or important functions

Final report on draft ITS on Register of Information

Commission Delegated Regulation (EU) 2024/1774 of 13 March 2024

Commission Delegated Regulation (EU) 2024/1773 of 13 March 2024

Commission Delegated Regulation (EU) 2024/1772 of 13 March 2024

Commission Delegated Regulation (EU) 2024/1502 of 22 February 2024

Commission Delegated Regulation (EU) 2024/1505 of 22 February 2024

Directive (EU) 2022/2556 of the European Parliament and of the Council of 14 December 2022

Regulation (EU) 2022/2554 of the European Parliament and of the Council of 14 December 2022

Digital Operational Resilience Act (DORA)

Digital Operational Resilience Act (DORA)

Critical FortiOS vulnerabilities

Summary table of information systems for external use (Reference RD-16)

Summary table of information systems for internal use (Reference RD-11)

Table of recommendations of the internal audit (Reference RD-5.1)

Table of recommendations of the “réviseur d’entreprises agréés” (approved statutory auditor) (Reference CL-11)