Original publication date: July 30, 2024. Since this blog post was published, the final versions of the RTS and ITS have been released. You can find...
DORA Requirements Become More Concrete: Further RTS and ITS Published
read more
Financial Sector & Compliance
Update to the SWIFT Customer Security Controls Framework: What Changes Does CSCFv2026 Introduce?
Since 2017, the Customer Security Controls Framework (CSCF) has been helping organizations to effectively secure their SWIFT infrastructure. The aim...
Navigating DORA: Delvag's Successful Journey from Gap Analysis to Compliance
A cyberattack on an insurance company is far worse than just a technical problem: in addition to the breakdown of central IT systems, there is also...
New BSI Criteria Catalogues: Guidelines for the Use of AI in the Financial and Administrative Sectors
The German Federal Office for Information Security (BSI) has published two new sets of criteria for evaluating Artificial Intelligence (AI). They...
SWIFT CSCFv2025: Current Version of the Framework Brings Changes for Architecture Type B
Since its introduction in 2017, the Customer Security Controls Framework (CSCF) has aimed to strengthen the security of the SWIFT network. The aim...
7 Questions about the Cyber Resilience Act (CRA)
1. What is the Cyber Resilience Act? With the Cyber Resilience Act (CRA for short), the EU is introducing a regulation for the first...
Our 3 Key Takeaways from the BaFin Workshop on the DORA Register of Information
Original publication date: March 10, 2025. Since the publication of this blog post, BaFin has postponed the deadline for submission from April...
DORA News: Deadline for Information Registers, Lift of German Supervisory Requirements for IT in Financial Institutions
Original publication date: January 14, 2025. Since the publication of this blog post, BaFin has postponed the deadline for submission from April 11...
DORA Countdown: One Month Left Until the Deadline
DORA, the Digital Operational Resilience Act, will fully apply as of 17 January 2025. We have summarized everything you need to know about the EU regulation, preparation and best practices from our news blog.
Regulations as a Booster for Transformation: usd on Stage at ISF World Congress 2024 in Orlando
The ISF World Congress is one of the leading events for information security and risk management. With this annual event, the ISF offers its members...
"DORA: How the Next Wave of Requirements Is Hitting the Payment Card Industry": usd Experts on Stage at the 2024 PCI SSC Europe Community Meeting
Christopher Kristes, Head of Security Audits & PCI and member of the Executive Board at usd AG, and Dr. Christian Schwartz, Head of InfoSec in...
DORA Deep Dive: Reporting of ICT-Related Incidents
The Digital Operational Resilience Act (DORA) requires major ICT-related incidents to be reported to the German Federal Financial Supervisory...