Cybersecurity in finance is critical to safeguarding economic resilience.
Finance serves as the backbone of the European economy, and like other essential industries, the finance sector increasingly relies on ICT infrastructures, providers, and their supply chains.
According to the significant NIS incidents reported by Member States through CIRAS, finance is one of the most affected sectors. The data gathered and the analysis performed in the 2024 ENISA Threat Landscape report shows evidence of such trend, with the finance sector ranking third among the most targeted sectors.
While this sector ranks among the most mature and critical industries—alongside energy and telecommunications—variations in maturity levels remain evident across different financial entities. To this end, the EU has taken the initiative to further support resilience of the sector against cybersecurity threats through the revision of the NIS Directive and the Digital Operational Resilience Act (DORA). DORA, which entered into force on 16 January 2023, is the first cybersecurity legislation to focus on a single sector (lex-specialis). The requirements this legislation foresees mainly relate to ICT risk management, incident management and reporting, resilience testing, ICT third-party risk management and information sharing arrangements.
ENISA signed a multilateral Memorandum of Understanding in June 2024 with the European Supervisory Authorities (the ESAs - EBA, EIOPA, and ESMA) to strengthen cooperation and information exchange on tasks of mutual interest. ENISA published a report on the overview of the current threats in the finance sector in February 2025.