The Commission de Surveillance du Secteur Financier (CSSF) has published its Annual Report for 2024, offering a crucial overview of the challenges and priorities for Luxembourg’s financial sector. In an environment marked by geopolitical uncertainty and rapid technological change, the report serves as an essential guide for navigating the regulatory landscape.
In his latest analysis, Laurent de la Vaissière, our principal consultant delves into the report to distill the most critical insights for technology and cyber risk professionals. The analysis focuses on the practical implications of the CSSF’s findings and strategic direction.
Key topics covered in the article include:
- The transition from preparation to active supervision for the Digital Operational Resilience Act (DORA), with the first compliance checks scheduled for 2025.
- The growing regulatory focus on Artificial Intelligence (AI), with the implementation of the AI Act becoming a top priority for the CSSF.
- The evolving cyber threat landscape, highlighted by a reported 90% increase in ICT-related incidents and key lessons from third-party outages.
- Actionable intelligence from the CSSF’s on-site IT inspections, revealing common shortcomings in areas like IT governance, logical access management, and outsourcing oversight.
This analysis provides a concise yet comprehensive guide for navigating the regulatory and technological shifts ahead.
Read the full analysis through this link.