The commentary
FINMA has published its findings from its supervisory activities in the area of cyber risks in guidance. It also provided further details on the obligation to report cyber attacks and scenario-based cyber risk exercises. According to FINMA outsourcing is a risk driver: In 2022 and 2023, more than half of the reported cyber attacks involved outsourced services. FINMA also frequently identifies weaknesses in this area as part of its supervisory activities with regard to cyber risks. In addition to outsourcing, there is a recurring focus on other topics, such as governance in dealing with cyber risks.
This publication has been prepared solely for information purposes and is does not constitute a recommendation, a solicitation, or an offer. The information on which this publication is based has been obtained from sources that we believe to be reliable and in good faith, but we have not independently verified such information and no representation or warranty, express or implied, is made as to its accuracy. All expressions of opinion are made as of the date of publication and may be subject to change without notice. k-flash and all related affiliates accepts no liability or responsibility whatsoever for any consequential loss of any kind arising out of the use of this publication or any part of its contents. The use of this publication should not be regarded as a substitute for the exercise by the recipient of his or her own judgment. This publication is not directed to any person in any jurisdictions that prohibit such publication.