Why Cloud adoption in the Finance Sector is still lagging

This study identified several causes for this slow uptake, including: inconsistent regulatory guidelines on cloud deployment, and concerns about security and data privacy jurisdictions across EU Member States.  For example, almost half of the Financial Institutions surveyed have not developed a cloud risk assessment even though they are aware of specific risks associated with Cloud Computing. Furthermore, although NFSAs are also aware of the risks of cloud computing, they are insufficiently informed about the security measures implemented by CSPs at all times.

CSPs have difficulties offering services to Financial Institutions due to differences in security and privacy requirements across EU member states, such as the implementation of privacy requirements that are the responsibility of national Data Protection Authorities (DPAs) and not of NFSAs.

ENISA, in cooperation with the European Banking Authority (EBA), held a workshop in October 2015 to further enhance and validate the results.  Participants openly discussed the challenges and debated about the possible causes and potential solutions.  Following the discussions and analysis, ENISA issues „Secure Use of Cloud Computing in the Finance Sector“ that includes the following key recommendations:

  • Financial Institutions, National Financial Supervisory Authorities and Cloud Service Providers should co-operate to develop a consistent regulatory framework for the secure adoption of Cloud computing based on widely used good practices and standards,
  • Financial Institutions should develop and implement a risk assessment approach to cloud computing and integrate it with existing corporate risk management processes
  • Cloud service providers should do their utmost to enhance the transparency of their service offerings and comply with any regulatory provision and widely accepted good practices and standards in the area.

Udo Helmbrecht, Executive Director of ENISA, said: “The secure adoption of cloud computing will offer significant competitive advantages to the financial institutions. ENISA will work with all relevant stakeholders to support in this direction”.

For full report:

Neueste Artikel

Städte und Gemeinden sehen auch nach den Ergebnissen der Neuauflage des Zukunftsradar Digitale Kommune im Jahr 2019 einen hohen Nutzen durch die Digitalisierung. Gleichzeitig werden auch in diesem…

Die Startups in Deutschland werden skeptischer. Aktuell sagen nur noch 39 Prozent der Gründer, dass sich in den vergangenen zwei Jahren die Lage für ihr eigenes Startup verbessert hat….

Seit Mai 2019 stellt das BSI ein zweistufiges Schulungskonzept zum Erwerb eines neuen Nachweises zum IT-Grundschutz-Praktiker und IT-Grundschutz-Berater zur Verfügung. Auf der BSI-Webseite steht nun der Antrag zur Zertifizierung…