/

Banks & FinTech

IT security for the finance sector is our core competency. For many years now, the finance industry has been one of the most attractive targets for professional hacker groups, cybercriminals, and hacktivists. At the same time, the advancing digitalization trend has exponentially increased vulnerability to virtual attacks. These circumstances significantly jeopardize the security and reliability of digital processes throughout the entire finance sector – from FinTech start-ups, right up to major banks.

/

01

IT security in the finance sector

Cyber attacks can incur immense costs for the companies affected. In addition to the direct damages caused by business processes being disabled, there are also long-term damages to a company’s image among customers and business partners. A critical attack can therefore pose a threat to the company’s existence. According to the digital association Bitkom, cyber attacks cause 223 billion euros in damages per year to the German economy.

02

Observing strict rules

Especially in the financial industry, the regulatory requirements for digital systems and processes are immense. Securing banking IT in compliance with the requirements of the German Banking Act (KWG), MaRisk, BAIT and soon also DORA requires the highest level of expertise and reliable technology. In addition, the General Data Protection Regulation (GDPR) and the IT Security Act (IT-SiG) must be respected. Institutions that exceed certain transaction thresholds are classified as critical infrastructures (KRITIS), which are subject to even stricter IT security requirements. They must regularly demonstrate that they are using all available cybersecurity options to protect their systems to adequately ensure the integrity, availability, authenticity and confidentiality of the data.Speziell in der Finanzindustrie sind die aufsichtsrechtlichen Anforderungen an digitale Systeme und Prozesse immens. Um die Banken-IT Compliance-konform nach den Anforderungen von KWG, MaRisk, BAIT und bald auch DORA abzusichern, bedarf es höchsten Know-hows und verlässlicher Technologie. Außerdem sind die Datenschutz-Grundverordnung (DSGVO) und das IT-Sicherheitsgesetz (IT-SiG) zu beachten. Institute, die bestimmte Schwellenwerte an Transaktionen überschreiten, zählen zu den Kritischen Infrastrukturen (KRITIS), für die nochmals höhere Vorgaben an die IT-Sicherheit gelten. Sie müssen regelmäßig nachweisen, alle verfügbaren Optionen der Cybersicherheit zum Schutz ihrer Systeme einzusetzen, um Integrität, Verfügbarkeit, Authentizität sowie Vertraulichkeit der Daten angemessen sicherzustellen.

More about MaRisk AT 9
/

03

What penalties might the affected finance companies face?

If finance companies infringe upon the regulatory requirements for data security, they face the risk of incurring drastic fines of up to 20 million euros, or up to 4 percent of their global annual revenue. This depends on which sum is higher. If sensitive customer data is leaked as a result of negligence, the executives responsible for this may face fines or even criminal charges.

Tailor-made solutions

from Myra Security for the finance sector, KRITIS and government:

Comprehensive certification

ISO 27001 based on BSI IT-Grundschutz, PCI-DSS, IDW PS 951 (ISAE 3402)

Audited

MaRisk, BAIT, BSI-KRITIS qualified

Security Operation Center

24/7 full-service support from our IT experts

High scalability

quick installation and easy operation

Made in Germany

German manufacturer & GDPR-compliant

100% discretion

All communications are treated as highly confidential

/

SPARKASSE.DE

Sparkasse relies on Myra

With our expertise, smart solutions, and successful certifications, we have what it takes to protect customers in the finance sector. With Sparkasse.de, Myra protects, among other things, the central online presence of the Sparkasse. As a German expert in IT security, Myra is the compliance guarantor for essential and non-essential outsourcing.

Our technologies for protecting the finance sector

Myra DDoS Web Protection protects online banking services, websites, and the DNS servers and IT infrastructure required for communication in a fully automated way. Myra fulfills all 37 performance requirements of the BSI for qualified DDoS protection providers. As such, highly sensitive infrastructure is in safe hands with Myra.

To Myra DDoS Web Protection

Myra Application Security protects your applications against attacks as an upstream protective filter. Malicious traffic is filtered before it reaches your servers or cloud architecture. Using Myra’s multi-fingerprinting features, any applications attempting to access the servers are clearly identified and displayed in Myra Analytics.

To Myra Application Security

Do you have
questions?

Please contact us via contact form or call us at:
+49 89 414141 - 345.

0/500

Alle Informationen zur Datenverarbeitung finden Sie in unseren Datenschutzbestimmungen.

© Myra Security GmbH 2023, all rights reserved

Responsible DisclosureLegal noticePrivacy policyTerms and Conditions