NIS 2 – Banks – Implementing cybersecurity measures in essential services: A critical need


The growing dependence on digital infrastructure in various sectors has exponentially increased the risk of cyber threats. These threats can lead to catastrophic consequences if not properly managed, especially in essential services. Cyber-attacks can disrupt critical operations, compromise sensitive data and cause financial and reputational damage. The NIS 2 Directive seeks to address these risks by mandating robust cybersecurity measures in critical sectors.

Essential services such as energy, transport, banking and healthcare are the backbone of modern society. Disruption can have far-reaching consequences, affecting not only the immediate sector, but also the economy and public safety. As cyber threats become more sophisticated, it is crucial to implement comprehensive cyber security strategies to protect these services from potential attacks.

This paper aims to highlight the importance of implementing these measures by examining potential threats and their impact on essential services. By understanding the risks and the necessary cybersecurity measures, we can better protect critical infrastructure and ensure the continuity of essential services.

Overview of the NIS 2 Directive

The Networks and Information Systems (NIS) 2 Directive is a key piece of EU legislation designed to improve the cyber security of critical infrastructure. It extends the scope of the original NIS Directive, increasing the obligations for Member States and operators of essential services to enhance their cybersecurity capabilities.

Key objectives of the NIS 2 Directive

  • Strengthening cyber security: Improving the security of networks and information systems across the EU.
  • Increased cooperation: Improved cooperation between Member States and the European Union Cyber Security Agency (ENISA).
  • Harmonization of regulations: Ensure consistent cybersecurity requirements across Member States.
  • Improve incident reporting: Establish mandatory reporting of significant cyber incidents to relevant authorities.

Key provisions

  • Broad scope: Includes additional sectors such as health, digital infrastructure and space.
  • Risk management: requires operators to adopt risk management practices, including technical and organizational measures.
  • Incident Response: Mandates the development and implementation of incident response plans.
  • Supply chain security: emphasizes the need to address cyber security risks in the supply chain.

Key services and potential cyber threats

  • Energy
  • Transportation
  • Banks
  • Financial market infrastructures
  • Health sector
  • Drinking water supply and distribution
  • Digital infrastructure
  • Public administration
  • Spazio



Banking involves financial institutions offering services such as deposits, loans and foreign exchange. It is essential for economic stability and personal financial security.

Potential Cyber Threats:

  1. Banking System Outages:
    • Description: Cyber attacks can disable banking systems, preventing transactions and access to funds, causing widespread financial disruption.
    • Impact: It affects both individuals and businesses, causing significant economic losses and loss of confidence in financial systems.
    • Examples: DDoS attacks targeting banking infrastructure, such as attacks on several banks in Europe in 2012.
  2. Fraudulent transactions:
    • Description.
    • Impact: Leads to direct loss of money and can cause major reputational damage for financial institutions.
    • Examples: phishing attacks and malware that compromise customers’ bank accounts, such as the Carbanak incident, which stole more than $1 billion from banks around the world.
  3. Customer data security breaches:
    • Description: Security breaches affecting customer data can lead to identity theft and financial fraud, undermining trust in financial institutions.
    • Impact: It affects millions of customers, leading to financial losses and potential lawsuits against banks.
    • Examples: major security breaches such as the Equifax incident in 2017, which exposed the personal data of 147 million people.
  4. ATM network compromise:
    • Description: Attacks on ATM networks can lead to unauthorized cash withdrawals and service interruptions.
    • Impact: It causes financial losses for banks and customers and can create panic among ATM users.
    • Examples: attacks on ATM networks, such as the Jackpotting attack, where ATMs were manipulated to release money in an unauthorized way.

Mitigation Strategies:

  • Real-Time Monitoring and Response: deploy advanced monitoring systems for rapid threat detection and response.
  • Data Encryption: using advanced encryption to protect sensitive customer and transaction data.
  • Multi-Factor Authentication: Implement multi-factor authentication to ensure secure access to bank accounts.
  • Customer Education: Educate customers on recognizing and avoiding phishing attempts and other social engineering methods.
  • Collaboration and information sharing: Promote collaboration between banks and law enforcement agencies to share threat intelligence and best practices.
  • Incident Response Planning: Develop and regularly update incident response plans to ensure rapid and effective responses to cyber incidents.

By understanding these potential threats and implementing robust mitigation strategies, the banking sector can increase resilience against cyber-attacks and ensure the continued provision of essential services.