The European Network and Information Security Agency (ENISA) has issued a report including a number of recommendations for the secure adoption of cloud computing in the banking sector at the EU level. The report recommends:

  • that Financial Institutions (FIs) engage with Cloud Service Providers (CSPs) and National Financial Supervisory Authorities (NFSAs), to assist NFSAs to define national good practices and (de-facto) standards in the areas of cloud governance and risk management and to define good practices and de-facto standards for incident information sharing;
  • that NFSAs work together at the global and European levels to define a set of common good practices for cloud security and privacy;
  • that FIs develop a cloud computing strategy in order to define their approach to cloud computing;
  • that CSPs continue their efforts to provide sufficient transparency and help their customers and supervisory authorities understand the level of assurance that their cloud offerings provide;
  • that the European Commission, other relevant European Agencies (e.g., EBA, ENISA) as well as industry bodies work together to create information campaigns for the financial industry.