Do you know that you can search branch offices and ATMs?
Just enter a city or address.
Personal Finance
Project #SafebyRaiffeisen
Project description
The #SafebyRaiffeisen project aims to significantly strengthen Raiffeisenbank's resilience in the field of cybersecurity, increase the readiness and resilience of processes against current and future security threats, build internal capacities and ensure responsible compliance with cybersecurity legislation.
We will contribute to strengthening and securing the supply chain of digital technologies in the EU, in particular in the area of financial services and with operators of essential services. We will pro-actively share the knowledge gained during the implementation of the project.
By applying this approach, we want to raise awareness of cybersecurity trends, threats and defence methods.
At the same time, we will contribute to the creation of the European Cyber Shield. One of the main directions pursued by the project is to evaluate our readiness for the age of quantum computers and to use new approaches to identify cyber threats in this area.
The project's planned activities include a wide range of cybersecurity measures, processes and strategies. The effectively implemented measures will contribute to achieving the European goals as well as to promoting cooperation and harmonization of practices between Member States in line with the objectives outlined in the DIGITAL-ECCC-2023-DEPLOY-CYBER-04-EULEGISLATION call and Cybersecurity Work Programme 2023-2024.
Main project objectives
Detailed project description
The #SafebyRaiffeisen project focuses on improving cybersecurity and ensuring compliance with the NIS2 directive within Raiffeisenbank. The project's emphasis on cybersecurity processes and mechanisms directly corresponds to the objective of improving the security of digital and financial service providers within the EU.
Main activities:
- Creation of new processes and analyses related to new cybersecurity tools and trends
- Review of security policies and standards to ensure compliance with legislative requirements
- Review of the risk assessment strategy for cybersecurity management
- Implementation of advanced solutions such as SIEM, PAM and Zero Trust
- Evaluation of preparedness for threats related to the use of quantum computers
- Sharing knowledge and creating a platform for exchanging best practices and knowledge with other financial institutions in the EU
These steps will ensure that the bank is able to detect and respond quickly to cyber incidents and, where appropriate, inform competent authorities, thereby contributing to the overall security of digital services in the EU.
Collaboration and information sharing
The project promotes cooperation with other organisations within the EU, such as CSIRTs or ENISA, and initiates information sharing between financial institutions and regulators, building an interconnected and pro-active cybersecurity community.
The project will also include workshops and training sessions to share information. The aim is to actively participate in inter-institutional forums focused on cybersecurity, creating a platform for dialogue and cooperation among key stakeholders.
Compliance with legislation
Support for the project aimed at increasing the visibility of cybersecurity coincides with the intention of the Cyber Security Act (181/2014 Coll.). The project includes activities such as awareness-raising, training programs and solutions for security incident management. The aim of the project is to support the certification of the bank's cyber practices and alignment with generally accepted recommendations issued by the National Cyber and Information Security Agency, for example.
The project supports the adoption of recognised security standards and practices in the banking sector and promotes the certification of substantive cybersecurity measures. The outputs developed by the project, namely the analysis of quantum computer readiness requirements and the quantum threat preparedness plan, will support the development of the future EU framework for the certification of Quantum Ready financial institutions.
Conclusion
The project fits into the EU's objectives as it strengthens cybersecurity practices. It improves incident management, contributes to the overall security and trustworthiness of digital technologies and services in the Czech Republic and the EU. This confirms the commitment of Raiffeisenbank and the wider financial sector to strengthen the European Cyber Shield.
Project team
Gabriela Obešlová
Gabriela Obešlová has been working at the bank as Head of Security for four years. She has many years of experience in IT management, security programs and project management, business development and other projects. She has a master's degree in law from Masaryk University in Brno. With her experience and knowledge, she is responsible for the smooth implementation of the entire #SBR program.
Miroslav Kvíčala
Miroslav Kvíčala is the head of information security and has 15 years of experience in the security industry, with a deep understanding of the latest threats and trends. He manages, develops and implements effective security measures to protect the bank's data and systems. He effectively communicates security risks to the bank's management and other stakeholders.
Tomáš Zrcek
Information Security Expert in the Security department. Tomáš Zrcek has more than 9 years of experience in this field. Thanks to his experience and knowledge, he holds the role of a specialist in information security and project management.
Tomáš Rosa
Chief Architect of Mathematical Security in the Security department. Tomáš Rosa is also responsible for the management of the Cryptology and Biometrics Competence Centre of the Raiffeisen Bank International Group. He has over 30 years of experience in cryptology and mathematical security and has earned a PhD in this field.
Jiří Pavlů
Mathematical Security Expert in the Security department. Jiří Pavlů has more than 5 years of experience in cryptology and mathematical security and has earned a master's degree in this field. Thanks to his experience with post-quantum algorithms, he leads the comparison and evaluation of cryptographic solutions.
Dagmar Slaninová
Information Security Specialist in the Security department. Dagmar Slaninová has more than 16 years of experience in information security. With her experience and specific know-how in security awareness and training, she will take on the role of information security specialist and manage the tasks associated with their development.
The project is funded under Grant Agreement No. 101158662 and is supported by the European Cybersecurity Competence Centre.
Co-financed by the European Union. However, the views and opinions expressed by the author(s) are those of the authors only and do not necessarily reflect the views of the European Union or the European Cybersecurity Competence Centre. Neither the European Union nor the granting authority can be held responsible for these opinions.
