Select Page

DORA, FINMA  RS 2023/1,  and NIS-2 request relentless Security and Compliance

„Whatever Happens“ Resilience

DORA and NIS-2 are regulations that enhance the operational resilience of information and communication technology (ICT) and third-party providers in the EU financial sector.  The FINMA Circular 2023/1 (“FINMA Rundschreiben 2023/1 – Banken”) requests a corresponding resilience level from banks in Switzerland. One way of proving this is to carry out regular penetration tests.

 

With SF-Sherlock, SF-SafeDump and our penetration testing services it has never been easier to implement your DORA, FINMA and NIS-2 readiness on the mainframe platform.

 

To learn more about these important topics, watch the videos below, and check out our new book on pentesting, published by Springer (in German), available June 2025..

SF-Sherlock’s detailed monitoring provides not only powerful intrusion detection, but also great support in deciding on the right recovery point, i.e. where to “go back” in the event of a destructive attack, such as ransomware.

SF-SafeDump’s smart anonymization capabilites let your diagnostic file handling, namely the upload of dumps and logs to the support teams of your software vendors, comply with given regulations. By the way, it also prevents the leakage of highly sensitive security details about your infrastructure, and it solves the risks resulting from the transfer of diagnostic data to the U.S. SF-SafeDump is also available for non-mainframe platforms.

Our trouble-free, simulation-based mainframe penetration testing services allow you to test even production systems at an in-depth level.

In total, the SF solution suite targets even the most challenging risks, such as real-time monitoring and vulnerability assessment, exploits and malicious code, as well as dump and log anonymization.

Also your forensic team needs to be DORA- and FINMA-ready too concerning the mainframe. The reality is that not 100% of all mainframe events are routed to the SIEM, sometimes only warnings and alerts. However, in the event of an incident, forensic investigators need precisely this 100%-level of completeness. SF-Sherlock’s “Forensic Swiss Knife for z/OS” allows you to prepare for this situation in accordance with DORA and FINMA. It works ON REQUEST to provide the SIEM with 100% of the necessary forensic data for a selected date and time range. It’s desgined to work even if top specialists are unavailable. The only step you need to take is to create the corresponding documentation in the operating manual. Such incident-related SIEM 100% filling should also always be part of the emergency drills required by DORA.

The following presentations explain the steps for achieving DORA and NIS-2 readiness for the mainframe platform and the technologies required for this.

Sherlock Product Description

SafeDump Product Description

NIS 2 Directive (EU) 2022/2555 (Network and Information Security Directive). It will become “Security Act 3.0” in Germany. Affected are operators of critical facilities (KRITIS), particularly important facilities, important facilities, federal facilities and operators of “essential services”. Transposition into national law in the EU member states by 17.10.2024. Application in the EU from 18.10.2024.

DORA (Digital Operational Resilience Act) is the new EU regulation (EU) 2022/2554) for IT in the financial sector. In Germany, it is part of the “Financial Market Digitization Act (FinmadiG)”. It has priority for finance over NIS-2. It has been in force since January 17, 2023 and will be applied from January 17, 2025.

FINMA is Switzerland’s independent financial-markets regulator. Via its Circular 2023/1 (“FINMA  Rundschreiben  2023/1  –  Banken”), a kind of Swiss version of DORA, FINMA requests IT resilience from Swiss banks. It’s effectively in force since January 01, 2024.

Here you find additional informations on our resilience-supporting solutions and services:

SF-Sherlock

SF-SafeDump

Trouble-free penetration testing based on simulation

Check out our new book on penetration testing, published by Springer (in German), available June 2025.

If you have further questions, please let us know on how we may support you.

Compliance

Over the past several years, compliance has become more and more an important issue, but also a tedious task. Our SF solutions assist you in automating the resulting workload to the max by also covering the entire mainframe platform - thanks to a 360-degree approach.

Protection

With SF-Sherlock, you can also protect your mainframe platform against attacks and combat high-level risks. Thanks to our max approach this also includes malicious code and exploits. Yes, both of these are real risks on the mainframe platform!

Are you expecting a governmental audit of your mainframe platform soon, as
by the BaFin, ECB, or one of
the “Big Four”?

Let us help you prepare your mainframe security and compliance.

+800 - 37 333 853 or simply dial: +800 - DRFEDTKE

Call our world-wide toll-free number now!

(+ represents the prefix for international calls; in most countries it is 00, and you have to dial 00800-37333853; in the U.S. it corresponds to 011)

News & IT Security Forum

“Forensic Swiss Knife for z/OS” – become DORA- and FINMA-ready

DORA and FINMA sustainably increase the demands on IT security and resilience. One aspect of the proactive regulations concerns the more negative situations and aspects of an incident and how to deal with them, known as incident management. Such an incident necessitates a short-term, in-depth forensic analysis. The results of this analysis must be profound. Why? Since the decision on the restore point may be based on them. And don’t forget the stress level in such a situation. In the case of the mainframe, the logs and events kept online in the SIEM are often not 100% and potentially insufficient for the required deep-level analysis. Why? Because the total volume of data would often be too large for a truly complete SIEM delivery. What consequences does this have for DORA-related incident management? Your IT must always be able to provide the forensics team with the complete inventory of forensic data at short notice for selective periods of time, in an environment that is familiar to them and therefore performs well in terms of analysis. This is usually the SIEM, such as Splunk, ArcSight or QRadar, and not the TSO ISPF environment.

To support your mainframe environment with regard to this DORA aspect, SF-Sherlock’s PTF Level 095 also includes a “Forensic Swiss Knife for z/OS.” This allows you to prepare for this situation in accordance with DORA and FINMA. It works ON REQUEST to provide the SIEM with 100% of the necessary forensic data for a selected date and time range. It’s desgined to work even if top specialists are unavailable. The only step you need to take is to create the corresponding documentation in the operating manual. Such incident-related SIEM 100% filling should also always be part of the emergency drills required by DORA and FINMA.

Join our newsletter list

Worldwide toll-free phone number

+800 - 37 333 853
or simply dial:
+800 - DRFEDTKE

Alternatively:
+41 (0)41 710 7444

(+ represents the prefix for international calls; in most countries it is 00, and you have to dial 00800-37333853; in the U.S. it corresponds to 011, and you have to dial 011-800-37333853)

Find Us

Headquarters

Seestrasse 3a, 6300 Zug, Switzerland

Visitors & Training

Dammstrasse 19, 6301 Zug, Switzerland

Social Media

Xing → Linkedin →

Write Us

Marketing
marketing@enterprise-it-security.com
copy the address

Technical support and hotline
hotline@enterprise-it-security.com
copy the address

Legal and compliance
legal@enterprise-it-security.com
copy the address