Select Page

DORA, FINMA  RS 2023/1,  and NIS-2 request relentless Mainframe Security and Compliance

„Whatever Happens“ Resilience Thanks Regular Penetration Testing

DORA and NIS-2 are regulations that enhance the operational resilience of information and communication technology (ICT) and third-party providers in the EU financial sector.  The FINMA Circular 2023/1 (“FINMA Rundschreiben 2023/1 – Banken”) requests a corresponding resilience level from banks in Switzerland. One way of proving this is to carry out regular penetration tests.


With SF-Sherlock and SF-SafeDump, DORA, FINMA and NIS-2 readiness never been so easy to implement on the mainframe platform.

The SF solution suite targets even the most challenging risks, such as real-time monitoring and vulnerability assessment, exploits and malicious code, as well as dump and log anonymization.

The following presentation explains the steps for achieving DORA and NIS-2 readiness for the mainframe platform and the technologies required for this.

Sherlock Product Description

SafeDump Product Description

NIS 2 Directive (EU) 2022/2555 (Network and Information Security Directive). It will become “Security Act 3.0” in Germany. Affected are operators of critical facilities (KRITIS), particularly important facilities, important facilities, federal facilities and operators of “essential services”. Transposition into national law in the EU member states by 17.10.2024. Application in the EU from 18.10.2024.

DORA (Digital Operational Resilience Act) is the new EU regulation (EU) 2022/2554) for IT in the financial sector. In Germany, it is part of the “Financial Market Digitization Act (FinmadiG)”. It has priority for finance over NIS-2. It has been in force since January 17, 2023 and will be applied from January 17, 2025.

FINMA is Switzerland’s independent financial-markets regulator. Via its Circular 2023/1 (“FINMA  Rundschreiben  2023/1  –  Banken”), a kind of Swiss version of DORA, FINMA requests IT resilience from Swiss banks. It’s effectively in force since January 01, 2024.

Here you find additional informations on our resilience-supporting solutions and services:



Trouble-free penetration testing based on simulation

If you have further questions, please let us know on how we may support you.


Over the past several years, compliance has become more and more an important issue, but also a tedious task. Our SF solutions assist you in automating the resulting workload to the max by also covering the entire mainframe platform - thanks to a 360-degree approach.


With SF-Sherlock, you can also protect your mainframe platform against attacks and combat high-level risks. Thanks to our max approach this also includes malicious code and exploits. Yes, both of these are real risks on the mainframe platform!

Are you expecting a governmental audit of your mainframe platform soon, as
by the BaFin, ECB, or one of
the “Big Four”?

Let us help you prepare your mainframe security and compliance.

+800 - 37 333 853 or simply dial: +800 - DRFEDTKE

Call our world-wide toll-free number now!

(+ represents the prefix for international calls; in most countries it is 00, and you have to dial 00800-37333853; in the U.S. it corresponds to 011)

News & IT Security Forum

Our presentation at the cyber insurance symposium

At the symposium “Cyber insurance in practice – from product development to underwriting to claims management”, we will be giving a presentation on the topic “After Microsoft key theft from crash dump: updating cyber insurance obligations”. You can find all further details here.

Join our newsletter list

Worldwide toll-free phone number

+800 - 37 333 853
or simply dial:

+41 (0)41 710 7444

(+ represents the prefix for international calls; in most countries it is 00, and you have to dial 00800-37333853; in the U.S. it corresponds to 011, and you have to dial 011-800-37333853)

Find Us


Seestrasse 3a, 6300 Zug, Switzerland

Visitors & Training

Dammstrasse 19, 6301 Zug, Switzerland

Social Media

Xing → Linkedin →

Write Us

copy the address

Technical support and hotline
copy the address

Legal and compliance
copy the address