Operational Resilience for the Financial Sector: Strengthening the Romanian Banking Supply Chain under Emergency Ordinance

Operational resilience in the financial sector no longer depends only on the internal security of a bank. In an increasingly interconnected ecosystem, every vendor, technology provider, cloud service, outsourcing partner, and third-party platform becomes part of the bank’s extended security perimeter.

• The invisible perimeter: Why your security boundary now extends to every vendor you connect to, and what that means for Romanian banks linked to major European groups
• A real-world wake-up call: How Santander was breached not through its own systems, but through a third-party cloud provider, and why it could happen to any bank
• The legal stakes: What Emergency Ordinance 14/2026 requires, who it applies to, and the consequences of non-compliance
• Why annual audits aren’t enough:The structural blind spots in traditional vendor questionnaires and why they leave you exposed 364 days a year

The Slingscore approach: Continuous, external supply chain monitoring that maps risk from the attacker’s perspective, no vendor cooperation needed

This webinar examines how Romanian banks, especially those connected to major European financial groups, must rethink supply chain risk in the context of Emergency Ordinance 14/2026 and the growing regulatory focus on operational resilience, third-party risk, and continuous monitoring.

Using real-world examples, including the Santander incident linked to a third-party cloud provider, the session will explore how cyber exposure can emerge outside the bank’s direct infrastructure and still create significant operational, legal, reputational, and compliance consequences.

The discussion will also address the limitations of traditional vendor questionnaires and annual audits, showing why periodic assessments often fail to capture the real and evolving attack surface of financial supply chains.

Finally, the webinar will introduce the Slingscore approach: continuous, external supply chain monitoring that evaluates risk from the attacker’s perspective, without requiring direct vendor cooperation, helping financial institutions identify exposure before it becomes an incident.

Participants will learn:

• How to assess and map their real vendor attack surface, beyond what questionnaires and self-reporting reveal
• Why a breach at any third-party supplier is now a direct, auditable liability under Romanian and EU regulation
• How to interpret the requirements of Emergency Ordinance 14/2026 and what continuous compliance actually looks like in practice
• The difference between passive risk management and active threat hunting across the supply chain
• How to prioritize remediation by focusing on the critical 1% of vulnerabilities attackers are actively exploiting, not theoretical risks
• How AI-driven tools can scale your security team’s capacity without adding headcount
• How to build a board-ready evidence trail of your vendor security posture for BNR and ASF audits

This session is designed for banking executives, risk managers, compliance officers, cybersecurity teams, vendor risk managers, internal auditors, and financial-sector decision-makers responsible for operational resilience and third-party risk management.

Speaker

Eytan Yaakobi

Director of Sales EMEA
As the Director of Sales at Sling, Eytan Yaakobi has spent nearly seven years in the cybersecurity ecosystem, building a career defined by technical rigor and an “underpromise, overdeliver” philosophy. His path from SDR to Director has kept him grounded, fostering an approach centered on being a trusted advisor: he focuses exclusively on aligning solutions with a customer’s actual needs.

Having led EMEA expansions and managed high-stakes, six-figure partnerships, Eytan Yaakobi specializes in moving organizations beyond “check-the-box” DORA and NIS2 compliance. He focuses on shifting the industry toward predictive TPRM, using continuous darknet intelligence to solve problems before they manifest. He prioritizes long-term client success over transactional gains – a standard he maintains across every partnership. Outside of the office, Eytan Yaakobi is an active IPSC shooter, a pursuit that requires the same precision and discipline he brings to the cyber landscape.