ctipilot.ch

EU 20th Russia sanctions package

policy · policy:eu-20th-russia-sanctions-mss-prohibition-2026

EU 20th Russia sanctions package with a managed-security-services prohibition (effective 25 May 2026); Switzerland adopted most measures on 22 May.

Coverage timeline
2
first 2026-05-18 → last 2026-06-01
Peak priority
high
1 high · 1 notable
Sources cited
4
3 hosts
Sections touched
1
weekly-policy
Co-occurring entities
0
no co-occurrence
ATT&CK techniques
0
no mapped behavior yet

Story timeline

  1. 2026-06-01EU 20th Russia sanctions package: managed security services prohibition in force since 25 May; Commission interpretive guidance outstanding
    weekly-policy
  2. 2026-05-18EU 20th Russia sanctions package — managed-security-services prohibition effective 25 May; Switzerland adopted most measures 22 May
    weekly-policy

Where this entity is cited

  • weekly-policy2

Source distribution

  • squirepattonboggs.com2 (50%)
  • gtlaw.com1 (25%)
  • wbf.admin.ch1 (25%)

Entries about EU 20th Russia sanctions package (2)

2026-06-01 · view entry permalink →

NOTABLE

EU 20th Russia sanctions package: managed security services prohibition in force since 25 May; Commission interpretive guidance outstanding

Since 25 May 2026, EU operators are prohibited from providing managed security services — incident response, penetration testing, security audits, consulting — to the Russian government and to entities established in Russia, under Council Regulation (EU) 2026/506 (20th sanctions package) (Squire Patton Boggs analysis; Greenberg Traurig analysis). Wind-down transactions must be completed before 24 October 2026. As of publication, interpretive guidance from the European Commission on the exact prohibition scope has not been issued. Swiss MSSPs are not directly subject to EU sanctions law but should note that EU-headquartered affiliates and any SWIFT/correspondent-banking touch points in EU create indirect exposure. For SOC procurement teams: this prohibition is now live compliance context when reviewing vendor contracts involving any Russian-entity counterparty.

policy01 Jun 05:00Zmulti-sourceOpen finding ↗

2026-05-18 · view entry permalink →

HIGH

EU 20th Russia sanctions package — managed-security-services prohibition effective 25 May; Switzerland adopted most measures 22 May

The single most defender-relevant regulatory change of the window. Council Regulation (EU) 2026/506 introduces a prohibition on providing "managed security services" — defined to include incident handling, penetration testing, security audits and security consulting/technical-support advice — to the Government of Russia and to entities legally established in Russia, effective 25 May 2026. The prohibition reaches EU-incorporated MSSPs supplying Russian subsidiaries absent a national-competent-authority licence; no European Commission interpretive guidance on scope had been published as of 24 May, so law-firm analyses advise a conservative reading. Switzerland's EAER adopted most of the 20th-package measures effective 22 May (115 individuals/entities asset-frozen, 20 Russian banks and 7 third-country intermediaries under transaction ban, RUBx / digital-ruble transactions prohibited from 26 May), deferring some energy/trade provisions; whether the Swiss transposition includes the managed-security-services prohibition specifically requires SECO confirmation. What defenders must do differently: any EU or Swiss SOC, IR firm, or pentest provider with a Russian-law-entity client must have wound those engagements down by 25 May, and should verify no security tooling (EDR agents, SIEM forwarders, ticketing/connector integrations) is being operated or serviced under a contract with a Russian-established entity.

policy18 May 05:00Zmulti-sourceOpen finding ↗