27/02/2025
As of January 17, 2025, the Digital Operational Resilience Act (DORA) is now in full effect across the European Union. The regulation demands that financial institutions build cyber resilience, ensuring they can withstand, respond to, and recover from threats. But let’s be real, compliance is not just about ticking boxes; it’s about stopping real-world attacks.
DORA is Here: Why Privileged Access Management (PAM) is Your First Line of Defence
One of the biggest blind spots in cybersecurity today? Privileged Access. If you think hackers are only targeting endpoints or unpatched servers, think again. Compromised admin credentials are the golden ticket for cybercriminals to bypass security controls, manipulate transactions, and deploy ransomware with impunity.
To find out more about DORA, view our dedicated webinars in English, or Spanish.
Recent Breaches That Could Have Been Prevented With PAM
Case: The MOVEit Supply Chain Attack (2023)
The Cl0p ransomware gang exploited a zero-day vulnerability in Progress MOVEit, stealing data from hundreds of organisations, including financial institutions.
Case: Change Healthcare, a subsidiary of UnitedHealth Group (2024)
The breach compromised the personal information of over 100 million individuals, including health insurance details, medical records, billing information, and personal identification numbers. The attackers gained access by exploiting compromised credentials to infiltrate a Citrix remote service that lacked multifactor authentication. This allowed them to navigate the internal network, deploy ransomware, and exfiltrate sensitive data. Despite paying a $22 million ransom, the company faced substantial operational disruptions and reputational damage.
Case: Finastra Data Breach (2024)
In November 2024, Finastra experienced a significant data breach where attackers infiltrated their system, stealing approximately 400 gigabytes of sensitive data. This compromised data was subsequently offered for sale on darknet forums. The breach was attributed to compromised credentials, highlighting vulnerabilities in access management. Implementing a robust Privileged Access Management (PAM) solution could have mitigated this risk by enforcing strict controls over privileged accounts, monitoring access, and promptly detecting unauthorized activities.
How PAM Could Have Helped
A robust session monitoring policy, combined with least privilege enforcement, could have prevented lateral movement by restricting attackers’ access. This would have limited their ability to extract data while ensuring strict controls over privileged accounts. Continuous access monitoring would have enabled real-time detection of unauthorized activities, reducing the risk of data breaches. Implementing these measures strengthens security by enforcing least privilege principles and proactively identifying suspicious behaviour before damage occurs.
How BeyondTrust PAM Aligns with DORA
DORA mandates “ICT risk management frameworks” to ensure financial institutions can defend against cyber threats. Privileged Access Management (PAM) is central to meeting these requirements by:
- Enforcing Least Privilege – Reducing exposure to attack vectors.
- Continuous Monitoring & Auditing – Providing visibility into privileged activity.
- Strong Authentication & Session Control – Blocking unauthorised access and lateral movement.
- Automated Threat Response – Detecting and revoking compromised credentials in real time.
To ensure that your business is DORA Aligned, read our whitepaper on the topic, and view this article to find out more.
Take Action Now
DORA isn’t just another compliance requirement. It’s a wake-up call for financial institutions to prioritise privileged access security. Treating PAM as an afterthought is no longer an option.
Has your organisation implemented a PAM solution that truly meets DORA’s resilience standards? If not, now is the time. As a trusted MSSP, Getronics partners with BeyondTrust to deliver robust PAM solutions with BeyondTrust, PRA, and PS.
How is your organisation managing privileged access in the era of DORA? Let’s discuss.
Written by Getronics Global Head of Operational Security Rob Nidschelm.
