19/09/2024
Everything you need to know about DORA
At Getronics we take pride in the fact that we’re a team with expertise. Keeping track of the way industries change is important for any business, and we have the skills to keep you up to date.
Read on to find out everything you need to know about DORA, shared from our Global Head of Operational Security, Rob Nidschelm.
The questions are simple, but the answers might change the way you approach this new and important industry standard.
What is DORA?
DORA, or the Digital Operational Resilience Act, is a regulatory framework introduced by the European Union to enhance the operational resilience of financial institutions. DORA entered into force in January 2023, but its full application will not begin until January 2025
Financial institutions across the globe need to be able to withstand, respond to, and recover from all types of ICT related disruptions – including cyber-attacks. DORA will implement uniform requirements, making the entire EU more secure against evolving digital threats.
In Which Key Ways Is DORA Going to Change the Financial Services Sector?
The finance sector includes a variety of different business types – from banking and investments, to third party ICT providers. DORA makes sure that every organization is standardized, and meets the same level of cyber-security and operational resilience.
By creating this continent-wide framework, DORA strengthens how your company will operate globally too. DORA strengthens resilience within the EU, but it does not directly apply to companies operating globally unless they deal with EU financial entities. Businesses that are looking for partnerships within the EU will know that you have a strong foundation in security; giving you a global appeal.
Taking responsibility for DORA is an important role, and senior management teams will need to create strong governance to maintain their standards. DORA will help your company to gain a clearer oversight on security and resilience through using key team members and their valuable skills.
How should companies prepare?
Taking proactive steps is the best way to get your organisation ready for DORA – here are a few tips to get ready.
Assess your current risk management. When you know where gaps are, you’ll know exactly where to implement DORA first. It also means you can develop processes for monitoring third parties. Your ICT providers should include contractual agreements that uphold DORA compliance, you can cover yourself and your partners with established protocols, and incident reporting.
Schedule regular testing. By investing in regular resilience exercises, the opportunity to find potential weaknesses is improved. It gives you insights into how to improve security measures, and make improvements continuously, instead of improving in random stages.
What problems will DORA help to solve?
Different member states of the EU have a range of rules for ICT risk management, creating a significant challenge for companies operating across the continent. The various standards and practices will be brought to a single standard under DORA, making it easier to gain insight and establish a new framework for the way you supervise third-party services.
DORA, when followed correctly, will make it harder for cyberattacks to be successful and if an attack ever does become successful these regulations will lead to a faster recovery. We’ve seen in recent years an increase in how sophisticated these attacks can be, and the disruption they cause. DORA fosters communication between you and your industry, keeping businesses safe, by working together.
How can Getronics help?
We’re here to support you, with all of your digital needs. Here are a few ways in which a partnership with Getronics can help you meet the Digital Operational Resilience Act regulations, and keep your business healthy in other ways.
Getronics can provide comprehensive cyber-threat services that identify the chance for hostile action before it’s taken. Partnering with us gives you state-of-the-art tools in security management systems, which monitor and report on the health of your resilience.
From Business Continuity Management to Disaster Recovery, we develop plans with you, tailored to suit your needs. Utilising our Security Operations Centre to add another layer of protection, all of our solutions are a collaboration to keep you as safe as possible.
Contact our experts to understand more about how to match DORA, and how Getronics can help you exceed it.