Business Security Weekly (Audio) Enforcement of the Digital Operational Resilience Act (DORA) - Madelein van der Hout - BSW #381
17 snips
Feb 5, 2025 Madelein van der Hout, a Senior Analyst at Forrester specialized in European security consulting, discusses the Digital Operational Resilience Act (DORA) and its vital role in strengthening cybersecurity for financial institutions. She explores how DORA aims to mitigate risks from cyberattacks and the severe penalties for non-compliance. The conversation also highlights the leadership dynamics within organizations, emphasizing humility and accountability while navigating the evolving cybersecurity landscape. Key insights on communication effectiveness and executive responsibilities in risk management make this discussion particularly engaging.
AI Snips
Chapters
Transcript
Episode notes
DORA Creates EU-Wide Resilience Standards
- DORA is an EU regulation that mandates digital operational resilience for financial entities and their ICT providers.
- It unifies EU-wide operational resilience standards and includes critical ICT service provider obligations.
Contracts And Concentration Risk Matter
- DORA allows financial firms to terminate contracts if ICT providers fail to meet requirements.
- The regulation emphasizes mapping interdependencies and concentration risks across providers.
DORA Reaches Non‑EU Providers
- Non-EU providers serving EU financial entities can fall under DORA's scope if they serve EU customers.
- DORA explicitly targets concentration and interdependency risks tied to major providers.