Our Voice

What is Cloud Transformation? The Complete Guide

Discover what cloud transformation means, its benefits, and how CWSI helps businesses modernise IT systems and drive innovation through cloud solutions.

Learn More
BOOK A MEETING

What is DORA?

The Digital Operational Resilience Act is a new, critical act within the EU financial regulation. It is designed to improve the cybersecurity and operational resiliency of the financial service entities primarily around the ICT (information and communication technology) area. The objective of DORA is to enhance standards in how financial service organisations manage ICT risk internally and for external suppliers to ensure that the international EU financial system is protected.

Security balls

Why was DORA created?

DORA was created to strengthen the financial sector’s resilience to cybersecurity incidents in recognition that ICT services and platforms are fundamental to the delivery of modern financial services. Its purpose is to ensure that the financial sector and its suppliers have the safeguards in place to mitigate the risks of a cyber-attack.

When is DORA coming into force?

It is coming into force on the 17 January 2025. There is a 24-month adoption period.

What do Financial Institutions need to do?

The Act requires financial institutions to report data breaches to regulators within a certain time of discovery. Financial institutions will be required to impose the same breach reporting requirements on their suppliers and service providers as part of their contractual obligations. If an organisation is not willing to accept these terms, then DORA prohibits the financial institution from doing business with them.

DORA Framework Requirements

5 Key Focuses within DORA:

Risk Management – This area concentrates on reviewing all internal, external, and critical supplier ICT risks. Taking a deep dive into the different services, platforms, and tools that the organisation needs to produce a robust plan for improving or dealing with any of the risks that have been identified.

Incident Management– Ensuring robust processes and procedures are in place to identify incidents and assess them, evaluate them, manage them, and then report them either to their customers or to the regulator.

A good strategy would be having a Cyber Security Operations Center [CSOC] in place that can detect potential issues or incidents early on, ideally remediate them rapidly through automation or rapid human intervention. They can analyse the root cause to understand what happened, how it happened and what can prevent this happening in the future. This is then reported to the appropriate body or at least internally to ensure that there is good visibility.

Digital Operational Resilience Testing – This is critical but often overlooked. A plan is a good start, but the plan must be tested and amended. If an incident does occur, the relevant teams, internally and externally, must know what actions to take.

ICT Third Party Risk Management – This part focuses on a strategy to successfully risk assess and plan for managing identified risks within your third parties and critical suppliers.

This can be performed on the platform area such as cloud infrastructure from Microsoft, Google or AWS, SaaS providers, or even managed service providers that are tightly integrated with IT teams or within the IT infrastructure. All these different elements will come into scope and need to be understood. Businesses need to make sure that incident management also extends to those services, either directly from the business, and that the incident management, risk management, mitigations, controls, and processes within your third party meet the standards.

The next area of focus is around operational resilience. How do businesses ensure the process and procedures in place to be resilient? What would this look like? With items such as high availability and backup systems that can recover quickly from issues and that can be well tested. Key stakeholders need to be familiar with the plan because the more businesses test, the more a business can be reflective and the better and quicker they can respond.

Lined up balls

Information and Intelligence Sharing – A key goal is that financial service entities will share information around incidents, threats vulnerabilities, and best practice’s with each other to ensure that its benefits spread across all different sized entities. Whether that’s a very large financial service who has a very dedicated security ICT team or a smaller supplier who doesn’t have that level of resource.

CWSI Recommendations

CWSI is uniquely placed to assist financial organisations with identifying, implementing, and managing the necessary cybersecurity measures that should be taken to secure their operations in an increasingly uncertain technology landscape.

The key areas outlined in the Digital Operational Resilience Act, when deployed effectively, offer security and peace of mind to allow organisations to focus on core business functions.

CWSI intentionally focus on providing modern, managed security solutions, partnering with market leading software vendors, to help clients to get secure and stay secure. We have an unrivalled understanding of modern mobile operating systems – how to secure them, and how to integrate them with today’s cloud-based infrastructure and applications. Our services are flexible, scalable, and responsive, with 24/7 options available. All services are backed by CWSI’s ISO 27001 and Cyber Essentials Plus certifications, which cover all aspects of the business and all the services we offer, reassuring clients that we practice what we preach.

Resources

Our Voice

What is Microsoft’s Extended Detection & Response (XDR)?

Learn More

Our Voice

5 Ways to Tackle the Cyber Security Skills Gap.

Learn More

Our Voice

CWSI named Microsoft Ireland’s Security Partner of the Year for 2022.

Learn More

About CWSI Group

Founded in 2010, the CWSI Group, incorporating BLAUD and mobco, is a leading provider of IT security, compliance and enterprise mobility solutions that support hybrid and remote working. Our mission is to enable the world to work securely from anywhere. We have helped thousands of organisations and hundreds of thousands of employees to work productively and securely from anywhere, on any network and on any device, without compromise.

From offices in Ireland, the United Kingdom, Netherlands, Belgium and Luxembourg, we provide consulting, professional services, and managed services to many of Europe’s most respected organisations across a wide range of sectors, both directly and through our relationships with leading telecoms providers. CWSI has deep technical expertise in the design, deployment, integration, and management of industry-leading software solutions, with the highest level of accreditation from technology partners including Microsoft, Samsung, Google Android, Ivanti and SentinelOne.

Back to Resources Next Resource

Relevant Resources

Our Voice

What is Cloud Transformation? The Complete Guide

Discover what cloud transformation means, its benefits, and how CWSI helps businesses modernise IT systems and drive innovation through cloud solutions.

Learn More

Our Voice

The Complete Guide to Advanced Persistent Threats

Learn everything you need to know about Advanced Persistent Threats in this guide by CWSI. Get in touch today for more information.

Learn More

Our Voice

The Complete Guide to Cyber Threat Actors: Understanding and Defending Against Digital Threats

Learn all you need to know about Cyber Threat Actors in this detailed guide from CWSI. We discuss different actor groups, techniques and tactics.

Learn More