The European Union Digital Operational Resilience Act (DORA) is set to become fully applicable to financial institutions and IT service providers in the EU on January 17, 2025.
With just one month to go, the fintech sector is racing to ensure compliance. DORA aims to enhance cybersecurity and fraud prevention while bringing stability to the financial sector.
Experts highlight that firms must address cyber risks such as legacy technology vulnerabilities, unauthorized access, and insider threats. Automation and centralized identity security are critical, with breaches costing an average of $6 million per incident.
Despite the urgency, many financial institutions remain unprepared due to budget and staffing shortages.
Experts suggest focusing on cybersecurity fundamentals like multi-factor authentication, firewalls, and network visibility while integrating advanced tools like AI-powered threat intelligence for proactive defense.
Other experts note that, DORA consolidates many existing cybersecurity practices, urging firms to identify weaknesses, prepare management, and establish clear incident reporting and recovery processes.
However, DORA has drawn criticism for its potential gaps and challenges.
Additionally, regulations often lag behind technological advances, making it vital for businesses to view DORA as a framework to bolster broader strategic resilience rather than as a checklist.
Research by Security-Score-card underscores the urgency of compliance, revealing that 98% of Europe’s top companies experienced third-party breaches in the past year. Scandinavian countries ranked highest in cybersecurity readiness, while the energy sector showed significant vulnerabilities. Strengthening vendor accountability and leveraging cybersecurity ratings could enhance supply chain resilience and mitigate risks.
Experts stress that while DORA’s January deadline is a milestone…. it is not the finish line. Resilience must become an integral part of financial institutions’ operations, requiring constant vigilance and collaboration across departments.
Other subject matter experts highlight that smaller firms face significant challenges in meeting DORA’s stringent requirements, necessitating strategic planning and ongoing compliance efforts.
While outsourcing compliance can help smaller businesses, it comes at a cost. Ultimately, embedding resilience into organizational strategy will be essential for navigating the challenges and opportunities of a DORA-compliant future.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
