Addressing Third-Party Blind Spots in DORA Compliance – Intelligent CISO

Resources
Addressing Third-Party Blind Spots in DORA Compliance – Intelligent CISO

Published:

Staff Editor
Written by: Staff Editor

DORA Compliance: Ensuring Resilience and Swift Recovery in Financial Services

Veeam’s Andre Troskie on DORA Compliance: A Guard Against Cyber Threats

In the evolving landscape of cybersecurity, Andre Troskie, EMEA Field CISO at Veeam, emphasizes the vital role of DORA (Digital Operational Resilience Act) compliance for financial services organizations. While acknowledging that DORA compliance won’t eradicate all cyber threats, Troskie asserts it serves to enhance organizations’ readiness and their ability to recover swiftly from attacks.

The financial services sector, accustomed to stringent regulations, is generally ahead in compliance efforts compared to other industries. Many firms have been building their cybersecurity strength over years of adhering to strict standards. However, Troskie warns that DORA’s requirements extend beyond internal protocols to encompass third-party suppliers—a common area where organizations stumble during initial audits.

A recent EY survey underscores this concern, revealing that 98% of financial services organizations partner with third-party vendors, who can represent significant compliance risks. To meet DORA’s demands, institutions must reevaluate and often renegotiate Service Level Agreements (SLAs) with these providers. Troskie notes that achieving this will necessitate collaboration across security, risk management, and legal teams.

While DORA compliance alone won’t make organizations invulnerable to cyberattacks, it is a significant step toward operational resilience. By enhancing incident response plans and ensuring continuous alignment with DORA requirements across all partners, organizations can minimize downtime costs—previously reported at $152 million for the sector.

Ultimately, while compliance with DORA is not a panacea for cyber security, Troskie reiterates its importance in demonstrating preparedness and fostering recovery capabilities. Financial services organizations must prioritize DORA compliance and work collectively with their third-party vendors to avert severe repercussions associated with non-compliance.

Related articles

Recent articles

Latest Updates

© Cyberwarriorsmiddleeast.com