#CIO - Cybersecurity : DORA (Digital Operational Resilience Act) The new European’s cybersecurity landscape becoming more stringent for businesses

The new European’s #cybersecurity landscape for #businesses is becoming increasingly stringent with the introduction of new directives. Behind acronyms like #NIS2 (Network and Information Security), #CRA (Cyber Resilience Act), and #DORA (Digital Operational Resilience Act) are upcoming directives or laws aimed at enhancing the cybersecurity of enterprises.

The Digital Operational Resilience Act (#DORA) is another European regulation set to take effect in January 2025. It aims to enhance the IT operational resilience of financial sector players, including banks and insurance companies, affecting approximately 22,000 organizations. Initiated by the European Commission in 2020, DORA seeks to ensure business continuity even in the face of IT attacks or cyber incidents. Financial institutions subject to DORA must implement and document a series of measures, focusing on various aspects of cybersecurity, including cyber threat monitoring, reporting cyberattacks, and backup requirements. DORA also mandates financial institutions to maintain a record describing contractual arrangements with IT suppliers and include specific provisions in contracts with them.