Scribd
Upload
14 views11 pages

Exploring DORA 1728309265

Uploaded by

masurkaruma
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
14 views11 pages

Exploring DORA 1728309265

Uploaded by

masurkaruma
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 11

PIYUSH KUMAR PANDA

HERE TO EDUCATE, NOT TO INSPIRE

EU’S
CYBERSECURITY
SHAKE UP? DORA

PIYUSSHH KR. PANDA


01
PIYUSH KUMAR PANDA

INTRODUCTION TO DORA:
The Digital Operational Resilience Act (DORA) enhances
digital resilience in the EU financial sector.

It applies to all financial institutions and critical


Information and Communication Technology (ICT)
service providers, with small firms exempt.

DORA mandates robust controls for incident response,


resilience testing, and third-party risk management.

Compliance becomes mandatory by January 17, 2025,


with severe penalties for non-compliance.

PIYUSSHH KR. PANDA


01
PIYUSH KUMAR PANDA

WHAT’S THE SCOPE OF DORA?


DORA impacts banks, brokers, insurance companies,
and payment processors.

It also applies to ICT providers delivering critical


services like cloud hosting and data analytics.

Financial entities must conduct regular penetration


tests and submit detailed reports.

The regulation aims to ensure operational resilience


against cyber threats.

PIYUSSHH KR. PANDA


01
PIYUSH KUMAR PANDA

WHAT’S THE COMPLIANCE PART?


Establish comprehensive ICT risk management
frameworks and self-assessments.

Implement controls to minimize ICT risks and ensure


resilience through regular testing.

Maintain a register of third-party ICT service


arrangements for risk assessment.

Develop incident response plans for timely reporting of


significant cyber incidents.

PIYUSSHH KR. PANDA


01
PIYUSH KUMAR PANDA

CONSEQUENCES OF NON-COMPLIANCE:
Non-compliance can result in daily fines of up to 1% of
previous year’s average turnover.

Penalties depend on the severity and duration of non-


compliance.

EU member states may impose additional criminal


penalties based on national laws.

Organizations must act swiftly to avoid costly


repercussions.

PIYUSSHH KR. PANDA


01
PIYUSH KUMAR PANDA

PROACTIVE PREPARATION:
Organizations should conduct gap assessments to
identify compliance areas needing improvement.

AI-powered solutions like BMC Helix can streamline


compliance processes effectively.

BMC Helix offers integrated capabilities for governance,


risk management, and incident management.

Tools like BMC HelixGPT assist teams in managing DORA


compliance efficiently.

PIYUSSHH KR. PANDA


01
PIYUSH KUMAR PANDA

OPERATIONAL RESILIENCE FOCUS:


Mainframe operational resilience is crucial for meeting
DORA mandates.

Organizations must adopt modern disaster recovery


strategies to enhance resilience.

Immutable data storage is now a regulatory


requirement for operational integrity.

Solutions like BMC AMI ensure mainframes remain


secure and aligned with business goals.

PIYUSSHH KR. PANDA


01
PIYUSH KUMAR PANDA

CYBER THREAT LANDSCAPE:


The financial sector is increasingly targeted by
sophisticated cyber threats like ransomware and data
breaches.

DORA aims to mitigate these risks through stringent ICT


risk management practices.

Regular testing and incident reporting are vital for


maintaining operational continuity.

Compliance fosters consumer trust in digital financial


services.

PIYUSSHH KR. PANDA


01
PIYUSH KUMAR PANDA

LONG-TERM BENEFITS OF COMPLIANCE:


DORA compliance enhances overall cybersecurity
posture and operational efficiency.

Financial institutions can leverage compliance as a


competitive advantage in the market.

Transparent incident reporting builds consumer


confidence in financial service providers.

Strong governance frameworks contribute to long-


term business sustainability.

PIYUSSHH KR. PANDA


01
PIYUSH KUMAR PANDA

TIME TO ACT:
With DORA enforcement starting soon, immediate
action is essential for compliance readiness.

Investing in the right solutions minimizes vulnerabilities


and enhances resilience against disruptions.

Organizations should prioritize aligning their strategies


with DORA requirements now.

Ensuring compliance not only avoids penalties but


secures a resilient future in the financial landscape.

PIYUSSHH KR. PANDA


01
PIYUSH KUMAR PANDA

CONNECT WITH ME FOR MORE SUCH


INSIGHTS ON:
SOX Audit

Internal Audit

IT Risk Management (ITGC, ITAC, SOC 1 & SOC 2)

Third Part Attestaion & Risk Management (TPRM)

CyberSecurity Internal Controls & Framework

Career in Risk Management, Risk Advisory & IT Internal


Audit.

PIYUSSHH KR. PANDA


01

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy