Search
Close this search box.

Simplifying Digital Operational Resilience for the EU Financial Sector

Share This Post

Simplifying Digital Operational Resilience for the EU Financial Sector.

Everyday activities of the financial sector are supported by complex Information and communication technology (ICT) systems supporting the introduction of many new digital services that enhance customer experience, increase the efficiencies of internal process, but at the same time introduce additional risks and vulnerabilities which may expose financial firms to cyber-attacks or other incidents that may disable important business services.

If these risks are not adequately managed, they may result in the suspension of financial services, which are frequently provided across national boundaries and have a significant impact on other businesses, industries, or even the EU economy. The possibility of such cross-border and cross-sectoral disruptions emphasizes the importance of the financial sector’s digital operational resilience.

On 27 December 2022, the Digital Operational Resilience Act (DORA) was published in the Official Journal of the European Union as a measure to enhance the overall digital operational resilience of the EU financial sector and entered into force on 16 January 2023. DORA will come into full force from 17 January 2025.

Where does DORA fit in the context of existing EU Financial Directives?

DORA applies to upwards of 22,000 financial firms covering Banking & Payment Markets, Asset Management, Investment Services, Insurance, and forms part of a wider EU Digital Finance package as well as linking with European measures on cyber security and the European strategy for data. Of course, regulation in the financial sector is not new and the Digital Operational Resilience Act DIRECTIVE sits at a higher level in the context of the DORA with the legal objective of strengthening digital operational resilience through the amendment of certain EU Financial Sector Directives, such as, CRD IV and PSD2 (Banking & Payment Markets), Solvency II (Insurance), UCITS IV and AIFMD (Asset Management) and MiFID II (Investment Services).

How will DORA compliance work in practice?

The Digital Operational Resilience Act REGULATION defines a detailed and complete framework of rules for the identification and management of ICT and Cyber risk, establishing obligations regarding periodic testing of infrastructures and the use of strategies, policies, processes, tools and reporting to address all facets of digital operational resilience. Within the regulations there are two types of standards: the regulatory technical standards (RTS), which are adopted by the Commission by means of a delegated act and the implementing technical standards (ITS), which are adopted by means of an implementing act. The ITS aim to set in place uniform reporting requirements to ensure fair conditions of competition between comparable groups of financial firms.

Digital Operational Resilience Testing

Although the level of testing needed may vary depending on the kind, size, and complexity of the financial firm under consideration, independent testing and self-assessment will always be essential to evaluate readiness for addressing ICT-related catastrophes and to spot flaws, shortcomings, and gaps in digital operational resilience. Certain financial companies will also be required to do more advanced testing at least every three years in addition to the yearly testing.

How can Cristie Data help your Digital Operational Resilience strategy?

Cristie Data bring decades of Data Management and Data Security experience into play and work with leading technology partners in areas including Zero Trust Data Protection, Managed Security Operations, large scale System Recovery and Simulated Recovery Testing. Our financial sector team can advise on appropriate technologies and processes that can simplify operational resilience testing, self-assessment regulatory reporting, and the orchestration of ICT system recovery at scale. Contact us to discuss your current challenges and milestones required in meeting the 17 January 2025 deadline.

Cleanroom Recovery – A Safe Haven in the Storm of Cyberattacks

Cleanroom Recovery: A Safe Haven in the Storm of Cyberattacks Cyberattacks are a constant threat in today’s digital landscape. From ransomware that encrypts your data to malware that steals sensitive information, these attacks can cripple your business operations and cost you dearly. But there is a powerful tool at your

Why Data Sovereignty Matters for Germany’s Digital Future

Why Data Sovereignty Matters for Germany’s Digital Future This month we met with Christof Gedig, CTO at Cristie to ask why sovereign cloud is an ongoing hot topic, and what is means for companies in Germany. Q: What is a sovereign cloud why is it important for data protection strategy?

Cristie Data GmbH: Your Partner for HPC Data Backup & Archive

Cristie Data GmbH: Your Partner for HPC Data Backup & Archive The High-Performance Computing (HPC) sector generates unprecedented amounts of data critical to scientific research, engineering simulations, and cutting-edge technological development. This data is as vast as it is valuable, and effective backup and archiving strategies are not just an

The IBM TS1170: A Game-Changer for HPC Data Storage

The IBM TS1170: A Game-Changer for HPC Data Storage In 2023, IBM and Fujifilm made a significant breakthrough in data storage technology with the release of the IBM TS1170 tape drive and its compatible 3592 JF tape cartridges. This innovation offers game-changing advantages for High-Performance Computing (HPC) users, addressing the

Have you heard of CO2 neutral data protection?

Have you heard of CO2 neutral data protection? Data centers consume vast amounts of electricity for servers, cooling, and infrastructure, with most receiving their power from traditional sources such as nuclear, coal or gas. This is not just old-fashioned; it also emits a huge amount of CO2 which causes climate

The Cybersecurity Crisis in Healthcare: Germany Under Attack

The Cybersecurity Crisis in Healthcare: Germany Under Attack The healthcare sector has become a prime target for cybercriminals in recent years. The sensitive nature of health data, often coupled with outdated legacy systems and limited cybersecurity budgets, makes healthcare institutions vulnerable targets. Germany has seen a surge in cyberattacks targeting

SiteLock

Save the Data - Event Registrierung

Thank you for your registration!






Participation subject to availability.

Schauen Sie sich das DORA Video an

Thank you for submiting your email address. Press the button below to download the pdf.

Watch the Spectra Tape Video

Thank you for submiting your email address. Press the button below to download the pdf.

Schauen Sie sich das NIS2 Directive Video an

Thank you for submiting your email address. Press the button below to download the pdf.

Save the Data - Event Registrierung

Thank you for your registration!






Teilnahme nach Verfügbarkeit.

Arctic Wolf - Security Breakfast

Thank you for your registration!





Teilnahme nach Verfügbarkeit.

Arctic Wolf - Security Breakfast Event

Thank you for your registration!





Participation subject to availability.

eBook: Transform Your Business with Mature Data Management

Thank you for submiting your email address. Press the button below to download the pdf.

Understanding LTO-9 Tape Technology – Whitepaper

Thank you for submiting your email address. Press the button below to download the pdf.

Understanding LTO-9 Tape Technology – Whitepaper

Thank you for submiting your email address. Press the button below to download the pdf.

Contact Info

Nordring 53-55, 63843 Niedernberg,
An der Burg 6, 33154 Salzkotten,
Germany

Monatliches Angebot für Cloud-Schutz anfordern

Thank you for your registration!

Wählen Sie mehrere aus, indem Sie beim Auswählen die Taste strg oder cmd drücken.

*Sie können die Anzahl der zugewiesenen Lizenzen in Microsoft 365 ermitteln, indem Sie zur Seite Microsoft 365 Admin center > Billing > Licenses navigieren.

** Die folgenden Abonnements werden von Cristie Cloud Backup für Google Workspace nicht berechnet:
Google Voice Starter (SKU ID: 1010330003)
Google Voice Standard (SKU ID: 1010330004)
Google Voice Premier (SKU ID: 1010330002)

Auf dem Weg zur intelligenten Welt – Whitepaper

Da neue Technologien wie 5G, IoT, Cloud Computing und Big Data in der digitalen Transformation eingesetzt werden, bewegt sich die IT-Architektur von Unternehmen in Richtung eines hybriden Frameworks aus „traditioneller IT + privater Cloud + öffentlicher Cloud + Edge“.

Thank you for submiting your email address. Press the button below to download the pdf.

Striding Towards the Intelligent World – White Paper

As new technologies, such as 5G, IoT, cloud computing, and big data, are being applied in digital transformation, enterprise IT architecture is moving towards a hybrid framework of “traditional IT + private cloud + public cloud + edge”. This report provides an in-depth outlook on the development of the data storage industry.

Thank you for submiting your email address. Press the button below to download the pdf.

Zero Trust Data Security for Dummies

Thank you for submiting your email address. Press the button below to download the pdf.