Search
Close this search box.

Simplifying Digital Operational Resilience for the EU Financial Sector

Share This Post

Simplifying Digital Operational Resilience for the EU Financial Sector.

Everyday activities of the financial sector are supported by complex Information and communication technology (ICT) systems supporting the introduction of many new digital services that enhance customer experience, increase the efficiencies of internal process, but at the same time introduce additional risks and vulnerabilities which may expose financial firms to cyber-attacks or other incidents that may disable important business services.

If these risks are not adequately managed, they may result in the suspension of financial services, which are frequently provided across national boundaries and have a significant impact on other businesses, industries, or even the EU economy. The possibility of such cross-border and cross-sectoral disruptions emphasizes the importance of the financial sector’s digital operational resilience.

On 27 December 2022, the Digital Operational Resilience Act (DORA) was published in the Official Journal of the European Union as a measure to enhance the overall digital operational resilience of the EU financial sector and entered into force on 16 January 2023. DORA will come into full force from 17 January 2025.

Where does DORA fit in the context of existing EU Financial Directives?

DORA applies to upwards of 22,000 financial firms covering Banking & Payment Markets, Asset Management, Investment Services, Insurance, and forms part of a wider EU Digital Finance package as well as linking with European measures on cyber security and the European strategy for data. Of course, regulation in the financial sector is not new and the Digital Operational Resilience Act DIRECTIVE sits at a higher level in the context of the DORA with the legal objective of strengthening digital operational resilience through the amendment of certain EU Financial Sector Directives, such as, CRD IV and PSD2 (Banking & Payment Markets), Solvency II (Insurance), UCITS IV and AIFMD (Asset Management) and MiFID II (Investment Services).

How will DORA compliance work in practice?

The Digital Operational Resilience Act REGULATION defines a detailed and complete framework of rules for the identification and management of ICT and Cyber risk, establishing obligations regarding periodic testing of infrastructures and the use of strategies, policies, processes, tools and reporting to address all facets of digital operational resilience. Within the regulations there are two types of standards: the regulatory technical standards (RTS), which are adopted by the Commission by means of a delegated act and the implementing technical standards (ITS), which are adopted by means of an implementing act. The ITS aim to set in place uniform reporting requirements to ensure fair conditions of competition between comparable groups of financial firms.

Digital Operational Resilience Testing

Although the level of testing needed may vary depending on the kind, size, and complexity of the financial firm under consideration, independent testing and self-assessment will always be essential to evaluate readiness for addressing ICT-related catastrophes and to spot flaws, shortcomings, and gaps in digital operational resilience. Certain financial companies will also be required to do more advanced testing at least every three years in addition to the yearly testing.

How can Cristie Data help your Digital Operational Resilience strategy?

Cristie Data bring decades of Data Management and Data Security experience into play and work with leading technology partners in areas including Zero Trust Data Protection, Managed Security Operations, large scale System Recovery and Simulated Recovery Testing. Our financial sector team can advise on appropriate technologies and processes that can simplify operational resilience testing, self-assessment regulatory reporting, and the orchestration of ICT system recovery at scale. Contact us to discuss your current challenges and milestones required in meeting the 17 January 2025 deadline.
SiteLock

Schauen Sie sich das DORA Video an

Thank you for submiting your email address. Press the button below to download the pdf.

Watch the Spectra Tape Video

Thank you for submiting your email address. Press the button below to download the pdf.

Schauen Sie sich das NIS2 Directive Video an

Thank you for submiting your email address. Press the button below to download the pdf.

Save the Data - Event Registrierung

Thank you for your registration!






Participation subject to availability.

Arctic Wolf - Security Breakfast

Thank you for your registration!





Teilnahme nach Verfügbarkeit.

Arctic Wolf - Security Breakfast Event

Thank you for your registration!





Participation subject to availability.

eBook: Transform Your Business with Mature Data Management

Thank you for submiting your email address. Press the button below to download the pdf.

Understanding LTO-9 Tape Technology – Whitepaper

Thank you for submiting your email address. Press the button below to download the pdf.

Understanding LTO-9 Tape Technology – Whitepaper

Thank you for submiting your email address. Press the button below to download the pdf.

Contact Info

Nordring 53-55, 63843 Niedernberg,
An der Burg 6, 33154 Salzkotten,
Germany

Monatliches Angebot für Cloud-Schutz anfordern

Thank you for your registration!

Wählen Sie mehrere aus, indem Sie beim Auswählen die Taste strg oder cmd drücken.

*Sie können die Anzahl der zugewiesenen Lizenzen in Microsoft 365 ermitteln, indem Sie zur Seite Microsoft 365 Admin center > Billing > Licenses navigieren.

** Die folgenden Abonnements werden von Cristie Cloud Backup für Google Workspace nicht berechnet:
Google Voice Starter (SKU ID: 1010330003)
Google Voice Standard (SKU ID: 1010330004)
Google Voice Premier (SKU ID: 1010330002)

Auf dem Weg zur intelligenten Welt – Whitepaper

Da neue Technologien wie 5G, IoT, Cloud Computing und Big Data in der digitalen Transformation eingesetzt werden, bewegt sich die IT-Architektur von Unternehmen in Richtung eines hybriden Frameworks aus „traditioneller IT + privater Cloud + öffentlicher Cloud + Edge“.

Thank you for submiting your email address. Press the button below to download the pdf.

Striding Towards the Intelligent World – White Paper

As new technologies, such as 5G, IoT, cloud computing, and big data, are being applied in digital transformation, enterprise IT architecture is moving towards a hybrid framework of “traditional IT + private cloud + public cloud + edge”. This report provides an in-depth outlook on the development of the data storage industry.

Thank you for submiting your email address. Press the button below to download the pdf.

Zero Trust Data Security for Dummies

Thank you for submiting your email address. Press the button below to download the pdf.