Close Menu
GeekBlog

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    Warner Bros. Shifts ‘Mortal Kombat II’ Release Date to Summer 2026

    August 30, 2025

    Magic: The Gathering PAX Panel Previews Seriously Sinister Supervillains

    August 30, 2025

    Meta will sell you refurbished Ray-Ban smart glasses for $76 off – how to find them

    August 30, 2025
    Facebook X (Twitter) Instagram Threads
    GeekBlog
    • Home
    • Mobile
    • Reviews
    • Tech News
    • Deals & Offers
    • Gadgets
      • How-To Guides
    • Laptops & PCs
      • AI & Software
    • Blog
    Facebook X (Twitter) Instagram
    GeekBlog
    Home»Tech News»DORA: six months into a resilience revolution
    Tech News

    DORA: six months into a resilience revolution

    Michael ComaousBy Michael ComaousAugust 19, 2025No Comments5 Mins Read0 Views
    Share Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
    Cybersecurity ensures data protection on internet. Data encryption, firewall, encrypted network, VPN, secure access and authentication defend against malware, hacking, cyber crime and digital threat
    Share
    Facebook Twitter LinkedIn Pinterest Email Copy Link

    There was a lot of discussion, planning, cost, and people management involved for all of those in the financial sector in bringing DORA into effect.

    In January 2025, Rubrik Zero Lab’s research reported that the strains on businesses were not always obvious. In addition to costing nearly half (47%) of businesses over a Million Euros, 79% of employees reported an impact on mental health, and 58% of CISOs reported increased stress.

    It was no secret, though; the work in preparing a business for DORA was always going to be significant. DORA’s five pillars of cybersecurity included ICT risk management, incident reporting, digital operational resilience testing, third-party risk management, and information sharing. A significant undertaking and expense for any business.


    You may like

    James Hughes

    Social Links Navigation

    VP of Solutions Engineering and Enterprise CTO at Rubrik.

    Integrating DORA

    In the last six months, financial institutions have had to pivot from preparing for DORA to actively integrating its requirements into their daily operations. The initial months have seen a strong emphasis on solidifying ICT risk management frameworks, ensuring they are comprehensive, well-documented, and continuously monitored. The tasks involve mapping critical IT assets, identifying vulnerabilities, and establishing clear risk appetite statements.

    A significant shift has been observed in incident reporting. Firms are currently facing the challenge of meeting strict requirements for classifying, notifying, and providing detailed reports on major ICT-related incidents to competent authorities within tight deadlines. These requirements have necessitated refining internal processes, improving monitoring tools, and establishing clear communication channels to ensure the timely and accurate flow of information.

    Perhaps one of the most challenging areas has been digital operational resilience testing, particularly the highly prescriptive Threat-Led Penetration Testing (TLPT). While many firms had planned for these tests, the post-go-live period has seen the initiation and execution of complex simulations that mimic real-world attacks. These tests are not just about finding vulnerabilities but assessing the institution’s ability to withstand and recover from severe disruptions, pushing internal teams and third-party testers to their limits.

    Last but not least, third-party risk management has moved from a siloed function to a central focus. DORA mandates that financial entities oversee the entire lifecycle of their reliance on critical ICT third-party providers, which includes meticulous due diligence, robust contractual arrangements, and ongoing monitoring of their third parties’ resilience.

    Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

    Many institutions have been reassessing their entire vendor landscape, identifying critical dependencies, and, in some cases, diversifying providers to mitigate concentration risk. The regulatory spotlight on critical third parties means firms are demanding greater transparency and assurance from their suppliers than ever before.

    None more so, the breadth of the regulation has also meant financial institutions have seen DORA touch almost every aspect of their businesses – IT and cybersecurity, to legal, compliance, risk, and even business operations. The human element is having an impact on upskilling and training staff, expanding roles and responsibilities, and increasing workload.

    Do you feel ready for when an attack does take place?

    After the work is undertaken to help your organization fall in line with DORA or other cybersecurity standards or regulations, the practical question to ask yourself is: ‘Do I feel resilient enough to bounce back from an attack and maintain business continuity in the wake of an attack?’

    • Putting the process in place helps, but have you road-tested it within your organization?
    • Have you thought about every eventuality? Or at least pre-planned for those you can?
    • What new risks can you identify now that you have assessed the gaps and resolved your security ecosystem?

    Inevitably, it’s not a case of if an attack will take place, but when. Working through regulations supports your journey to cyber resilience, but if the honesty, the practice and the continual testing fail, then so will your defense system.

    What does the future look like for DORA? And what does this mean on an international stage?

    The first thing to realize is that DORA is one of many cybersecurity regulations that have come into place in recent months and years. Six months after implementation is very early, and as organizational frameworks mature, businesses will continue to invest, improve and adapt their work to maintain what is in place.

    Costs, while substantial, are viewed not as mere compliance burdens but as strategic investments. The financial and reputational damage from a major cyber incident—potentially reaching into the hundreds of millions or even billions of euros in a severe scenario, not to mention regulatory fines—far outweighs the upfront investment in DORA compliance.

    DORA’s principles of robust ICT governance, rigorous testing, and vigilant third-party oversight will be critical for navigating the ever-evolving cyber threat landscape. By deeply embedding these practices into their operational DNA, financial institutions can not only meet regulatory obligations but also fortify their defenses, ensuring business continuity and maintaining customer trust in an increasingly volatile digital age.

    We list the best IT management tools.

    This article was produced as part of TechRadarPro’s Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

    DORA months resilience revolution
    Follow on Google News Follow on Flipboard
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Telegram Email Copy Link
    Previous ArticleAT&T Promo Code: Get Up to $300 in August
    Next Article I tested this Garmin sleep tracker for weeks – here’s why it replaces my smart ring for good
    Michael Comaous
    • Website

    Related Posts

    2 Mins Read

    Warner Bros. Shifts ‘Mortal Kombat II’ Release Date to Summer 2026

    4 Mins Read

    Magic: The Gathering PAX Panel Previews Seriously Sinister Supervillains

    5 Mins Read

    Meta will sell you refurbished Ray-Ban smart glasses for $76 off – how to find them

    3 Mins Read

    Garmin Fenix 8 Pro rumors swirl, and new leaks point to 4 new subscription tiers – mere months after the Connect+ debacle

    4 Mins Read

    SSA Whistleblower’s Resignation Email Mysteriously Disappeared From Inboxes

    1 Min Read

    The fight against labeling long-term streaming rentals as “purchases” you “buy”

    Top Posts

    8BitDo Pro 3 review: better specs, more customization, minor faults

    August 8, 202512 Views

    WIRED Roundup: ChatGPT Goes Full Demon Mode

    August 2, 202512 Views

    Framework Desktop Review: A Delightful Surprise

    August 7, 202511 Views
    Stay In Touch
    • Facebook
    • YouTube
    • TikTok
    • WhatsApp
    • Twitter
    • Instagram
    Latest Reviews

    Subscribe to Updates

    Get the latest tech news from FooBar about tech, design and biz.

    Most Popular

    8BitDo Pro 3 review: better specs, more customization, minor faults

    August 8, 202512 Views

    WIRED Roundup: ChatGPT Goes Full Demon Mode

    August 2, 202512 Views

    Framework Desktop Review: A Delightful Surprise

    August 7, 202511 Views
    Our Picks

    Warner Bros. Shifts ‘Mortal Kombat II’ Release Date to Summer 2026

    August 30, 2025

    Magic: The Gathering PAX Panel Previews Seriously Sinister Supervillains

    August 30, 2025

    Meta will sell you refurbished Ray-Ban smart glasses for $76 off – how to find them

    August 30, 2025

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    Facebook X (Twitter) Instagram Pinterest Threads
    • About Us
    • Contact us
    • Privacy Policy
    • Disclaimer
    • Terms and Conditions
    © 2025 geekblog. Designed by Pro.

    Type above and press Enter to search. Press Esc to cancel.