The European Union (EU) will soon launch a new regulation that will require banks and firms in the global financial industry to mature their third-party risk management programs to include set cybersecurity requirements – which will also apply to the critical Information and Communication Technology (ICT) service providers they are working with.
The timeframe for meeting compliance standards will be relatively short despite the complexity expected with the new framework. Understanding the Digital Operational Resilience Act (DORA), as well as acknowledging DORA’s roadmap and timeline, is important for all eligible firms so that CIOs, CISOs, and compliance managers can start planning immediately.
Cyber risk management strategies and third-party risk management programs in particular need to evolve to address DORA’s five key pillars:
- ICT Risk Management
- ICT Incident Reporting
- Digital Operational Resilience Testing
- Information and Intelligence Sharing
- ICT Third-Party Risk Management
Download this ebook to learn more about:
What does DORA mean for your organization?
How Cybersel and BitSight can help your organization comply with DORA