end-point
ANALYSIS
Sadly , there is no quick fix . At the very minimum , every bank and financial institution in every EU Member State that falls under DORA is going to have to renegotiate many Service Level Agreement ( SLA ) with existing and new third-party partners . Financial services organisations can ’ t afford to be under any illusions , this will be a necessary but significant piece of work . Cementing DORA compliance as a pre-requisite will be essential for continued DORA compliance but will require
Third parties are one of the biggest risks to FS organisations when it comes to DORA compliance . collaborative work from across businesses . Security , risk management and legal teams will all need to band together to pull this off .
DORA ’ s double-duty for data resilience
Of course , even having DORA compliance confirmed amongst your third-party providers won ’ t make your organisation completely invulnerable to cybersecurity threats . But , it will put you in good stead when it comes to recovering from an attack . After all , regulatory compliance has never equalled complete security . DORA is more of an exercise in operational resilience improvement , which is a key piece of the puzzle for recovery from cyberattacks .
But this doesn ’ t mean that compliance should be an afterthought . For financial services organisations to achieve compliance with DORA and secure their
Andre Troskie , EMEA Field CISO at Veeam
WWW . INTELLIGENTCISO . COM 73