end-point
ANALYSIS third parties , they ’ ll need to dedicate around-theclock attention . It ’ s not a one-and-done deal , it will be a reiterative and continual process to achieve compliance consistently across all providers .
Sure , it ’ ll require a significant amount of resources to completely map out all of your third-party providers and introduce those contractual safeguards , but it ’ ll serve double duty . Not only will you ensure compliance , but you ’ ll also cement robust data resilience as a backbone of your organisation ’ s incident response plans . Last year alone , the cost of downtime for financial services organisations was US $ 152 million . So , if the worst does happen , you ’ ll want to be able to bounce back as quickly as possible or face adding to that number this year .
There are of course other benefits to compliance , primarily the avoidance of any consequences . DORA in particular comes hand in hand with European Supervisory Authorities ( ESAs ) that will regularly check for compliance and hand down any relevant repercussions . For financial services , if their external critical software providers don ’ t comply in time ,
It ’ ll require a significant amount of resources to completely map out all of your third-party providers .
they could face anything from a fine of 2 % of their annual turnover to criminal charges .
So yes , DORA compliance can ’ t bulletproof you against every threat out there , but being able to prove that everything is in place and that it all works within the defined time frames , will set you up to recover as swiftly as possible from cyberattacks . And , perhaps more prudently , it ’ ll prevent you from incurring any of the severe consequences attached to non-compliance . Organisations need to step it up a notch when it comes to DORA compliance and , most importantly , ensure their third parties are along for the ride .
74 WWW . INTELLIGENTCISO . COM