Dora

WHEN

The new EU legislation will apply from January 17th 2025. That means time is running out to get your house in order or you may face embarrassing repercussions, financial penalties or criminal sanctions.

WHAT?

DORA is the primary regulatory initiative by the EU to coordinate ICT risk requirements throughout Europe. DORA is all about resilience and mitigating reasonably identifiable risks. How resilient is your organisation to a cyber breach? What measures are in place to respond and recover from cyber-attacks?

WHO IS AFFECTED?

The legislation is aimed at the financial sector and its critical ICT providers, for example, banks, investment and insurance brokers plus their ICT suppliers. The  onus is on the company leadership to comply with  the Act.

Therefore, members of the C-Suite and management teams may be personally responsible. We expect to see heavy penalties of up to 1% of the company’s global turnover applied throughout 2025.

WHY?

The Act provides a comprehensive framework for ICT  risk management to mitigate the risk of a liquidity issue arising in Europe.

HOW?

DORA is a risk-based approach, balancing technical and processing controls by assessment, validation, monitoring and management.

THE FIVE PILLARS

OF DORA

Risk Management

Business continuity and disaster recovery plans are a must

Incident Reporting

Cybersecurity and reporting processes are a requirement

Digital Operational Resiliency Testing

Annually, including re-mediation plans

ICT Third-Party Risk

ICT Third-Parties subject to EU oversight

Information & Intelligence Sharing

Encouraged to share threat information and intelligence

STRYVE CAN HELP YOU

MANAGE YOUR
RISK WITH...

  • Risk Assessment
  • Cyber Awareness Training
  • Disaster Recovery Planning
  • Back-up
  • Pen Testing
  • ISO Consultancy

HOW TO GET
IN TOUCH