CIOs And CISOs Grapple With Dora: Key Challenges, Compliance Complexities
CSO Online, Monday, February 17th, 2025
Now in force, DORA has proved challenging for many IT leaders to achieve compliance, particularly around third-party providers, suppliers, and subcontractors.
In force since January, the Digital Operational Resilience Act (DORA) has required considerable effort from CIOs and CISOs at 20 types of financial entities to achieve compliance. For many, the journey is not complete.
'In the past months, financial entities targeted by DORA have been busy internally defining roles and responsibilities related to ICT security, identifying the major risks within essential and important functions, developing a cyber threat management framework that includes policies and procedures for monitoring ICT resources, and preparing the necessary measures to ensure control of the supply chain,' emphasizes Giulia Mariuz, a lawyer at law firm Hogan Lovells.