What Is The Digital Operational Resilience Act (DORA)?
TechTarget, Wednesday, March 5th, 2025
The Digital Operational Resilience Act (DORA) is a European Union regulation designed to enhance cybersecurity and ensure functional continuity of the financial sector, employing rigorous information and communications technology (ICT) standards across all EU financial entities.
DORA mandates that all impact organizational categories -- more than 20 total -- develop detailed risk management frameworks with clearly defined roles and responsibilities, underpinning the European Commission's strategy to strengthen cybersecurity within the EU financial sector.
The act complements the Network and Information Security 2 (NIS2) Directive. Both DORA and NIS2 aim to increase information security at companies, but there are significant differences between the two.
First, NIS2 is a directive that sets a goal for EU countries. However, because NIS2 is a directive and not a regulation, each EU member must adopt, apply, comply with and enforce its legislation related to the directive. Few have done so.