Dora has the financial sector on the run
By Camille Frati, Gilles Kayser, Eric Engel, Lex Kleren Switch to French for original articleFinancial sector players are preparing for the entry into force in January 2025 of European regulations designed to protect them against cyber-attacks and vulnerabilities in their information systems. This work is being accelerated because the sector has had less than two years to comply.
For several months now, this first name has been the only thing on their lips: Dora is on the conference agendas of professional associations, in the diaries of financial sector professionals and in communications from the Commission de surveillance du secteur financier (CSSF). A new darling of finance? A new episode of Dora the Explorer? The answer could not be more serious – with a hint of apprehension. Dora is the acronym for the Digital Operational Resilience Act, a European law that must be applied by all financial entities operating in the European Union.
"The aim of Dora is really to improve what we call the digital resilience of the financial sector in Europe", explains Cécile Gellenoncourt, Head of the Supervision of Information Systems and Financial Sector Professionals Support Department at the CSSF. "We tend to think of cyberattacks, and Dora covers those too, but it's not just about that. The digital resilience of an entity means that it manages to keep its IT capabilities and everything that supports its business functions up and running even in the event of a disruptive event. This could be a cyberattack or a bug, or even a physical problem in a data centre. The malevolent aspect is not the only one taken into account."
You want more? Get access now.
-
One-year subscription€185.00/year
-
Monthly subscription€18.50/month
-
Zukunftsabo for subscribers under the age of 26€120.00/year
Already have an account?
Log in