KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
The financial sector is increasingly dependent on technology and technology companies for the provision of financial services, but this makes financial services vulnerable to problems with underlying technology, including disruption caused by cyberattacks.
While these risks are partially addressed at an European Union (EU) level through general rules and financial services rules, European legislators believed that a dedicated framework to promote operational resilience in the financial sector was necessary, and the result is the Digital Operational Resilience Act (DORA), which introduces a comprehensive framework for effective risk management, cybersecurity capabilities, and third-party risk management to ensure the uninterrupted delivery of financial services.
The Network and Information Systems Directive 2 (NIS2) is the general legal framework aimed at ensuring a high common level of cybersecurity by imposing obligations on organizations to manage cyber risks, report incidents, and cooperate with authorities to improve incident response capabilities.
However, NIS2 has only partial application to finance and has been unevenly implemented in the sector across EU member states. The DORA, therefore, seeks to improve and harmonize operational resilience requirements for all EU financial entities by amending several regulations as well as overriding and extending core provisions of the NIS2 directive that cover cybersecurity measures for the protection of critical infrastructure, with specific and additional provisions for the financial sector to ensure the resilience of financial services.
In addition to addressing the five main areas of compliance required by the regulation, KuppingerCole Analysts recommends that organizations adopt the concept of a security fabric to support a consistent approach to cybersecurity and compliance with multiple laws and regulations, including the DORA.