Inhalt
The EU Parliament’s Digital Operational Resilience Act (DORA) came into force on January 16, 2023. This regulation aims to standardize the risk management for information and communication technologies (ICT) of European financial institutions and thus strengthen the resilience of these organizations against digital threats. Financial institutions and other affected companies have until January 17, 2025 to fully implement the requirements of DORA. As a law, DORA is a binding regulation with high penalties for violations identified by the supervisory authorities – including significant fines and potential personnel consequences.
A current challenge for the affected companies during implementation is the ongoing consultations on the Regulatory Technical Standards (RTS) and the Implementing Technical Standards (IST), which are only being finalized in parallel with the implementation phase.
The five core topics of DORA
The DORA Regulation covers five key topics that form the foundation of robust ICT risk management for financial institutions:
- ICT risk management: Risk management is at the heart of DORA and focuses on the protection of critical business processes. Financial institutions are required to implement comprehensive measures to identify, assess and manage ICT risks.
- Management of ICT incidents: Another focus is on dealing with ICT-related incidents. DORA defines clear requirements for classifying and prioritizing ICT incidents and for reporting these incidents to the responsible supervisory authority, such as BaFin in Germany.
- Digital Operational Resilience Testing: This area comprises the implementation of resilience tests, including threat-led penetration tests (TLPT), which specifically target the vulnerabilities of institutions. Vulnerability management is also a key component of these test measures.
- Management of third parties: DORA provides for the establishment of a standardized information register to record key ICT service providers of European financial institutions. The management of third-party providers is intended to ensure that external partners also meet the requirements for digital resilience.
- Exchange of information: The final focus relates to the exchange of security-related information between financial institutions. This cooperation should contribute to better defense and early detection of potential risks.
Effects on Security Operation Center (SOC)
With the new requirements of DORA, the responsibility of the Security Operation Center (SOC) in financial institutions to ensure the monitoring and evaluation of critical business processes around the clock is also growing. Security Information and Event Management(SIEM) plays a key role in this. SIEM systems enable cross-application monitoring and real-time evaluation of events in heterogeneous IT infrastructures.
In addition, modern EDR(Endpoint Detection and Response) and XDR (Extended Detection and Response) systems, such as Microsoft Defender, enable real-time monitoring in this context with the option of a direct response when monitoring the central IT infrastructure components.
However, in addition to analyzing log data, comprehensive security requires continuous alarm evaluation by an experienced team of security analysts . This ensures that potentially serious security incidents can be reported to the supervisory authority within the deadlines prescribed by the DORA.
SECUINFRA: Support with the implementation of DORA requirements
SECUINFRA is a competent partner for companies affected by the DORA regulation. With experienced cyber defense consultants, SECUINFRA supports the operationalization of DORA requirements in the areas of SOC and SIEM. In addition, SECUINFRA offers customized services for 24/7 managed and co-managedSOC operations, tailored to the specific needs of customers.
Conclusion
The DORA Regulation marks a milestone for the digital resilience of European financial institutions. The EU-wide uniform requirements for ICT risk management of financial institutions and the inclusion of key ICT service providers create a new basis for security and resilience in an increasingly digitalized financial world. With the support of specialized providers such as SECUINFRA, companies can successfully overcome the challenges of DORA and strengthen their digital resilience in the long term.