Finance & Banking , Industry Specific , Standards, Regulations & Compliance

Banks Brace for DORA Cybersecurity Deadline on Jan. 17

New EU Rules Focus on Operational Resilience, Breach Reporting and Third-Party Risk
Richard Breavington, partner and head of cyber and tech Insurance, RPC

The Digital Operational Resilience Act aims to reshape the financial services industry by introducing strict cybersecurity standards. Financial institutions must comply with the new rules by Jan. 17, 2025. Failing to comply could trigger severe penalties and reputational risk, according to Richard Breavington, partner and head of cyber and tech insurance at RPC.

See Also: Forrester Top 35 Global Breaches Report: Balance Defense with Defensibility

"You really want to avoid being in that first handful of organizations that have an incident, as the response could be quite significant," Breavington said. "The financial sanctions are comparable to GDPR, and being in the crosshairs of regulators can bring serious reputational damage."

As the DORA enforcement deadline approaches, banks and other financial institutions are racing to meet the new regulations that focus on enhancing operational resilience, forcing many organizations to review their existing cybersecurity frameworks and implement significant upgrades.

The act imposes stringent requirements on financial firms to manage information and communication technology risks, report major incidents and improve third-party risk management. "These requirements are going to be mandatory," said Breavington. "Failure to engage with them is just not an option."

In this video interview with Information Security Media Group, Breavington discussed:

  • DORA's key areas, including ICT risk management and incident reporting;
  • The challenges firms face in meeting compliance deadlines;
  • The implications of noncompliance, including fines and reputational damage.

Breavington and his team specialize in cyber breach incidents and act for many clients dealing with these issues, including technology sector companies and cyber and technology insurers. He is an expert in data breach response, technology claims, cyber insurance, data-related claims, and technology errors and omissions insurance. He is a member of the Society for Computers & Law.


About the Author

Anna Delaney

Anna Delaney

Director, Productions, ISMG

An experienced broadcast journalist, Delaney conducts interviews with senior cybersecurity leaders around the world. Previously, she was editor-in-chief of the website for The European Information Security Summit, or TEISS. Earlier, she worked at Levant TV and Resonance FM and served as a researcher at the BBC and ITV in their documentary and factual TV departments.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.