An EU-Wide Standard for Pentesting: DORA
As of September 2020, the European Commission released a new draft framework “Digital Operational Resilience Act” (DORA) for ICT risk management that will apply to financial institutions within Europe. The goal of this framework is to create a harmonized risk management tool for improving cybersecurity and resilience. This framework aims to establish standards for organizations to increase the overall cybersecurity posture of financial institutions across the EU. The DORA covers the entire financial sector across both small and large enterprises. The final version is expected to come fully into effect by the end of 2022 depending on feedback received from market stakeholders.
In this white paper, our Security Expert David van Gool explains the main points of this new DORA framework, how this new framework applies to the financial sector & why compliancy with the DORA is very important. Read the white paper here to learn more.
Next Steps: Becoming Compliant
Interested in learning more about the DORA framework & how Secura can help you achieve compliancy with this framework? Secura provides security advice, testing, training, and certification services for our customers. This covers all aspects such as people, policies, processes, and technology. This goes beyond Internal Penetration Tests, which are the mandatory part of the DORA framework.
Additionally, Secura is one of the parties to perform TIBER Red Teaming exercises in the financial sector according to the scheme devised by the Dutch Central Bank and now rolled out across Europe in the TIBER-EU scheme. In addition to supporting firms to reach compliance, our services provide insight into security. This is our ultimate goal to support you to make the right decisions for your risk appetite.