// EXPERT PROFILE //
Time for businesses to explore DORA
The average data breach costs businesses a huge £ 3.5 million , and the risks continue to increase . From January next year , the Digital Operational Resilience Act ( DORA ) will come into play . It aims to ensure a comprehensive approach that fortifies digital infrastructures . Tim Freestone , Chief Strategy and Marketing Officer , Kiteworks , explains more .
“
IT IS IMPORTANT FOR BUSINESSES
TO ANALYSE
WHETHER THEIR ENTIRE DATA SUPPLY CHAIN
IS SECURE .
NFORTUNATELY , ICT-
U
RELATED incidents remain rampant globally . This year , millions of records will once again be affected by data breaches , with the average breach costing businesses a staggering £ 3.5 million . In light of these risks , Digital Operational Resilience Act ( DORA ) compliance is more important than ever .
Coming into play from January 17 , 2025 and enacted by the European Parliament , DORA ’ s scope extends across a broad spectrum of financial entities , from banks to investment firms , as well as any service provider offering IT and cybersecurity services to those entities . By casting such a wide net , DORA ensures a comprehensive approach that aims to fortify digital infrastructures throughout the industry . DORA will act as a guiding framework to help financial entities navigate new challenges , with the need to maintain robust cybersecurity measures at its core . So , what do businesses need to do to ensure they stay protected ?
Secure the data supply chain
It is important for businesses to analyse whether their entire data supply chain is secure . By setting out strict requirements for contracting , managing and reporting , DORA is making it essential for businesses to use DORA-compliant content communication tools .
This is often easier said than done . Third party tools , solutions and partnerships play an integral role in any organisation today . They can help staff communicate with other team members , safely access sensitive information and streamline project management tasks . However , they also introduce inherent risks that can compromise a business ’ security posture .
It is important to not only enhance the resilience of your own business ’ externally provided software , but also what your partners are using to communicate , collaborate or share content with you . Are the emails sent between the business and the supply chain secure ? Are the business ’ tools or that of its partners introducing undue cyber-risks ? Is any file sharing tool being used compliant and can ensure that any data sent is not to an unsafe third party environment ?
Know what to look for
Third party vulnerabilities could be due to inherent weaknesses in infrastructure , a lack of contingency plans for service disruptions or inadequate contractual provisions addressing cybersecurity standards . It is important to know what to look for . By identifying these vulnerabilities early on , the business can take proactive measures to mitigate risks and strengthen its overall third party risk management – enhancing overall resilience and ensuring DORA compliance in the process .
34 intelligent
. tech
Intelligent SME . tech