The average data breach costs businesses a huge £ 3.5 million , and the risks continue to increase . From January next year , the Digital Operational Resilience Act ( DORA ) will come into play . It aims to ensure a comprehensive approach that fortifies digital infrastructures . Tim Freestone , Chief Strategy and Marketing Officer , Kiteworks , explains more .

IT IS IMPORTANT FOR BUSINESSES

TO ANALYSE

WHETHER THEIR ENTIRE DATA SUPPLY CHAIN

IS SECURE .

NFORTUNATELY , ICT-

RELATED incidents remain rampant globally . This year , millions of records will once again be affected by data breaches , with the average breach costing businesses a staggering £ 3.5 million . In light of these risks , Digital Operational Resilience Act ( DORA ) compliance is more important than ever .

Coming into play from January 17 , 2025 and enacted by the European Parliament , DORA ’ s scope extends across a broad spectrum of financial entities , from banks to investment firms , as well as any service provider offering IT and cybersecurity services to those entities . By casting such a wide net , DORA ensures a comprehensive approach that aims to fortify digital infrastructures throughout the industry . DORA will act as a guiding framework to help financial entities navigate new challenges , with the need to maintain robust cybersecurity measures at its core . So , what do businesses need to do to ensure they stay protected ?

Secure the data supply chain

It is important for businesses to analyse whether their entire data supply chain is secure . By setting out strict requirements for contracting , managing and reporting , DORA is making it essential for businesses to use DORA-compliant content communication tools .

This is often easier said than done . Third party tools , solutions and partnerships play an integral role in any organisation today . They can help staff communicate with other team members , safely access sensitive information and streamline project management tasks . However , they also introduce inherent risks that can compromise a business ’ security posture .

It is important to not only enhance the resilience of your own business ’ externally provided software , but also what your partners are using to communicate , collaborate or share content with you . Are the emails sent between the business and the supply chain secure ? Are the business ’ tools or that of its partners introducing undue cyber-risks ? Is any file sharing tool being used compliant and can ensure that any data sent is not to an unsafe third party environment ?

Know what to look for

Third party vulnerabilities could be due to inherent weaknesses in infrastructure , a lack of contingency plans for service disruptions or inadequate contractual provisions addressing cybersecurity standards . It is important to know what to look for . By identifying these vulnerabilities early on , the business can take proactive measures to mitigate risks and strengthen its overall third party risk management – enhancing overall resilience and ensuring DORA compliance in the process .

34 intelligent

. tech

Intelligent SME . tech