How DORA Can Boost Business Performance

Published:

Preparing for DORA: Insights from Elio Networks’ Philip Russell

As the European Union gears up for the full enactment of the Digital Operations Resilience Act (DORA) in January 2025, businesses across the continent are facing a critical juncture. Philip Russell, Sales and Commercial Director at Elio Networks, emphasizes that while DORA may initially appear to be a regulatory burden, it presents a unique opportunity for companies to enhance their operational resilience and bolster their reputations.

Understanding DORA: A New Regulatory Landscape

DORA is designed to ensure that financial entities and their IT service providers maintain robust resilience in their systems. Officially introduced earlier this year, the regulation aims to address the increasing reliance on digital operations within the financial sector. Companies must now prioritize their operational resilience, which is crucial for maintaining service delivery to customers. As Russell points out, the clock is ticking, and organizations must take a proactive approach to identify weaknesses in their systems and potential threats to their operations.

The Importance of Cybersecurity and Connectivity

At the heart of DORA’s requirements is the necessity for robust cybersecurity measures and a reliable, always-on internet connection. Russell stresses that businesses must identify and address any vulnerabilities within their IT infrastructure that could jeopardize their operations. The stakes are high; failure to comply with DORA can result in significant fines, amounting to 1% of the previous year’s revenue. Therefore, investing in improvements to meet these standards is not just prudent—it’s essential.

Reputation: The Double-Edged Sword

Beyond the financial implications of non-compliance, Russell highlights the reputational risks associated with failing to meet DORA’s standards. In his experience within the financial services sector, he has witnessed firsthand the damage that can occur when a company loses customer confidence. Conversely, organizations that successfully comply with DORA can enhance their reputation, signaling to customers, partners, and suppliers that they are trustworthy and professional.

The Role of Connectivity in Operational Resilience

In today’s digital landscape, where operations are increasingly cloud-based, connectivity is paramount. Russell notes that having a single internet connection poses a significant risk; if that connection fails, operational resilience is compromised. DORA aims to mitigate this risk by encouraging businesses to work with network operators to establish redundancy in their connectivity solutions.

A Broader Regulatory Context

DORA is part of a larger trend of regulatory frameworks, including GDPR, NISD, and NIS2, all aimed at enhancing security and resilience within organizations. These regulations collectively push companies to take ownership of their security policies at the executive level, ensuring that effective measures are in place to protect their operations.

Steps to Compliance: A Holistic Approach

For organizations operating in the financial sector, including ICT providers, meeting DORA’s standards is non-negotiable. Russell advises businesses to take a holistic approach to compliance. This involves conducting thorough audits of their wide area network infrastructure and assessing the resilience of their current providers. Companies that outsource their IT services must ensure that their managed service providers conduct threat-led penetration testing to identify and address vulnerabilities.

Planning for the Future: The Time to Act is Now

As Russell emphasizes, the time to plan for DORA compliance is now. Organizations should begin with a comprehensive audit of their disaster recovery strategies and collaborate with partners to enhance their infrastructure. For example, if a company relies on a fiber connection, it should also have a fixed wireless backup in place to prevent total operational failure in the event of a compromise.

Conclusion: Embracing the Challenge

In conclusion, while the Digital Operations Resilience Act presents challenges for businesses, it also offers a valuable opportunity to strengthen operational resilience and enhance reputations. By taking proactive steps to comply with DORA, organizations can not only avoid significant penalties but also position themselves as trustworthy players in the financial sector. As Philip Russell aptly puts it, the time to act is now—businesses must prepare to meet the standards set by DORA and embrace the benefits that come with compliance.

For more insights and updates on navigating the evolving regulatory landscape, consider signing up for the Daily Brief, Silicon Republic’s digest of essential sci-tech news.

Related articles

Recent articles