Navigating DORA: Compliance Through Cyber Resilience

In this episode, host Raghu Nandakumara sits down with Tristan Morgan, Managing Director Cyber Security at BT Group, and Mark Hendry, Digital Services Partner at Evelyn Partners to discuss DORA regulations and compliance in the financial services sector. They discuss the interplay between regulatory standards like NIS2 and DORA, the importance of proportionality and operational resilience, and the broader adoption of principles such as Zero Trust. 

Learn more on how to achieve DORA compliance: Illumio.com/dora

Learn strategies for DORA compliance in this ebook: https://www.illumio.com/resource-center/zero-trust-segmentation-dora 

--------

"If you did a search on DORA and looked for the word segmented, ss in micro-segmentation, instantaneous severing of elements of the network in order to contain and what have you, it's in there. It's absolutely in there. So, you just need to know what you're looking for and you'll find it. And Zero Trust will evolve. It might evolve into a different name or a different set of characteristics that we seek to achieve, but DORA should last. And we might find terms like Zero Trust start to pop up in regulatory technical standards or implementing technical standards that accompany it, but it's absolutely in there because it's such a good way to protect our organizations from harm, the types of harm that we've talked about." - Mark 

"If you were to build something completely separate and ask all businesses to comply with something that was different, not only would there be significant cost, I think actually you get much greater resistance. Whereas, these regulations like DORA actually build upon industry-recognized best practices that many businesses are already adopting to a degree, and it actually is sensible, but it also makes the barrier to compliance less." - Tristan

--------

Time Stamps 

(04:22) Current cyber threat landscape 

(11:02) Operational resilience and cyber resilience

(12427) Compliance and regulatory standards 

(15:22) A historical look at compliance 

(25:58) The tipping point for the EU to prioritize operational resilience

(36:48) What differentiates DORA from other legislation? 

(44:24) The role of Zero Trust within DORA 

 --------

Sponsor

Assume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company. 

Learn more at illumio.com.

--------

Links

Connect with Tristan on LinkedIn

Connect with Mark on LinkedIn