The Digital Operational Resilience Act (DORA) is one of the most significant cybersecurity regulations for financial institutions in the European Union (EU). Failure to comply can have massive consequences, including financial penalties and forced operational downtime, meaning achieving DORA compliance should be a priority for all EU financial institutions. Implementing a comprehensive API security strategy goes a long way toward ensuring compliance with DORA requirements.

In December 2024, Malaysia passed its Data Sharing Bill 2024, a new piece of legislation aimed at streamlining data-sharing across federal government agencies. This bill promises to revolutionize how data is managed, shared, and secured within Malaysia's government, fueling a more efficient, innovative, and secure public sector.

The deadline for European Union member states to pass the new EU NIS2 regulation into national law was October 17, 2024, yet only a few countries have transposed it into law, leaving others lagging behind, with regulations in draft or public consultation phases, or not at all. In the absence of certainty for firms (or what NIS2 calls entities), confusion is understandable, but steps can be currently taken considering what we already know.

The Digital Operational Resilience Act (DORA) has been developed to protect the financial sector, which is particularly vulnerable to cyberattacks. According to the IMF’s 2024 Global Financial Stability Report, the number of cyberattacks has progressively increased since 2004, and nearly 20% of these attempts target financial institutions. DORA serves as a regulatory measure in the European Union (EU) to improve cybersecurity and operational resilience of organizations in the financial sector.

The Digital Operations Resilience Act (DORA) is a new regulation aimed at improving the cybersecurity and operational stability of the EU's financial sector, especially regarding risks related to information and communications technology (ICT). It applies to organizations in the financial industry, requiring them to reassess and adapt their security posture to DORA’s stringent requirements.

The EU is making active efforts to secure the citizens and their data. New laws are implemented and as a compliance, MFA is mandated for enterprises.

The Digital Operational Resilience Act (DORA) is a mandatory EU regulation that aims to unify various information and communications technology (ICT) risk management frameworks into one comprehensive set of guidelines and requirements. ‍ The regulation is built around five pillars that strengthen and facilitate the digital and operational resilience of entities in the finance and insurance sectors.

Given the reality of today’s cybersecurity, it is of utmost importance to have frameworks and regulations. These help both the customers and the organizations to stay protected against the cyber threats that are around us. On 17th January 2025, the Digital Operational Resilience Act (DORA), formally known as Regulation (EU) 2022/2554, came into full effect.

As of January 17, 2025, all financial entities and their information and communication technology (ICT) service providers catering to EU entities must comply with the Digital Operational Resilience Act (DORA). ‍ If you’re new to the regulation, you can reduce the potential overwhelm caused by its various requirements by using a concise compliance checklist. To help, we’ve created a robust guide that covers everything you should know, including: ‍

The Digital Operational Resilience Act (DORA) is a comprehensive EU regulation aimed at financial entities and their third-party information and communications technology (ICT) providers. ‍ As a new and largely unexplored regulation, many affected organizations are still in the process of aligning their cybersecurity and risk management processes with the framework.