The to-do list by 2025
With these positives in mind, it is up to organisations to position themselves for secure future operations in the EU. But, DORA is expected to go into full effect on January 17, 2025, and for some, the to-do list may be extensive. Below, Khokhar gives his top tips for organisations that need to enact transformative change.
“I encourage organisations to start early and take comprehensive actions to comply with regulations to ensure that they’re not left behind.
“DORA is based on five pillars of resilience: ICT risk management, ICT incident reporting, digital operational reliance testing, ICT third-party risk, and information and intelligence sharing – preparations need to be centred around them.
“ICT risk management is crucial for minimising the chances of unexpected cyberattacks by requiring thorough risk assessments to proactively prevent and detect potential threats. This pillar urges each firm to implement appropriate measures, safeguarding risk management, and establishing a robust ICT risk management framework.
“To accomplish this, institutions need to first develop a comprehensive framework for identifying, classifying, and…
