All Events and Webinars

DORA identity security requirements for financial services

Financial Services
Leadership and Resilience
Supply Chain and Third Party Risks
Identity and Access
Incident Response and Recovery
January 21, 2026
Show Notes
Timestamps
Financial services firms are under pressure to meet DORA requirements while facing a surge in identity-based attacks. This session breaks down how identity has become the primary attack surface, where controls like MFA fall short, and what organisations must do to improve detection, response, and reporting. It offers practical guidance on building resilience, aligning business functions, and modernising identity security in a regulated environment.

In-House Specialists

Robert Kehoe

Chief Technology Officer
View More

External Speakers

Darren Leach

UKI Sales Manager
View parter ecosystem

Key Strategic Takeaways

What Does DORA Change for Financial Services?

DORA turns operational resilience into a regulatory obligation for financial institutions and their critical third parties. It focuses not just on security controls, but on the ability to keep services running, detect incidents quickly, classify them correctly, and respond within strict reporting timelines.

Why Is Identity Central to DORA Readiness?

Identity has become one of the main attack surfaces in financial services. Credential theft, token abuse, and social engineering are driving many of the most damaging incidents. DORA does not always name identity directly, but strong authentication, access control, visibility, and anomaly detection are all essential to meeting its resilience expectations.

Why Is Operational Resilience a Business Issue and Not Just an IT Issue?

DORA pushes responsibility beyond security and infrastructure teams. Legal, operations, senior management, and business stakeholders all need to be involved because incidents are no longer just technical events, they are regulatory events with reporting, governance, and customer impact implications.

Why Must Prevention, Visibility, and Response Work Together?

Being DORA-ready means more than deploying security tools. Organisations need stronger preventive controls, but also the ability to detect unusual behaviour quickly, investigate suspicious identity activity, and respond through integrated workflows. Prevention without visibility is not enough, and visibility without response is too slow.

How Do Reporting Timelines Force Faster Classification and Coordination?

DORA’s reporting obligations, including the four-hour window after classification of a major incident, require organisations to tighten their internal processes. They need clear escalation paths, tested incident response plans, and coordination across teams so that classification, response, and regulatory communication happen without delay.

How Do Testing, Zero Trust, and Critical Application Protection Work Together?

Testing is a core part of DORA readiness. Organisations need to validate authentication flows, incident response plans, and access controls in practice, not just in policy documents. Protecting critical applications through a Zero Trust mindset, with context-aware rules and tighter access controls, is becoming increasingly important.

Do Technology and Strategy Both Need to Evolve?

Many financial organisations have used identity technologies for years, but older deployments may no longer match today’s threat landscape or DORA’s expectations. Readiness depends on reviewing strategy, modernising controls, improving integration with SOC and SIEM workflows, and continuously reassessing whether current processes can withstand targeted attacks.

No items found.
  • 00:00 Introduction to DORA and session overview
  • 00:49 What DORA covers and who it applies to
  • 01:36 Identity threats and operational resilience risks
  • 04:22 What DORA readiness looks like in practice
  • 06:26 The four-hour reporting challenge and operational change
  • 07:30 Why reporting and resilience now involve the whole business
  • 09:25 Identity-driven attacks and why they are increasing
  • 10:31 Incident response, detection, and maturity journey
  • 11:45 Modernising identity technology and improving visibility
  • 12:44 Testing requirements and Zero Trust for critical applications
  • 15:28 AI, authentication risk, and evolving identity threats
  • 17:41 Final advice for organisations preparing for DORA
Watch More
Compliance and Risk

Seasonal Cybersecurity Risks for Transport Webinar

Smarttech247 leaders discuss transportation cybersecurity, focusing on OT security, digital twins, evolving threats, third-party risk, and resilience.
Watch Now

HSE Ransomware Attack and the Future of Cybersecurity in Ireland

Cybersecurity leaders discuss the HSE ransomware attack and a path forward for Ireland, focusing on resilience, regulation, maturity models, and public awarenes
Watch Now

Ransomware Cyber Attack Simulation Webinar

Attack simulation showing a multi-stage ransomware campaign and how Cybereason detects, correlates, and responds to fileless and living-off-the-land techniques.
Watch Now

Ready to scale your security and compliance operations?

We protect your on-premise/cloud/OT environments - 24x7x365

Talk to Our Experts