All Events and Webinars

European DORA and The Importance of Being Prepared Webinar

Financial Services
Technology and Software
Leadership and Resilience
Supply Chain and Third Party Risks
Incident Response and Recovery
Data Security and Privacy
June 14, 2023
Show Notes
Timestamps
DORA is changing operational resilience from a compliance exercise into a board-level business obligation for financial services. This session explains what the regulation requires, how it connects to GDPR and NIS2, and where firms are struggling most in practice. Viewers will learn the key steps to strengthen governance, supplier oversight, incident readiness, and security architecture before regulators force the issue for them.

In-House Specialists

Ronan Murphy

Founder and Executive Chairman
View More

External Speakers

Rosa Palma

Former GRC Manager
View parter ecosystem

Khalid Khan

GRC Expert
View parter ecosystem

Key Strategic Takeaways

Does DORA Standardise What Good Security Actually Means?

DORA exists to remove ambiguity across EU financial institutions by defining a consistent baseline for operational resilience. Instead of vague expectations, it provides a clear framework for how far organisations need to go to manage risk. This shifts security from interpretation to execution, reducing room for “good enough” compliance.

Does DORA Expand Focus Beyond Data Protection to Service Integrity?

While GDPR focuses on personal data, DORA extends into operational continuity, system integrity, and service reliability. It introduces stronger emphasis on maintaining trust in financial systems, not just protecting information. Organisations must now secure not only data, but also the availability and authenticity of the services that depend on it.

How Does Accountability Move to the Board Level Under DORA?

DORA forces senior leadership to take ownership of cyber and operational risk, eliminating the ability to delegate responsibility entirely to IT or security teams. Risk management must become a real decision-making process, not a checkbox exercise. This creates direct accountability for how organisations prepare for, respond to, and recover from incidents.

Why Is Third-Party Risk a Core Control Challenge Under DORA?

Financial institutions rely heavily on vendors, cloud providers, and partners, but visibility into these environments is often limited. DORA requires stronger oversight, contractual controls, and continuous monitoring of third-party risk. Organisations must assume supplier risk is part of their own attack surface and manage it accordingly.

Does Resilience Require Integrated, Not Siloed, Security?

DORA cannot be implemented through isolated compliance or security initiatives. It demands coordination across risk, IT, security, legal, procurement, and business operations to ensure consistent controls and rapid response capability. Approaches like Zero Trust and SASE help by unifying access control, visibility, and enforcement into a single operational model.

How Does AI Enhance Defence by Automating Detection and Analysis?

In security operations, AI is already reducing manual workload by correlating alerts, analysing behaviour, and accelerating investigation. This allows analysts to focus on higher-value decisions rather than repetitive triage tasks. The real value of AI lies in speed, scale, and consistency of detection, not autonomous decision-making.

No items found.
  • 00:00 Intro to DORA and regulatory landscape
  • 03:14 Why DORA exists (harmonisation across EU)
  • 05:52 DORA vs GDPR (data vs operational resilience)
  • 08:46 Comparison to SOX / PCI / past regulations
  • 11:59 Accountability shifting to leadership (real consequences)
  • 14:38 DORA timeline and urgency (deadline Jan 2025)
  • 19:48 Challenges: skills shortage, complexity, risk sprawl
  • 21:00 First steps: asset classification, risk baseline, BIA
  • 25:37 What SASE is and why it matters
  • 28:27 Who DORA applies to + future expansion
  • 31:58 Global impact beyond EU (benchmark effect)
  • 35:00 Consolidation, simplification, standardisation theme
  • 40:27 Forcepoint approach (platform consolidation + data focus)
  • 44:39 Staying current with regulations
  • 46:23 Key gaps: third-party risk + authenticity requirement
Watch More
Compliance and Risk

Protecting Critical Infrastructure | Palo Alto & Smarttech247 on Cyber Resilience

Smarttech247 and Palo Alto discuss the increasing cyber threats targeting critical infrastructure and essential services.
Watch Now

Seasonal Cybersecurity Risks for Transport Webinar

Smarttech247 leaders discuss transportation cybersecurity, focusing on OT security, digital twins, evolving threats, third-party risk, and resilience.
Watch Now

HSE Ransomware Attack and the Future of Cybersecurity in Ireland

Cybersecurity leaders discuss HSE ransomware attack and a path forward for Ireland, focusing on resilience, regulation, maturity models, and public awareness
Watch Now

Ready to scale your security and compliance operations?

We protect your on-premise/cloud/OT environments - 24x7x365

Talk to Our Experts