Safeguarding Financial Institutions: Cyber Resilience under DORA
The financial sector has grappled with escalating cyber threats posing significant risks to operational resilience and customer trust. In response, the European Union (EU) has introduced the Digital Operational Resilience Act (DORA), a comprehensive regulatory framework aimed at fortifying the cyber security posture of financial institutions across the region. At the core of DORA, organisations are required to create and uphold robust cyber resilience strategies. This is crucial in effectively navigating the constantly changing realm of digital risks.
Understanding DORA: A transformative regulation
The Digital Operational Resilience Act (DORA) is a pioneering EU regulation that establishes a binding framework for information and communication technology (ICT) risk management within the financial sector. Effective 17th January 2025, DORA mandates that all financial entities, including traditional institutions like banks, investment firms, and emerging entities like crypto-asset service providers, adhere to stringent technical standards for their ICT systems.
DORA’s mission is to enhance operational resilience – the ability to provide reliable and secure services to customers, even in the face of disruptive events. This encompasses regulatory compliance and the critical challenge of cyber security. Financial institutions must define and test their business recovery processes, service levels, and recovery times to withstand and rapidly recover from severe disruptions.
The evolving landscape of cyber threats
The financial sector has long been a prime target for cyber criminals, with the average cost of a data breach reaching a staggering $9.48 million in the United States, according to the IBM Cost of Data Breach Report 2023. Moreover, organisations typically take an average of 277 days to identify and contain a breach, leaving them vulnerable to prolonged disruptions and reputational damage.
As cyber attack techniques become increasingly sophisticated and malicious, traditional recovery plans like standard disaster recovery solutions are no longer adequate. Ransomware, in particular, has emerged as a formidable threat, with the potential to encrypt critical data and cripple business operations. Therefore, financial institutions must adopt a more comprehensive approach to cyber resilience beyond conventional backup and disaster recovery strategies.
Cyber resilience: A holistic approach
Cyber resilience is vital for operational resilience, protecting data and ensuring business continuity against cyber threats. A cyber-resilient solution is part of the overall resilience strategy, typically housed in an isolated environment. When this isolated recovery environment is coupled with standard disaster recovery, it offers several key benefits, including:
- Strengthened security: It enhances security based on your specific requirements and helps meet compliance requirements.
- Customisation and flexibility: It allows for implementing complex recovery workflows tailored to your applications’ needs.
- Enhanced testing and validation: It offers more control and flexibility for comprehensive testing and validation of recovery procedures.
IBM’s cyber resilience best practices
As financial institutions navigate DORA compliance, IBM’s infrastructure solutions offer a comprehensive approach to managing cyber resilience. IBM’s best practices for cyber resilience include:
- Air-gapped protection: Implementing air-gapped protection as a fail-safe against malware propagation, ensuring the integrity of backup data.
- Immutable storage: Leveraging immutable storage to prevent the corruption or deletion of backup data is a critical safeguard against ransomware attacks.
- Automated recovery: Incorporating automation and orchestration technologies as part of the incident response and recovery process, streamlining the ability to restore operations rapidly.
- Separation of duties: Establishing a clear separation of duties between disaster recovery and security teams, reinforcing the overall resilience strategy.
- Integrated cloud-based solutions: Integrating on-premises infrastructure with cloud-based recovery environments provides a unified and consistent data protection and recovery approach.
By adopting these best practices, organisations can develop a robust cyber resilience strategy that meets DORA’s requirements, enhances operational resilience, and safeguards customers’ trust.
Organisations can develop a robust cyber resilience strategy that meets DORA's requirements, enhances operational resilience, and safeguards customers' trust. Share on XCompliance and resilience
DORA’s emphasis on operational resilience underscores the critical need for financial institutions to adopt a comprehensive, unified approach to compliance and cyber resilience. IBM’s infrastructure solutions, including IBM Cloud Cyber Recovery, provide the flexibility and expertise required to deliver trusted, DORA-compliant cyber-resilient solutions, regardless of the production environment.
By combining standard disaster recovery, backup solutions, and an isolated recovery environment in the IBM Cloud, organisations can achieve a highly customised, flexible, and resilient recovery solution. This integrated approach ensures that the entire infrastructure is protected and recoverable, addressing the complex requirements of DORA while enhancing the overall effectiveness and control of the organisation’s resilience strategy.
Preparing for DORA compliance
As the January 2025 DORA compliance deadline approaches, financial institutions must swiftly assess their current capabilities, identify gaps, and implement the necessary changes to meet the regulation’s stringent requirements. This process involves:
- Conducting a comprehensive risk assessment: Entities must perform thorough business impact analyses to assess the potential impact of specific scenarios and severe disruptions on their operations.
- Defining recovery objectives: Organisations must clearly define the business recovery process, service levels, and recovery times that are acceptable for their operations, ensuring alignment with DORA’s expectations.
- Implementing robust cyber security measures: Financial institutions must implement appropriate cyber security protection measures, including advanced solutions that address the unique challenges of evolving cyber threats.
- Establishing an isolated recovery environment: Deploying an isolated recovery environment, in addition to standard disaster recovery, is crucial for safeguarding against malware propagation and ensuring the availability of a clean, recoverable data set.
- Conducting periodic testing and validation: Regular testing and validation of recovery procedures are essential to ensure the effectiveness and ability of the organisation’s resilience strategy to meet DORA’s requirements.
Embracing the power of collaboration
Navigating the complexities of DORA compliance and developing a comprehensive cyber resilience strategy requires a collaborative approach. Financial institutions should seek out trusted partners, like IBM, who can provide expertise, infrastructure, and solutions to address their unique challenges.
By leveraging IBM’s comprehensive suite of infrastructure solutions and cyber resilience best practices, organisations can seamlessly integrate on-premises and cloud-based resources, ensuring a unified and consistent recovery solution that meets DORA’s stringent requirements. This collaboration empowers financial institutions to focus on their core business objectives while entrusting their cyber resilience needs to a reliable, experienced partner.
Securing the future
By integrating standard disaster recovery, backup solutions, and a separate recovery environment within the IBM Cloud, organisations can achieve a highly tailored, adaptable, and robust recovery solution. The separate recovery environment offers additional choices for recovery, customisation, security, integration, and adherence to regulations. This improves the overall efficiency and management of the resilience strategy while ensuring compliance and support for regulations such as DORA. All these elements work harmoniously to safeguard the continuity of your organisation’s operations.
For more information, please contact us.