Tag: dora
-
1. Jahrestag im Kontext Digitaler Operationaler Resilienz
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/dora-1-jahrestag-kontext-digital-operational-resilienz
-
Securing the Future: Practical Approaches to Digital Sovereignty in Google Workspace
Tags: access, attack, ciso, cloud, compliance, computing, container, control, data, defense, dora, email, encryption, GDPR, google, Hardware, healthcare, identity, infrastructure, law, malware, network, privacy, regulation, resilience, risk, service, software, strategy, zero-trustSecuring the Future: Practical Approaches to Digital Sovereignty in Google Workspace madhav Thu, 01/22/2026 – 04:35 In today’s rapidly evolving digital landscape, data privacy and sovereignty have become top priorities for organizations worldwide. With the proliferation of cloud services and the tightening of global data protection regulations, security professionals face mounting pressure to ensure their…
-
What a Year of DORA Reveals About Cyber Resilience
<div cla It’s now been a full calendar year since the European Union’s Digital Operational Resilience Act (DORA) became enforceable in January 2025, marking a clear shift in how regulators expect organizations to manage digital risk. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/what-a-year-of-dora-reveals-about-cyber-resilience/
-
DORA penetration testing and threat-led exercises explained
The Digital Operational Resilience Act (DORA) introduces a unified framework for managing ICT risk across the European financial sector, with key requirements, including penetration testing, coming into force in 2026. Its aim is to ensure that regulated organisations, and the critical third-party providers they rely on, can withstand, respond to and recover from operational disruptions.”¦…
-
Ransomware-Banden erpressen Opfer mit Compliance-Verstößen
Ransomware-Gruppen setzen ihre Opfer vermehrt mit Compliance-Verstößen unter Druck.Ransomware-Attacken zählen nach wie vor zu den häufigsten Angriffsmethoden. Wie aktuelle Analysen zeigen, drohen Cyberbanden ihren Opfern nun vermehrt damit, Verstöße gegen Vorschriften wie die DSGVO an die Aufsichtsbehörden zu melden.So haben Forscher des Security-Anbieters Akamai bereits in den vergangenen zwei Jahren einen zunehmenden Trend bei dieser…
-
NIS2, KRITIS, ISO und DORA verlässlich einhalten: Wie digitale Zwillinge die IT-Compliance sichern
Ob NIS2, KRITIS, ISO oder DORA das regulatorische Umfeld für den Betrieb von IT-, Rechenzentrums- und Netzwerkinfrastrukturen war noch nie so dynamisch wie heute. Um die steigenden Compliance-Anforderungen erfolgreich zu meistern, sind Verantwortliche auf intelligente Lösungen und Tools angewiesen. Eine wichtige Rolle hierbei spielt ein digitaler Zwilling der Infrastruktur. Er ermöglicht eine hohe strategische… First…
-
8 things CISOs can’t afford to get wrong in 2026
Tags: access, advisory, ai, attack, automation, awareness, breach, business, ciso, cloud, communications, compliance, control, cyber, cyberattack, cybersecurity, data, data-breach, defense, dora, encryption, finance, firmware, GDPR, healthcare, identity, incident response, india, infrastructure, injection, insurance, intelligence, iot, jobs, law, malicious, monitoring, network, privacy, ransom, regulation, resilience, risk, saas, scam, service, software, strategy, supply-chain, tactics, technology, theft, threat, tool, training, update, vulnerability, zero-trust“Identity and access controls for AI agents and AI platforms are one of the most important areas of concern for CISOs,” says Jason Stading, director at global technology research and advisory firm ISG. “Right now, permissions and access rights for AI are a black box in many areas. We will see a major push over…
-
Equifax Europe CISO: Notorious breach spurred cybersecurity transformation
Tags: access, ai, attack, authentication, awareness, breach, business, ceo, cio, ciso, cloud, computer, control, corporate, cyber, cyberattack, cybercrime, cybersecurity, data, defense, dora, espionage, finance, framework, google, government, identity, infrastructure, intelligence, network, nis-2, phishing, regulation, risk, risk-management, security-incident, service, strategy, technology, threat, updateCloud as a new technological axis: Equifax’s $3 billion migration to the cloud, “which had been brewing for about seven years” and which the company says is the largest technological investment in its history, has involved moving more than 300 systems, over 30 product families, and thousands of customers to the company’s cloud platform, Equifax Cloud, in Spain…
-
Why outsourced cyber defenses create systemic risks
Tags: access, ai, attack, backdoor, breach, business, ciso, cloud, compliance, corporate, cyber, cybercrime, cybersecurity, data, defense, detection, dora, exploit, finance, framework, GDPR, governance, government, hacker, healthcare, infrastructure, law, malicious, monitoring, moveIT, msp, nis-2, ransomware, regulation, resilience, risk, software, strategy, supply-chain, threat, tool, vulnerability, zero-trustRisk categories of outsourced IT & cybersecurity: When you outsource, responsibility shifts, but accountability never leaves you. The risks fall into clear categories. Operational risks The most basic risk is fragile continuity. In 2017, British Airways outsourced parts of its IT operations. A system outage grounded flights worldwide. The vendor contract delivered savings, but it…
-
DORA Compliance Checklist for Cybersecurity
The Digital Operational Resilience Act (DORA) is now in full effect, and financial institutions across the EU face mounting pressure to demonstrate robust ICT risk management and cyber resilience. With… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/dora-compliance-checklist-for-cybersecurity/
-
DORA Compliance Checklist for Cybersecurity
The Digital Operational Resilience Act (DORA) is now in full effect, and financial institutions across the EU face mounting pressure to demonstrate robust ICT risk management and cyber resilience. With… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/dora-compliance-checklist-for-cybersecurity/
-
DORA Compliance Checklist for Cybersecurity
The Digital Operational Resilience Act (DORA) is now in full effect, and financial institutions across the EU face mounting pressure to demonstrate robust ICT risk management and cyber resilience. With… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/dora-compliance-checklist-for-cybersecurity/
-
Compliance-Ready Cybersecurity for Finance and Healthcare: The Seceon Advantage
Tags: compliance, cybersecurity, dora, finance, framework, healthcare, HIPAA, PCI, regulation, serviceNavigating the Most Complex Regulatory Landscapes in Cybersecurity Financial services and healthcare organizations operate under the most stringent regulatory frameworks in existence. From HIPAA and PCI-DSS to GLBA, SOX, and emerging regulations like DORA, these industries face a constant barrage of compliance requirements that demand not just checkboxes, but comprehensive, continuously monitored security programs. The…
-
Vaillant CISO: NIS2 complexity and lack of clarity endanger its mission
Tags: ai, attack, awareness, business, ciso, compliance, corporate, country, cyber, cyberattack, cybersecurity, dora, email, germany, infrastructure, intelligence, network, nis-2, office, organized, phishing, ransomware, regulation, risk, service, skills, supply-chain, threat, trainingCSO Germany: The energy sector is increasingly becoming a target for cybercriminals. Experts and the Federal Office for Information Security (BSI) believe that protection in this area must be significantly increased. How do you assess the current situation?Reiß: The geopolitical tensions we are currently witnessing are leading to an increased threat level. This naturally also affects the heating…
-
Vaillant-CISO: “Starten statt Warten”
Tags: business, ciso, compliance, cyber, cyberattack, cyersecurity, dora, germany, group, international, mail, malware, nis-2, phishing, ransomware, resilience, risk, supply-chainRaphael Reiß, CISO bei Vaillant Group: “Ein moderner CISO muss nicht nur technologische Risiken managen.” Vaillant GroupDer Energiesektor gerät zunehmend in den Fokus von Cyberkriminellen. Aus Sicht von Experten und des Bundesamtes für Sicherheit in der Informationstechnik (BSI) muss der Schutz in diesem Bereich massiv erhöht werden. Wie beurteilen Sie die aktuelle Lage in Deutschland?Reiß:…
-
Vaillant-CISO: “Starten statt Warten”
Tags: business, ciso, compliance, cyber, cyberattack, cyersecurity, dora, germany, group, international, mail, malware, nis-2, phishing, ransomware, resilience, risk, supply-chainRaphael Reiß, CISO bei Vaillant Group: “Ein moderner CISO muss nicht nur technologische Risiken managen.” Vaillant GroupDer Energiesektor gerät zunehmend in den Fokus von Cyberkriminellen. Aus Sicht von Experten und des Bundesamtes für Sicherheit in der Informationstechnik (BSI) muss der Schutz in diesem Bereich massiv erhöht werden. Wie beurteilen Sie die aktuelle Lage in Deutschland?Reiß:…
-
Zentrales Zertifikatsregister – Der Dreh- und Angelpunkt regulatorischer Resilienz nach DORA
First seen on security-insider.de Jump to article: www.security-insider.de/dora-verordnung-zentrales-zertifikatsregister-finanzbranche-a-6318e5e8fda082444a0cf32b11f4d3da/
-
Mit DORA rückt das IKT-Risikomanagement in den Fokus
Der Digital-Operational-Resilience-Act (DORA) trat bereits im Januar 2025 in Kraft und führte damit einen neuen, umfassenden regulatorischen Rahmen für Finanzinstitute und kritische IKT-Dienstleister in der gesamten EU ein. Die Vorbereitungen darauf begannen bereits einige Jahre vorher und machten eine grundlegende Überarbeitung dessen nötig, wie Unternehmen Risiken in der Informations- und Kommunikationstechnik (IKT) verwalten. Sicherheitsteams suchen…
-
Mit DORA rückt das IKT-Risikomanagement immer mehr in den Fokus
DORA ist bereits in Kraft getreten, Unternehmen sollten sich jedoch nicht auf Compliance allein verlassen. Innovationszyklen orientieren sich nicht an Compliance und die Möglichkeiten der Automatisierung sind besonders im Schwachstellenmanagement durch Agentic AI groß. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/mit-dora-rueckt-das-ikt-risikomanagement-immer-mehr-in-den-fokus/a42998/
-
DORA Threat Intelligence: Von Vorschrift zur praktischen Resilienz
Mit dem Inkrafttreten des Digital Operational Resilience Act (DORA) im Jahr 2025 haben deutsche Finanzinstitute ein einheitliches Regelwerk für digitale Stabilität erhalten. DORA gilt für Banken, Versicherungen, Investmentgesellschaften, Zahlungsdienstleister und deren IT-Dienstleister. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cloud-security/dora-threat-intelligence
-
Invisible battles: How cybersecurity work erodes mental health in silence and what we can do about it
Always-on alertness Threats don’t wait. Neither does your pager. You’re expected to respond instantly, on holidays, birthdays, weekends and 2 a.m. system alerts. Even when nothing’s burning, your mind stays wired.That permanent readiness? It’s exhaustion disguised as dedication. Sleep suffers. Focus slips. And when your nervous system never gets to shut down, it starts to…
-
Invisible battles: How cybersecurity work erodes mental health in silence and what we can do about it
Always-on alertness Threats don’t wait. Neither does your pager. You’re expected to respond instantly, on holidays, birthdays, weekends and 2 a.m. system alerts. Even when nothing’s burning, your mind stays wired.That permanent readiness? It’s exhaustion disguised as dedication. Sleep suffers. Focus slips. And when your nervous system never gets to shut down, it starts to…
-
Regulatory Landscape: DMARC, GDPR, DORA What Businesses Need to Know in 2025
Originally published at Regulatory Landscape: DMARC, GDPR, DORA & What Businesses Need to Know in 2025 by Amanda E. Clark. In 2025, compliance is key to remaining in … First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/regulatory-landscape-dmarc-gdpr-dora-what-businesses-need-to-know-in-2025/
-
Digitale Souveränität: 2026 das Ende der Ausreden
Kommendes Jahr ändert sich vieles für Unternehmen, denn die EU macht ernst mit digitaler Souveränität. Die folgenden sechs Trends zeigen die Tücken und Herausforderungen, wenn Anforderungen wie NIS2 und DORA verpflichtend werden. Ab 2026 gibt es kein »Weiter so« mehr: Mit der verpflichtenden Umsetzung von NIS2 und DORA wird digitale Souveränität zur rechtlichen Realität… First…
-
Cybersecurity management for boards: Metrics that matter
Tags: ai, attack, automation, breach, business, cloud, compliance, control, cyber, cybersecurity, data-breach, deep-fake, detection, dora, finance, firewall, governance, insurance, jobs, metric, mitigation, nis-2, nist, phishing, ransomware, regulation, resilience, risk, scam, soc, threat, trainingWhy does this matter? Resilience aligns with your actual business goals: continuity, trust and long-term value. It reflects your appetite for risk and your ability to adapt. And with regulations like DORA and NIS2 pushing accountability higher up the ladder, your board is on the hook. Financial impact and continuity metrics: You can’t fight cyber…
-
Cybersicherheit ist größte Herausforderung für die Finanzbranche
Cyberangriffe stellen viele Banken und Versicherungen vor große Probleme.Systemkritische Branchen wie die Finanzindustrie geraten immer häufiger ins Visier von Cyberkriminellen. Die Anzahl der Cyberangriffe hat sich in diesem Bereich im Vergleich zum Jahr 2021 versechsfacht. Das geht aus einer aktuellen Umfrage des Beratungs- und Softwarehauses PPI hervor, für die hierzulande 50 Banken und 53 Versicherungen…
-
Resistent gegen mögliche Angriffe von Quantencomputern aus – DORA und die Auswirkungen von Quantum Computing
First seen on security-insider.de Jump to article: www.security-insider.de/dora-und-die-auswirkungen-von-quantum-computing-a-3b5bc26a4201221b62b4340cfdaa2c20/
-
Resistent gegen mögliche Angriffe von Quantencomputern aus – DORA und die Auswirkungen von Quantum Computing
First seen on security-insider.de Jump to article: www.security-insider.de/dora-und-die-auswirkungen-von-quantum-computing-a-3b5bc26a4201221b62b4340cfdaa2c20/
-
Compliance Isn’t an Annual Ritual Anymore
It’s starting to feel like 2025 is going to be the year of IT compliance. We hear about new regulations like the CRA, PLD, DORA, SSDF; as well as, updates to standards like FDA, PCI-DSS, and SSDF. If you’re a compliance nerd this has been an absolutely wild year. It seems like there’s a new……
-
AI Agents Transform Enterprise Application Development
Why DevOps, Infrastructure Must Evolve to Manage AI-Accelerated Development. A 2025 DORA report states that AI adoption improves software delivery throughput but increases delivery instability, suggesting development teams are adapting for speed while their underlying systems lag behind. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ai-agents-transform-enterprise-application-development-a-29751