Tag: dora
-
Digitale Souveränität ist mehr als eine Standort-Frage
Daten in Europa zu speichern macht Unternehmen noch lange nicht digital souverän. Im Gespräch mit Netzpalaver erläutert Pantelis Astenburg, Vice President of Sales DACH bei Versa, warum echte digitale Souveränität weit über den Speicherort von Daten hinausgeht, welche Rolle SASE-Architekturen für Sicherheit und Compliance spielen und weshalb Unternehmen angesichts von NIS2, DORA und geopolitischen Risiken…
-
Navigating SEC, NIS2, and DORA incident disclosure timelines under pressure
In this Help Net Security video, Rick Goud, Global Field CTO at Kiteworks, discusses how to handle SEC, NIS2, and DORA disclosure timelines during a security incident. He … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/17/incident-disclosure-timelines-video/
-
Identity Governance und KI-Agenten: Interview mit Dr. Heiko Klarl, CEO von Nexis
In dem Interview erläutert Dr. Klarl, warum Identity Governance angesichts des wachsenden Drucks durch KI-Agenten, DORA und NIS2 grundlegend überdacht werden muss. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/identity-governance-und-ki-agenten-interview-mit-dr-heiko-klarl-ceo-von-nexis/a45358/
-
EU organizations buckle under rising compliance pressure
Cybersecurity governance in the EU is shifting under expanding frameworks such as NIS2 and DORA, while AI raises new questions for security teams. What the future brings is … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/01/antonija-vojnovic-span-cybersecurity-governance-challenges/
-
Wie KI und Mythos die Lage um die DSGVO, NIS2 und DORA verschärfen
Acht Jahre nach Einführung der DSGVO und angesichts neu hinzugekommener Regularien zur Cyberresilienz wie NIS2 oder DORA stehen Datensicherung und damit Datenschutz erneut vor neuen Anforderungen. KI-Modelle wie Anthropics Mythos werden zu einem drastischen Anstieg von Datenschutzvorfällen führen. Es ist wichtig, dass Unternehmen, Organisationen oder Behörden mehr tun, um die Folgen von Sicherheitsvorfällen besser und effizienter…
-
10 wichtige CloudTools für Unternehmenssicherheit und Audit-Bereitschaft
Cloud-Compliance im Jahr 2026 ist weit mehr ist als die Vorbereitung auf Audits: In hybriden und Multi-Cloud-Umgebungen wird sie zum zentralen Maßstab für operative Resilienz, Risikotransparenz und regulatorische Sicherheit. Unternehmen stehen unter wachsendem Druck, Anforderungen aus Frameworks wie NIST, ISO27001, SOC2, PC DSS, HIPAA, DSGVO, NIS2 und DORA kontinuierlich nachzuweisen und zwar in Echtzeit […]…
-
Ten years later, has the GDPR fulfilled its purpose?
Tags: access, ai, breach, business, china, cio, compliance, data, data-breach, dora, finance, flaw, framework, GDPR, governance, government, international, jobs, law, mobile, office, privacy, regulation, risk, service, technology, tool, trainingFernando Maldonado, technology advisor at Foundry. MuleSoft. Gray areas remain: Still, if anything has been demonstrated in the decade since its entry into force, it’s that the GDPR still has a long way to go.Miguel Recio, president of APEP.IA (Spanish Professional Association for Privacy), argues that some of the limitations that have been exposed about the…
-
DORA and the Practical Test of Operational Resilience
By Alan Stewart-Brown, VP EMEA, Opengear Disruption in financial services rarely follows a clean script. A misconfiguration, a spike in malicious traffic, or a poorly timed change can cascade across platforms and teams, particularly where systems and suppliers are tightly coupled. When that chain reaction starts, the challenge is rarely identifying the fault. It The…
-
DORA and the Practical Test of Operational Resilience
By Alan Stewart-Brown, VP EMEA, Opengear Disruption in financial services rarely follows a clean script. A misconfiguration, a spike in malicious traffic, or a poorly timed change can cascade across platforms and teams, particularly where systems and suppliers are tightly coupled. When that chain reaction starts, the challenge is rarely identifying the fault. It The…
-
DORA and operational resilience: Credential management as a financial risk control
Tags: access, authentication, breach, control, credentials, dora, finance, regulation, resilience, riskArticle 9 of DORA makes authentication and access control a legal obligation for EU financial entities. Here is what the regulation requires, and what a breach looks like when those controls are missing. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/dora-and-operational-resilience-credential-management-as-a-financial-risk-control/
-
When Mythos Finds Thousands of Zero-Days, EU Regulators Won’t Wait for Your SOC to Catch Up
Can your SOC triage thousands of Mythos findings in 24 hours? NIS2, CRA, and DORA are all waiting. Miss one clock and the penalties begin. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/when-mythos-finds-thousands-of-zero-days-eu-regulators-wont-wait-for-your-soc-to-catch-up/
-
DORA in der Praxis – Wie die isländische RB Bank ihre Backup- und Security-Architektur modernisiert
First seen on security-insider.de Jump to article: www.security-insider.de/wie-die-islaendische-rb-bank-ihre-backup-und-security-architektur-modernisiert-a-946af1e02f2ef1ad19c7674cf16e1764/
-
Von formaler Compliance zu echter Cybersicherheit im Finanzsektor
Warum DORA auch eine Architekturfrage ist und was das für Banken und Versicherungen bedeutet. Die Anforderungen an die digitale Widerstandsfähigkeit von Banken und Versicherungen steigen. Mit dem Digital Operational Resilience Act (DORA) hat die Europäische Union einen verbindlichen Rahmen geschaffen, um IT-Risiken, Cyberangriffe und Abhängigkeiten von Drittdienstleistern zu adressieren. Doch regulatorische Konformität schafft… First…
-
6 key trends reshaping the IAM market
Tags: access, ai, attack, authentication, ciso, compliance, corporate, cyber, cybersecurity, data, dora, finance, framework, governance, government, Hardware, iam, identity, mfa, mobile, network, nis-2, passkey, password, PCI, phone, regulation, saas, service, startup, strategy, technologyPasswordless authentication on the rise: Passwords have long been the weakest link in most security architectures.Many mobile phones and laptops already use biometrics for authentication, and the user experience is typically far better than typing a long and complex password into an interface.The growing uptake of passwordless authentication (FIDO2/passkeys, biometrics) is redefining the scope of…
-
6 key trends reshaping the IAM market
Tags: access, ai, attack, authentication, ciso, compliance, corporate, cyber, cybersecurity, data, dora, finance, framework, governance, government, Hardware, iam, identity, mfa, mobile, network, nis-2, passkey, password, PCI, phone, regulation, saas, service, startup, strategy, technologyPasswordless authentication on the rise: Passwords have long been the weakest link in most security architectures.Many mobile phones and laptops already use biometrics for authentication, and the user experience is typically far better than typing a long and complex password into an interface.The growing uptake of passwordless authentication (FIDO2/passkeys, biometrics) is redefining the scope of…
-
6 key trends reshaping the IAM market
Tags: access, ai, attack, authentication, ciso, compliance, corporate, cyber, cybersecurity, data, dora, finance, framework, governance, government, Hardware, iam, identity, mfa, mobile, network, nis-2, passkey, password, PCI, phone, regulation, saas, service, startup, strategy, technologyPasswordless authentication on the rise: Passwords have long been the weakest link in most security architectures.Many mobile phones and laptops already use biometrics for authentication, and the user experience is typically far better than typing a long and complex password into an interface.The growing uptake of passwordless authentication (FIDO2/passkeys, biometrics) is redefining the scope of…
-
6 key trends reshaping the IAM market
Tags: access, ai, attack, authentication, ciso, compliance, corporate, cyber, cybersecurity, data, dora, finance, framework, governance, government, Hardware, iam, identity, mfa, mobile, network, nis-2, passkey, password, PCI, phone, regulation, saas, service, startup, strategy, technologyPasswordless authentication on the rise: Passwords have long been the weakest link in most security architectures.Many mobile phones and laptops already use biometrics for authentication, and the user experience is typically far better than typing a long and complex password into an interface.The growing uptake of passwordless authentication (FIDO2/passkeys, biometrics) is redefining the scope of…
-
How EU Regulations Are Reshaping SOC Operations
NIS2, DORA, and the AI Act are rewriting the rulebook for Security Operations Centers. Here’s what you need to know and do. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/how-eu-regulations-are-reshaping-soc-operations/
-
How EU Regulations Are Reshaping SOC Operations
NIS2, DORA, and the AI Act are rewriting the rulebook for Security Operations Centers. Here’s what you need to know and do. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/how-eu-regulations-are-reshaping-soc-operations-2/
-
Should Cloud Be Classed as Critical Infrastructure?
Tags: access, authentication, banking, breach, business, cloud, compliance, computing, container, control, cyber, cybersecurity, data, dora, encryption, fido, finance, framework, governance, Hardware, healthcare, identity, incident, infrastructure, mfa, network, nis-2, radius, regulation, resilience, risk, saas, service, strategy, supply-chain, technologyShould Cloud Be Classed as Critical Infrastructure? madhav Thu, 03/05/2026 – 09:53 Over the past few years, large-scale cloud outages have demonstrated just how deeply digital services are woven into the fabric of modern society. When widely used cloud platforms experience disruption, the impact extends far beyond individual applications; banking services stall, transport systems falter,…
-
MSP Strategic Defense: Building Compliance on Dynamic Attack Surface Reduction
Tags: attack, compliance, control, cyber, defense, dora, HIPAA, insurance, ISO-27001, msp, nis-2, PCI, regulation, soc, supply-chain<div cla Compliance expectations across SMB markets are rising as supply chain regulations and cyber insurance requirements raise the baseline for security maturity. Regulatory standards such as CIS Controls v8, the NIS2 Directive, ISO 27001, SOC 2, PCI DSS, HIPAA, Cyber Essentials, CMMC 2.0, DORA, and the Essential Eight now shape what that baseline looks…
-
Is Your GRC Program Really Reducing Risk?
CISO Sean Atkinson on Moving From ‘GRC Theater’ to Continuous GRC Engineering. As NIST, ISO, SOC 2, NIS2 and DORA expand compliance pressure, many organizations are optimizing for audit success instead of risk reduction. Sean Atkinson warns that “GRC theater” creates false confidence. Adversaries operate continuously and so should GRC engineering, he said. First seen…
-
When DORA Goes From Afterthought to Commercial Imperative
If you had asked me in 2024 how seriously firms were taking DORA, my honest answer would have been that only around the top 20 per cent of impacted organisations were truly focused on it. These were typically the more risk averse, forward thinking businesses that tend to move early on regulatory change. Even then,…
-
Outages Happen to Everyone. Building a Resilient Architecture Doesn’t Have to Be Hard.
Tags: access, ai, attack, breach, business, cloud, compliance, computing, container, control, csf, cyberattack, data, defense, detection, dora, encryption, finance, framework, government, nist, regulation, resilience, service, software, strategy, technologyOutages Happen to Everyone. Building a Resilient Architecture Doesn’t Have to Be Hard. madhav Tue, 02/03/2026 – 05:21 No company is spared the pain of outages. But their impact can be mitigated by how resilient you build your business architecture. And who you choose to partner with can significantly determine how effective that will be.…
-
1. Jahrestag im Kontext Digitaler Operationaler Resilienz
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/dora-1-jahrestag-kontext-digital-operational-resilienz
-
Securing the Future: Practical Approaches to Digital Sovereignty in Google Workspace
Tags: access, attack, ciso, cloud, compliance, computing, container, control, data, defense, dora, email, encryption, GDPR, google, Hardware, healthcare, identity, infrastructure, law, malware, network, privacy, regulation, resilience, risk, service, software, strategy, zero-trustSecuring the Future: Practical Approaches to Digital Sovereignty in Google Workspace madhav Thu, 01/22/2026 – 04:35 In today’s rapidly evolving digital landscape, data privacy and sovereignty have become top priorities for organizations worldwide. With the proliferation of cloud services and the tightening of global data protection regulations, security professionals face mounting pressure to ensure their…
-
What a Year of DORA Reveals About Cyber Resilience
<div cla It’s now been a full calendar year since the European Union’s Digital Operational Resilience Act (DORA) became enforceable in January 2025, marking a clear shift in how regulators expect organizations to manage digital risk. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/what-a-year-of-dora-reveals-about-cyber-resilience/
-
DORA penetration testing and threat-led exercises explained
The Digital Operational Resilience Act (DORA) introduces a unified framework for managing ICT risk across the European financial sector, with key requirements, including penetration testing, coming into force in 2026. Its aim is to ensure that regulated organisations, and the critical third-party providers they rely on, can withstand, respond to and recover from operational disruptions.”¦…
-
Ransomware-Banden erpressen Opfer mit Compliance-Verstößen
Ransomware-Gruppen setzen ihre Opfer vermehrt mit Compliance-Verstößen unter Druck.Ransomware-Attacken zählen nach wie vor zu den häufigsten Angriffsmethoden. Wie aktuelle Analysen zeigen, drohen Cyberbanden ihren Opfern nun vermehrt damit, Verstöße gegen Vorschriften wie die DSGVO an die Aufsichtsbehörden zu melden.So haben Forscher des Security-Anbieters Akamai bereits in den vergangenen zwei Jahren einen zunehmenden Trend bei dieser…
-
NIS2, KRITIS, ISO und DORA verlässlich einhalten: Wie digitale Zwillinge die IT-Compliance sichern
Ob NIS2, KRITIS, ISO oder DORA das regulatorische Umfeld für den Betrieb von IT-, Rechenzentrums- und Netzwerkinfrastrukturen war noch nie so dynamisch wie heute. Um die steigenden Compliance-Anforderungen erfolgreich zu meistern, sind Verantwortliche auf intelligente Lösungen und Tools angewiesen. Eine wichtige Rolle hierbei spielt ein digitaler Zwilling der Infrastruktur. Er ermöglicht eine hohe strategische… First…