The Digital Operational Resilience Act (DORA) looms large on the horizon, casting its regulatory shadow over financial institutions. DORA is a European Union (EU) regulation that took effect on January 16, 2023, with full implementation starting January 17, 2025. DORA aims to bolster the IT security of financial entities such as banks, insurance companies, and investment firms. By ensuring robust cybersecurity practices, DORA seeks to enhance the digital resilience of the European financial sector, making it better equipped to withstand severe operational disruptions. The regulation covers areas like Information and Communication Technology (ICT) risk management, third-party risk, digital operational resilience testing, and reporting of major ICT-related incidents to competent authorities. Its harmonized principles address the increasing reliance on technology in financial services, safeguarding against cyber threats and promoting stability across borders.
As a strong partner of European financial institutions, Dynatrace is preparing for DORA requirements. This blog post describes how we're aligning our efforts with the upcoming changes.
Understand the Digital Operational Resilience Act
DORA isn't just an acronym; it's a compass pointing toward operational resilience. Let's break it down:
Risk management: DORA mandates that financial institutions navigate the treacherous waters of IT and cybersecurity risks. Dynatrace, with its AI-driven observability platform, isn't merely ticking boxes-we're actively scanning the digital landscape, identifying vulnerabilities, and fortifying the ramparts.
Business continuity: We don't just draft continuity plans; we live them. Imagine a symphony where every instrument knows its part. When operational disruptions strike-whether it's a rogue server or a cyberattack-Dynatrace services remain in harmony. The show must go on.
Supervision and oversight: Dynatrace embraces transparency without compromising security. It welcomes constructive engagement with supervisory authorities, ensuring robust practices while safeguarding operational resilience. No smoke, no mirrors-just a commitment to excellence.
How will DORA impact Dynatrace?
The regulation imposes heightened regulatory scrutiny on ICT providers, including Dynatrace. Providers must meet rigorous requirements outlined in the framework and substantiate their compliance through tangible evidence.
How Dynatrace will support you
The Dynatrace secret weapon is data. It's not about stockpiling ones and zeros; it's about turning raw information into actionable insights. Imagine a dashboard that whispers, "Hey, there's a vulnerability brewing in Server Room B." The Dynatrace data-centric approach ensures compliance isn't a burden; it's an opportunity to fine-tune operations.
Instead of waiting for January 2025 to engage with customers, we're already engaging with CISOs, CIOs, risk managers, and compliance officers. But here's the twist: At Dynatrace, we don't just preach; we listen. Customer feedback shapes our compliance strategy. After all, resilience isn't an individual effort; it's a symphony of collaboration and shared responsibility.
As the DORA countdown ticks down and the second batch of DORA policy documents is scheduled to be released in July 2024, we extend an invitation to you for a pragmatic roundtable discussion: Let's embrace agility, dissect DORA, scrutinize our processes, and emerge stronger together.
So, to all our financial institution partners, DORA takes effect on January 17, 2025, and Dynatrace will be ready.
Reach out to us, and let's prepare for DORA together.
Contact us
Attachments
Original Link
Permalink
Disclaimer
Dynatrace Inc. published this content on
23 April 2024 and is solely responsible for the information contained therein. Distributed by
Public, unedited and unaltered, on
23 April 2024 22:19:09 UTC.
Dynatrace, Inc. offers a unified observability and security platform with analytics and automation for dynamic, hybrid, multi-cloud environments. The Companyâs Dynatrace Software Intelligence Platform provides application and micro service monitoring (APM), runtime application security, infrastructure monitoring, digital experience monitoring (DEM), business analytics, and cloud automation. Its product offerings include Applications and Microservices Monitoring, Infrastructure Monitoring, Application Security, Log Management and Analytics, Digital Experience Monitoring, Digital Business Analytics, and Cloud Automation. Its Dynatrace Infrastructure Monitoring provides complete visibility into a customerâs infrastructure layer across public and private clouds and hybrid, multi-cloud environments. It also provides real-time detection and blocking to help protect against injection attacks that exploit critical vulnerabilities, such as Log4Shell.