Background
21st May 2024

Alignment With DORA Will Deliver A More Resilient UK Financial Ecosystem, Says M-Files

The cybersecurity threat landscape in the UK is steadily increasing, with half of businesses reporting either a breach or an attack in the last 12 months.

Scroll
Article Image Circle Circle


Alignment With DORA Will Deliver A More Resilient UK Financial Ecosystem, Says M-Files
businessman in suit at workplace working with laptop to defend customer cyber security

More stringent regulations present an opportunity for businesses to re-evaluate security strategies and identify vulnerabilities

The cybersecurity threat landscape in the UK is steadily increasing, with half of businesses reporting either a breach or an attack in the last 12 months. Most recently, a cyberattack on the Ministry of Defence put 270,000 records at risk including those of serving armed forces personnel. 

In response to more frequent and sophisticated attacks, the EU has introduced the Digital Operational Resilience Act (DORA). Designed to strengthen security in organisations throughout Europe’s financial network, entities included under the legislation’s parameters are expected to be compliant by early 2025.

According to Yohan Lobo, Industry Solutions Manager, Financial Services at M-Files, even UK businesses that fall outside DORA’s remit should consider implementing some aspects of the framework to bolster resilience.

Yohan said: “The MoD breach is another example of the danger bad actors pose to organisations of all sizes. To avoid similar instances occurring, it’s crucial that companies are proactive in understanding how they can shield themselves from cyberattacks and minimise risk.

“UK businesses seeking to refine their cybersecurity strategy can use DORA’s stipulations as a set of guidelines to inform their decision-making. In essence, the act creates a risk management framework that strengthens protective measures in place, allowing companies to review existing strategies and pinpoint areas of vulnerability.

“DORA’s remit centres on the European financial landscape, but the principles it’s built upon are industry agnostic. Thorough incident reporting, managing relationships with third parties and introducing processes that limit risk if something goes wrong are steps any organisation can take to improve cybersecurity measures, while also complying with DORA. 

“Additionally, businesses can embed technology that automates compliance tracking and reporting to adhere more closely to regulatory requirements. These solutions can automatically classify documents, place granular access controls on specific files and track interactions and changes across versions. 

“It’s easier to interrogate your own data if it is well-structured. Therefore, a good starting point for any business wanting to assess its potential weaknesses is to conduct a thorough data audit to ensure all files are organised and accessible to the right people.

“For UK businesses that either supply or operate as part of the EU financial system, compliance with DORA before the deadline of January next year could be a legal requirement. However, companies unaffected by the bill could create challenges for themselves in the future if they remain idle, with similar legislation in the UK and global markets likely to follow.”

Yohan concluded: “It’s time for UK firms to start exploring how they can bolster resilience through better regulatory alignment. A deeper understanding of your company’s internal points of weakness, as well as clearly defined relationships with third-party IT providers, are the bedrock of cultivating a dependable security strategy.”


Categories: Articles, Cyber Security



Other Articles You Might Like
Arrow

Wealth & Finance International is part of AI Global Media

Discover our 10+ brands covering different sectors
APAC InsiderBUILD MagazineCorporate VisionEU Business NewsGHP NewsAcquisition InternationalNew World ReportMEA MarketsCEO MonthlySME NewsLUXlife MagazineInnovation in BusinessThe Business Concept