The much-anticipated Digital Operational Resilience Act (DORA) is finally here. This Regulation, applicable across the 27 EU Member States, provides a set of guidelines via which financial services organisations will need to prove that they are operationally resilient, i.e, they are able to withstand any unforeseen shocks. All financial system participants will be covered, from credit institutions and insurance undertakings to investment firm
The provisional DORA text was agreed in May 2022, and it should be formally adopted into law by the end of 2022. Financial services organisations will need to be compliant from the end of 2024 (the application deadline is 24 months) but many are already starting to plan to ensure that they meet its requirements.
Why is DORA so important?
Well, I think it’s important for three main reasons:
- It effectively mandates ICT risk management at the C-level in all financial services organisations, which will mean that the impact of shocks such as the pandemic or the political situation in Ukraine will be felt less by consumers and the financial services industry itself.
- It will clearly define what financial services organisations need to do to become resilient. They will need to ensure that they adhere to a series of ICT risk management and incident-reporting requirements. Some of these requirements will be further defined in Regulatory Technical Standards (RTSs). These standards will be prescriptive, which will eliminate the potential for misinterpretation and ensure consistency of response.
- It covers critical Third-Party Providers (TPPs), including Cloud Service Providers (CSPs), and this is likely to increase the speed at which financial services organisations migrate to the cloud (as a multi-cloud strategy for improving resilience is favoured by regulators).
How can Splunk support financial services organisations as they build out their plans to comply with the requirements of DORA?
The Splunk solution set is perfectly aligned with the ICT risk management requirements of DORA. At a very high level, the legislation means that all financial services organisations will need to monitor their technology estate and manage any risks associated with the delivery of critical business services. All requirements that are likely to be included in the Regulatory Technical Standards will align with the capabilities of Splunk – and in particular, detecting and responding to any technology-related issues as well as cyber threats. In addition, Splunk can support any reporting required if / when ‘major incidents’ do take place.
By providing a unified approach to observability and security, Splunk optimises the use of data to address the specific requirements of the legislation. At a time when disruption is constant – political, social and economic turbulence have become the new normal – this will minimise Mean Time to Respond (MTTR) which is arguably the most important KPI aligned with resilience. Another key characteristic of Splunk is its ability to holistically monitor hybrid environments, which will be more important as hybrid and multi-cloud become the norm.
Want to find out more?
Additional information is provided on the Splunk website. If you are an existing Splunk customer, please contact your account manager.