{"id":16981,"date":"2025-01-21T10:30:58","date_gmt":"2025-01-21T09:30:58","guid":{"rendered":"https:\/\/teamwire.eu\/en\/blog\/2025\/01\/21\/dora-digital-operational-resilience-act\/"},"modified":"2026-03-25T11:02:35","modified_gmt":"2026-03-25T10:02:35","slug":"dora-digital-operational-resilience-act","status":"publish","type":"post","link":"https:\/\/teamwire.eu\/en\/blog\/dora-digital-operational-resilience-act\/","title":{"rendered":"DORA: New Standards for Digital Security in the Financial Sector"},"content":{"rendered":"<div class=\"vc_row wpb_row vc_row-fluid\">\n<div class=\"wpb_column vc_column_container vc_col-sm-12\">\n<div class=\"vc_column-inner\">\n<div class=\"wpb_wrapper\">\n<div class=\"wpb_text_column wpb_content_element\">\n<div class=\"wpb_wrapper\">\n<p><span style=\"font-weight: 400;\">On January 17, 2025, the <\/span><b>Digital Operational Resilience Act (DORA)<\/b><span style=\"font-weight: 400;\"> came into force \u2013 an EU regulation strengthening and regulating digital security and resilience in the financial sector.<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">What Is DORA?<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">DORA requires banks, insurance companies, and other financial sector players to set up their IT systems to withstand cyber-attacks but continue to operate seamlessly in the event of IT failures.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">This includes all areas of the financial sector, including third-party providers.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">With DORA, the EU is sending a clear message:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Digitalizing the financial sector must not compromise security and stability. But what is behind this regulation, and how can companies benefit from it?<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">Who Needs to Act? These Companies Are the Focus<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">DORA is aimed at a wide range of organizations operating in the <\/span><b>financial sector<\/b><span style=\"font-weight: 400;\">, including<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Credit institutions<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">payment service providers<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">investment firms<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Providers of crypto services<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Trading venues<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Insurance and reinsurance companies<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Crowdfunding platforms<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Capital management companies<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">rating agencies<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Equally important is the role of critical third-party providers, so-called <\/span><b>third-party ICT service providers<\/b><span style=\"font-weight: 400;\">. These are companies that provide information and communication technology services for financial companies. For example, cloud providers and IT service providers.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Their services must also meet DORA&#8217;s high requirements, as they often represent a key element in the digital infrastructure.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Therefore, the entire supply chain is scrutinized to ensure no weak points jeopardize security.<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">The Main Content of DORA<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">DORA will ensure the digital operational resilience of the European financial sector in these <\/span><b>six areas:<\/b><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">ICT risk management<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Handling, classification, and reporting of ICT-related incidents<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Testing digital operational resilience including Threat-led Penetration Testing (TLPT)<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Management of ICT third party risk<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Monitoring framework for critical third-party ICT service providers<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Information sharing agreements and cyber crisis and emergency exercises<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">(Source: <\/span><a href=\"https:\/\/www.bafin.de\/DE\/Aufsicht\/DORA\/DORA_node.html\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">BaFin<\/span><\/a><span style=\"font-weight: 400;\"> \u2013 you can find more detailed information here).<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">What Does DORA Mean for IT Security? More Than Just Compliance<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">DORA is far more than just a regulatory obligation. The regulation is a <\/span><b>strategic guide<\/b><span style=\"font-weight: 400;\"> to ensure digital resilience in the financial sector.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">One key requirement is that companies systematically check their IT systems and processes for <\/span><b>vulnerabilities<\/b><span style=\"font-weight: 400;\"> and take adequate measures to address them. Instead of waiting, DORA calls for proactive action to minimize risks at an early stage.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Another important aspect is the introduction of <\/span><b>uniform reporting standards<\/b><span style=\"font-weight: 400;\"> for security incidents. This transparency ensures that incidents can be identified and rectified more quickly and strengthens the trust of customers and supervisory authorities.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The <\/span><b>systematic review of third-party providers<\/b><span style=\"font-weight: 400;\"> is another key point. Companies must ensure that external service providers and partners comply with the high-security standards.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In addition, DORA requires companies to develop and regularly test <\/span><b>comprehensive emergency plans<\/b><span style=\"font-weight: 400;\">. These plans should ensure that organizations can act even in crises such as IT failures or cyber-attacks. In addition to technical solutions, coordination between departments and partners is also crucial.<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">How Teamwire Helps to Overcome the Hurdles of DORA<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">As a partner, Teamwire offers you solutions specially tailored to the requirements of DORA to strengthen your digital resilience. Our secure communication platform enables you to communicate efficiently even in crises and ensure <\/span><a href=\"https:\/\/teamwire.eu\/en\/blog\/the-importance-of-a-fail-safe-messenger-for-business-continuity\/\"><b>business continuity<\/b><\/a><span style=\"font-weight: 400;\">:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Functions such as <\/span><b>alerts<\/b><span style=\"font-weight: 400;\">, <\/span><b>group chats<\/b><span style=\"font-weight: 400;\">, push-to-talk, broadcasts, and <\/span><b>live locations<\/b><span style=\"font-weight: 400;\"> ensure that everyone involved is constantly updated. Teamwire features such as distribution lists, <\/span><b>video conferencing,<\/b><span style=\"font-weight: 400;\"> and the company-wide address book are equally relevant in the context of business continuity.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">In addition, Teamwire meets the <\/span><a href=\"https:\/\/teamwire.eu\/en\/product\/security\/\"><span style=\"font-weight: 400;\">highest security standards<\/span><\/a><span style=\"font-weight: 400;\">:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">With <\/span><b>ISO 27001 certification<\/b><span style=\"font-weight: 400;\">, full <\/span><b>GDPR compliance,<\/b><span style=\"font-weight: 400;\"> and <\/span><b>BSI C5-tested hosting<\/b><span style=\"font-weight: 400;\">, you can be sure our platform complies with regulatory requirements.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">S<\/span><b>eamless integration into existing IT infrastructures<\/b><span style=\"font-weight: 400;\"> also facilitates the implementation of DORA requirements and strengthens resilience against threats.<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">DORA \u2013 The Future of IT Security Starts Now<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">At first glance, DORA may seem like yet another regulatory hurdle. But in reality, the new directive is a milestone for digital security and resilience in the financial sector. It challenges companies to rethink their IT strategies and fundamentally prepare for the future.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Companies that act now can strengthen their cyber security, gain a competitive advantage, and prepare themselves for the digital future.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">For example, financial institutions can strengthen their customers&#8217; trust and gain market share through more robust IT systems. In addition, early adaptation to DORA regulations allows for the optimization of internal processes and, thus, long-term cost savings.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The future of IT security starts now \u2013 and it offers numerous opportunities for companies that act proactively. Tools like Teamwire can help you comply with DORA regulations quickly and effectively.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">If you are not yet part of the Teamwire community, we invite you to learn more about our solutions &#8211; either through our case studies or a free demo:<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Here, you can read case studies from various sectors where Teamwire has been used successfully. These include the police, medical services, and municipal administrations.\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">\u27a1\ufe0f <\/span><strong><a href=\"https:\/\/teamwire.eu\/en\/resources\/#casestudies\">Here are the case studies.<\/a><\/strong><\/p>\n<p><span style=\"font-weight: 400;\">You can also book a free product tour at any time.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">\u27a1\ufe0f <\/span><strong><a href=\"https:\/\/teamwire.eu\/en\/contact-sales\/\">Request a demo here.<\/a><\/strong><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"vc_row wpb_row vc_row-fluid vc_custom_1731661172284\">\n<div class=\"wpb_column vc_column_container vc_col-sm-12\">\n<div class=\"vc_column-inner\">\n<div class=\"wpb_wrapper\">\n<div class=\"wpb_raw_code wpb_raw_html wpb_content_element\">\n<div class=\"wpb_wrapper\">\n<div class=\"hs-cta-embed hs-cta-simple-placeholder hs-cta-embed-99710995691\" style=\"max-width: 100%; max-height: 100%; width: 672px; height: 268.4375px;\" data-hubspot-wrapper-cta-id=\"99710995691\"><a href=\"https:\/\/cta-eu1.hubspot.com\/web-interactives\/public\/v1\/track\/redirect?encryptedPayload=AVxigLLgLmxry0kc8KHP8GgyuOwVFkd%2B2sEh80sV9jsb%2BsC9FU9EInKDrP9fNDfMEN5A94CchqR9Y1d%2BkKghytI1u0taezMb9rCIdCVoEmCehjVxSIm9OyspMhcxOHVy3sLofniRf35WOzH3F%2BT891QBfNSdazGlpqVWIoIZki5hNs1LX5tGKX8OFw%3D%3D&amp;webInteractiveContentId=99710995691&amp;portalId=143616833\" target=\"_blank\" rel=\"noopener\"><br \/>\n<img decoding=\"async\" style=\"height: 100%; width: 100%; object-fit: fill;\" src=\"https:\/\/teamwire.eu\/en\/wp-content\/uploads\/sites\/2\/2025\/12\/interactive-99710995691.png\" alt=\"\" \/><br \/>\n<\/a><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"vc_row wpb_row vc_row-fluid\">\n<div class=\"wpb_column vc_column_container vc_col-sm-12\">\n<div class=\"vc_column-inner\">\n<div class=\"wpb_wrapper\">\n<p><!-- Aufbau der Kategorie-Tags --><\/p>\n<div class=\"tmw-blog-category-tags_wrapper\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"vc_row wpb_row vc_row-fluid vc_custom_1731661211910\">\n<div class=\"wpb_column vc_column_container vc_col-sm-12\">\n<div class=\"vc_column-inner\">\n<div class=\"wpb_wrapper\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>On January 17, 2025, a new EU regulation known as DORA came into force that strengthens digital security in the financial sector. In this article, you will learn why DORA is much more than just a regulatory obligation and how companies can achieve competitive advantages by implementing it correctly. And: How Teamwire can help you meet the challenges and strengthen your digital resilience.<\/p>\n","protected":false},"author":11,"featured_media":16983,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[67,68,69,71,66],"tags":[],"class_list":["post-16981","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-business-continuity","category-crisis-communication","category-cybersecurity","category-legal","category-security"],"acf":[],"_links":{"self":[{"href":"https:\/\/teamwire.eu\/en\/wp-json\/wp\/v2\/posts\/16981","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teamwire.eu\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teamwire.eu\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teamwire.eu\/en\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/teamwire.eu\/en\/wp-json\/wp\/v2\/comments?post=16981"}],"version-history":[{"count":2,"href":"https:\/\/teamwire.eu\/en\/wp-json\/wp\/v2\/posts\/16981\/revisions"}],"predecessor-version":[{"id":17874,"href":"https:\/\/teamwire.eu\/en\/wp-json\/wp\/v2\/posts\/16981\/revisions\/17874"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/teamwire.eu\/en\/wp-json\/wp\/v2\/media\/16983"}],"wp:attachment":[{"href":"https:\/\/teamwire.eu\/en\/wp-json\/wp\/v2\/media?parent=16981"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teamwire.eu\/en\/wp-json\/wp\/v2\/categories?post=16981"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teamwire.eu\/en\/wp-json\/wp\/v2\/tags?post=16981"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}