Recently, I had the opportunity to speak at the EU DORA Summit, the only conference in Ireland that predominantly focused on the critical importance of the DORA legislation which will be implemented at the beginning of 17th January 2025.
My main argument was I do not believe the DORA legislation goes far enough and was written pre-AI. There are obvious gaps to this legislation, as it does not even include Credit Unions.
I highlighted the crucial importance of a having a good communication strategy and navigating the complexities of this legislation.
Here is an extract from my speech;.
DORA is a critical milestone effort to strengthen the digital infrastructure and enhance the resilience of the European Union’s financial sector amongst member states.
In our communications world, where fear is good, I cannot underestimate the importance of having a communications strategy by your side rather than at your wake.
The intention behind DORA is to ensure all participants have the necessary safeguards in place to mitigate cyber-attacks and risks. It is essential that you can withstand all types of ICT related disruptions and threats.
Having read the 70 pages of legislation, having undergone DORA exams, DORA has very stringent regulations and guidelines which will present a challenge and opportunity to enhance our crisis communications strategy.
I don’t mind saying that I find the DORA directive challenging, it is a tough piece to get your head around.
Talking to people in government, many do not know about DORA, so we have a lot of challenges to overcome ahead of us.
The two biggest being the ignorance and the arrogance barriers ahead.
Ignorance, meaning aspects of the Irish government and Irish business that know nothing about this, and arrogance, as the EU keep telling us to get on with it!
In today’s fast-paced digital landscape, a crisis can escalate within seconds. Sometimes without you or your team even noticing. The global business landscape remains haunted by cyber threats carried out by bad actors or nation states, continues.
In terms of cyber security, all sizes of businesses still fail to grasp the impact a cyber-attack will have and their ability to trade and get back to full power. It is not if it will happen, it is when will it happen.
In summary, let’s take a breath and reflect on the words of my hero, President John F. Kennedy in his democratic presidential acceptance speech in 1960, “The new frontier of which I speak,’ he said, ‘is not a set of promises; it is a set of challenges.” Good wishes to you as you embark on your DORA plans in the months ahead.