The Digital Operational Resilience Act (DORA)
Overview
The Digital Operational Resilience Act, or DORA, is a European Union (EU) regulation that creates a binding, comprehensive information, and communication technology (ICT) risk management framework for the EU financial sector.
The Act seeks to harmonise digital resilience in the EU through ICT related risk management and incident reporting. The regulation was published on 27 December 2022, in the official journal of the EU and will apply in full from January 2025.
Objectives of the Act
Avert cyberattacks
All financial organizations in EU have necessary safeguards to avert cyber-attacks and mitigate risks.
Harmonize ICT risk management regulations
Security and cloud teams get control and visibility of all data from a single pane of glass. They can now govern policies and manage key lifecycles from a single interface.
Framework for third parties
Store and control root keys segregated from the cloud data. Modernize your HSM infrastructure with API-supported, integrated HSMs (FIPS 140-2 L3-certified).
Key Differentiators with Fortanix
Post-quantum ready
PQ algorithms with ability to rapidly deploy updates.
Privacy by design
Built-in privacy capabilities (Confidential Computing, Tokenization, Data Masking etc.) to greatly reduce risk and improve compliance.
Zero Trust for your data
Policy-driven RBAC, quorum controls, and least-privileged access.
Centralized Key Management
With discovery, visibility, command control, policy enforcement, reporting.
Data protection, whatever its state
Trusted execution environments secure data at rest, in motion, and in use.
