DORA Takes Effect: Financial Firms Still Navigating Compliance Headwinds
The EU’s DORA regulation is in effect as of January 17, with mixed evidence around compliance levels among financial firms
Stay updated on the latest Compliance trends in infosec, ensuring your data practices meet legal and regulatory standards with our expert insights.
Search across headline titles and summaries.
Background for this topic.
Compliance in information security means following specific laws, standards, and regulations that govern how organizations protect sensitive data. These rules, such as GDPR, HIPAA, and PCI DSS, set requirements for data handling, access controls, encryption, and breach notification. Compliance frameworks often mandate regular audits and documented security practices to verify that organizations meet these requirements.
Meeting compliance obligations helps reduce risks like unauthorized data access, data leakage, and inadequate incident response. It also shapes security architecture by enforcing controls on data storage, transmission, and user privileges. For security teams, compliance drives the implementation of measurable safeguards and continuous monitoring, ensuring that security measures align with legal and industry expectations rather than relying solely on voluntary best practices.
The EU’s DORA regulation is in effect as of January 17, with mixed evidence around compliance levels among financial firms
Compliance with the Digital Operational Resilience Act (DORA) has cost many businesses over €1 million, according to research from Rubrik
The digital world is exploding. IoT devices are multiplying like rabbits, certificates are piling up faster than you can count, and compliance requirements are tightening by the day. Keeping up with it all can feel like trying to juggle chainsaws while riding a unicycle
CISA shared guidance for government agencies and enterprises on using expanded cloud logs in their Microsoft 365 tenants as part of their forensic and compliance investigations. [...]
New Identity Infrastructure Streamlines Compliance Adherence in Regulated SettingsIdentity management startup Orchid Security raised $36 million in a seed round lead by Team8 and Intel Capital to tackle compliance challenges. The company's infrastructure addresses complex compliance and security needs for enterprises, enabling efficient application onboarding and integration.
Mission Omega's Ian Mitchell on What Works and What Doesn't in Program IntegrationFraud management and anti-money laundering represent two distinct disciplines in financial crime prevention. While AML primarily is a compliance-driven function, fraud is a risk management function driven by the organization's risk appetite for fraud, said Ian Mitchell, co-founder of Mission Omega.