jnews-view-counter domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/hosting/lsd.hu/wp-includes/functions.php on line 6114jnews domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/hosting/lsd.hu/wp-includes/functions.php on line 6114
\n<\/p>\n
New regulations are forcing organizations to take cybersecurity more seriously.<\/p>\n
Sean Gladwell | Moment | Getty Images<\/p>\n<\/div>\n<\/div>\n<\/div>\n
Tough new European Union regulations requiring banks to bolster their cybersecurity systems officially come into effect Friday \u2014 but many of the bloc’s financial services firms aren’t yet in full compliance with the rules.<\/p>\n
The EU’s Digital Operational Resilience Act<\/a>, or DORA, requires both financial services firms and their technology suppliers to strengthen their IT systems to ensure the industry is resilient in the event of a cyberattack or any other forms of disruption. It entered into effect on Jan. 17.<\/p>\n The penalties for breaches of the new legislation can be substantial. Financial services firms that fall foul of the new rules can face fines of up to 2% of annual global revenue. Individual managers could also be held liable for breaches and face sanctions of as much as 1 million euros ($1 million).<\/p>\n So far, the rate of compliance among financial services firms with the new rules has been mixed, according to Harvey Jang, chief privacy officer and deputy general counsel at IT giant Cisco.<\/p>\n “I think we’ve seen a mixed bag,” Jang told CNBC in an interview. “Of course, the more mature-stage companies are further along looking at this for at least a year \u2014 if not longer.”<\/p>\n “We’re really trying to build this compliance program, but it’s so complex. I think that’s the challenge. We saw this too with GDPR and other broad legislation that is subject to interpretation \u2014 what does it actually mean to comply? It means different things to different people,” he said.<\/p>\n<\/div>\n This lack of a common understanding of what qualifies as robust compliance with DORA has in turn led many institutions to ramp up security standards to the level that they’re actually surpassing the “baseline” of what’s expected of most firms, Jang added.<\/p>\n<\/div>\n Under DORA, financial firms will be required to undertake rigorous IT risk and incident management, classification and reporting, operational resilience testing, intelligence sharing on cyber threats and vulnerabilities, and measures to manage third-party risks.<\/p>\n Firms will be also be required to conduct assessments of “concentration risk” related to the outsourcing of critical or important operational functions to external companies.<\/p>\n A Censuswide survey of 200 U.K. chief information security officers commissioned by Orange Cyberdefense<\/a>, the cybersecurity division of French telecoms firm Orange<\/a>Are financial institutions ready?<\/h2>\n