Skip to main content
The Actuary: The magazine of the Institute and Faculty of Actuaries - return to the homepage Logo of The Actuary website
  • Search
  • Visit The Actuary Magazine on Facebook
  • Visit The Actuary Magazine on LinkedIn
  • Visit @TheActuaryMag on Twitter
Visit the website of the Institute and Faculty of Actuaries Logo of the Institute and Faculty of Actuaries

Main navigation

  • News
  • Features
    • General Features
    • Interviews
    • Students
    • Opinion
  • Topics
  • Knowledge
    • Business Skills
    • Careers
    • Events
    • Predictions by The Actuary
    • Whitepapers
    • Moody's - Climate Risk Insurers series
    • Webinars
    • Podcasts
  • Jobs
  • IFoA
    • CEO Comment
    • IFoA News
    • People & Social News
    • President Comment
  • Archive
Quick links:
  • Home
  • Sections
  • News

Defence against cyber attacks: stringent new EU rules

Open-access content Tuesday 6th December 2022 — updated 10.06am, Wednesday 7th December 2022
web_system-hacked_credit_iStock-1144604245.png

Financial-service companies and the tech giants that supply them must show how quickly they can recover from a cyber attack under new operational resilience obligations passed by the EU.

The Council of Ministers has approved the Digital Operational Resilience Act (DORA), comprising a regulation and a directive, which aims to prevent and mitigate against cyber threats. Under the legislation, financial institutions must ensure they have robust mechanisms in place for reporting major technology security incidents, for business continuity and for disaster recovery.

DORA also introduces direct regulation of major technology firms to financial institutions under a framework that gives powers to European supervisory authorities to designate specific third-party service providers for regulation, and then oversee their compliance.

The move follows increasing fears among regulators about the speed and scale at which insurers and banks are shifting crucial functions and operations to cloud platforms managed by Amazon, Microsoft, Google and IBM.

“Financial firms already have plans for IT security but more was needed so they stay resilient through a severe disruption,” said Zbynek Stanjura, finance minister for the Czech Republic, which holds the EU presidency. “If a large-scale attack on the European financial sector is launched, we will be prepared for it.”

Observers commented that DORA’s impact will be felt beyond the EU. “Even though DORA will not apply directly in the UK, UK companies with business in Europe will be subject to its requirements,” said Pinsent Masons partner Yvonne Dunn, who specialises in technology contracts for financial services. “Even for UK businesses that will be outside the scope of DORA, the legislation offers an insight into how UK policy and regulation around operational resilience is likely to develop.”

Ms Dunn pointed to rules set last March by the Prudential Regulations Authority, the Financial Conduct Authority and Bank of England, which showed that UK regulators want firms to shift away from considering the resilience of individual systems and operational resources and towards “the continuity of the services that they provide to their external end users, customers or participants.”

Image credit | iStock

Also filed in
News

You might also like...

Share
  • Twitter
  • Facebook
  • Linked in
  • Mail
  • Print

Latest Jobs

Actuarial Manager

London (Central)
£100,000 - £130,000 basic + bonus and benefits
Reference
145832

Pricing Analyst

London, England
£30000 - £45000 per annum
Reference
145831

Capital Modelling Analyst

London, England
£35000 - £55000 per annum
Reference
145830
See all jobs »
 
 

Today's top reads

 
 

Sign up to our newsletter

News, jobs and updates

Sign up

Subscribe to The Actuary

Receive the print edition straight to your door

Subscribe
Spread-iPad-slantB-june.png

Topics

  • Data Science
  • Investment
  • Risk & ERM
  • Pensions
  • Environment
  • Soft skills
  • General Insurance
  • Regulation Standards
  • Health care
  • Technology
  • Reinsurance
  • Global
  • Life insurance
​
FOLLOW US
The Actuary on LinkedIn
@TheActuaryMag on Twitter
Facebook: The Actuary Magazine
CONTACT US
The Actuary
Tel: (+44) 020 7880 6200
​

IFoA

About IFoA
Become an actuary
IFoA Events
About membership

Information

Privacy Policy
Terms & Conditions
Cookie Policy
Think Green

Get in touch

Contact us
Advertise with us
Subscribe to The Actuary Magazine
Contribute

The Actuary Jobs

Actuarial job search
Pensions jobs
General insurance jobs
Solvency II jobs

© 2023 The Actuary. The Actuary is published on behalf of the Institute and Faculty of Actuaries by Redactive Publishing Limited. All rights reserved. Reproduction of any part is not allowed without written permission.

Redactive Media Group Ltd, 71-75 Shelton Street, London WC2H 9JQ