IKT Asset
AINIS2DORACybersicherheitEU-Vorschriften

The Impact of the Digital Operational Resilience Act (DORA) and NIS2 Directive on Businesses

The Digital Operational Resilience Act (DORA) and the NIS2 Directive impose new requirements on businesses in the EU. This article highlights the key aspects and preparations needed.

Introduction

On January 16, 2023, the Digital Operational Resilience Act (DORA) came into force, followed by the NIS2 Directive, which also establishes new standards for cybersecurity and operational resilience within the EU. These regulations particularly impact businesses in the financial sector and critical third parties.

DORA: New Standards for Digital Resilience

DORA aims to strengthen the operational resilience of financial institutions. With enforcement starting in January 2025, companies must comply with specific technical requirements set by national regulatory authorities. The pressure to adhere to these regulations will increase in the coming years, making it essential for companies to begin preparations now.

NIS2 Directive: Expanded Security Requirements

The NIS2 Directive, which also came into force on January 16, 2023, is expected to be incorporated into Swedish law by October 2024. This directive broadens the scope of cybersecurity requirements to a wider range of sectors and businesses.

Preparing for the New Requirements

Companies should take proactive steps to understand and implement the new requirements. This includes training employees, developing contingency plans, and implementing appropriate technologies for risk mitigation.

Conclusion

With DORA and NIS2, companies in the EU face significant challenges that also present opportunities to enhance digital resilience. Early preparation is crucial to meet the new requirements.