Something a bit different for DORA Digest this month, as we launch DORA Talks – five episodes dedicated to talking about all things DORA. Shreeji Doshi, a director of cyber governance, risk and compliance (and editor of DORA Digest) met with experts from the worlds of banking, funds, risk management, and cyber security to get their different perspectives on what DORA’s impact will be.
All episodes are available now, each with fascinating insights for anyone interested in DORA and the wider issues of cyber risk management.
Episode One
Why DORA, and why now?
Shreeji fields questions from Kevin Groves. Kev is a director of Thomas Murray’s cyber risk team. Kev and Shreeji discuss gap assessments and what affected entities can expect DORA to demand of them, both at a regulatory level and in terms of time, resources and software capabilities.
Episode Two
The million-dollar question: Europe’s FMIs get their houses in order
Panos Kiziris is a director of financial market infrastructure here at Thomas Murray, and a member of our Risk Committee.
Panos and Shreeji analyse some of the specific challenges faced by FMIs when it comes to DORA, especially in smaller markets, and Panos invites Shreeji to make a wager on whether the regulators will offer any 11th-hour extensions on the compliance deadline.
Episode Three
The single source of truth: DORA and third-party risk management
In this episode Shreeji discusses all things third-party risk with Phoebe Jordan and Nita Sinha.
Phoebe is the managing director of third-party risk management (TPRM) at Thomas Murray, and Nita manages the technology operations team. They look at how DORA can enhance risk management practices, and how technology can help organisations of all sizes to identify their ‘single source of truth’.
Episode Four
Go for the low-hanging fruit: DORA readiness for pension funds
Steve Merry and Andy Clark from our Funds Advisory team sit down with Shreeji to examine DORA’s impact on pension funds. Steve and Andy explain how funds at different stages of the compliance readiness process can accelerate their DORA preparations, and whether DORA makes any room for proportionality.
Episode Five
Firewalls and Black Swans: Talking DORA with a cyber security expert
Alistair Purdy is a senior analyst in our Cyber Advisory practice and is a cyber incident response veteran. Alistair and Shreeji talk about what DORA means for cyber security experts, the thorny issue of incident classification, and how organisations can make the lives of incident response specialists easier when a cyber threat emerges.
Are you ready for DORA?
Use our free, easy-to-follow Readiness Toolkit to determine how close your organisation is to meeting all the Digital Operational Resilience Act (DORA) requirements. Once completed, we’ll send you a free report outlining how prepared you are for DORA. You can use our output to create an action plan to achieve compliance by 17 January 2025.
DORA regulation applies in:
Subscribe to DORA Digest and stay up to date with the key issues
and developments unfolding as the countdown to DORA begins.
We safeguard clients and their communities
Petroleum Development Oman Pension Fund
“Thomas Murray has been a very valuable partner in the selection process of our new custodian for Petroleum Development Oman Pension Fund.”
ATHEX
"Thomas Murray now plays a key role in helping us to detect and remediate issues in our security posture, and to quantify ATHEX's security performance to our directors and customers."
Northern Trust
“Thomas Murray provides Northern Trust with a range of RFP products, services and technology, delivering an efficient and cost-effective solution that frees our network managers up to focus on higher Value activities.”
