On 24 November 2021, the Council of the European Union adopted its general approach on the Proposal on Regulation on digital operational resilience for the financial sector (DORA). The Proposal outlines cybersecurity requirements to ensure the financial sector's digital operational resilience. In particular, the Proposal would require providers of digital financial services to conduct an impact assessment and develop a digital resilience framework. Furthermore, the Proposal outlines requirements regarding governance and management of information and communications technology (ICT) related risks and the obligation to report ICT-related incidents to harmonise European responses to cyber threats. Finally, the Proposal would require digital financial services providers to test their digital operational resilience, conduct third-party risks assessment and share the information with the authorities to prevent cyber threats. The Council and European Parliament will start the negotiations on the Proposal.
Original source