Six months ago, the EU Digital Operational Resilience Law entered into force, but according to a Censuswide survey for Veeam Software, 96% of EMEA’s financial services organizations They continue believing that they need to improve in resilience To fulfill it.
The survey, conducted between responsible for the decision -making of Financial Services of the United Kingdom, France, Germany and the Netherlands; It highlights the challenges of the sector as it adapts to Dora, introduced by the EU in January 2025 to strengthen the defenses of the financial industry against cyberamezas and interruptions of ICT.
Although Dora has become a strategic priority throughout the financial sector, many organizations still progress towards full fulfillment. The survey has shown that 94% of the organizations surveyed now prioritize much more Dora within their organization than in the month prior to its entry into force. 40% of respondents currently consider a digital resilience priority. Half of respondents said that Dora’s requirements have been integrated into their broader resilience programs, while 39% point out that it is still a central focus for them.
Although companies are clear, in their almost entirely, they have to improve in resilience, they have to deal with various barriers to get it. Thus, 41% indicate an increase in stress and pressure on IT and security equipment, 37% faces higher costs.
The adaptation to fulfill Dora is still an ongoing work for many organizations. 24% have not established recovery and continuity evidence, the same percentage that has not yet implemented the notification of incidents and has not identified a responsible for the implementation of Dora. Another 23% have not performed digital operational resilience, and 21% have not guaranteed the integrity of backup copies or safe recovery of the data.
As for the most complicated requirement to meet Dora, it is the supervision of third party risks. 34% of companies consider it the most difficult to implement, although only 20% have not yet done so. There are many possible reasons for this, from the limited visibility that many organizations have of their operations with third parties to the scale of third -party networks.
In addition, 22% of organizations consider that Dora’s conception could have improved to facilitate compliance, with more detailed simplification, clarification and orientations requests on the risk of third parties.
In response to the need for structured resilience strategies, Veeam and McKinsey presented at the beginning of this year the first model of data resilience (DRMM) of the industry. Veeam DRMM has been validated through real customer results and is based on extensive research and opinions of more than 500 IT leaders, security and operations.
This framework allows organizations to evaluate the resilience of their data through a multifunctional approach that integrates you, safety and compliance into a unified strategy. It provides a clear road map to improve resilience and achieve compliance with regulations such as Dora.
Edwinama, Fieldd CBO CTO EMEA of Veamstressed that «es promising to see that most organizations have adopted and feel safe when meeting the requirements of Dora. Complying with the requirements is an important first step to guarantee the resilience of an organization, but given the complex panorama of current threats, much remains to be done. The New Research of Veeam shows that many financial services organizations still see a gap in their capacity for general recovery and face challenges to ensure the necessary budget, even when Dora grows in strategic importance. The trip to the operational resilience is in progress, and it is clear that giving priority to the resilience of the data remains fundamental for the long -term success of the organizations. “
