The Future of Security and DORA: Preparing for Tomorrow’s Threats
A few years ago, the world looked very different. Cybercrime existed, but its complexity was far lower than what we observe today. Fast forward to the present, and the landscape has shifted dramatically. Cybercrime has risen, but DORA and EU directives now enhance security for critical infrastructure and businesses.
Today’s organizations face unprecedented challenges in safeguarding their critical systems and meeting new regulatory demands. According to the latest Kyndryl Readiness Report (pdf), cybersecurity remains a foremost concern among business leaders, with 65% expressing apprehension about cyberattacks and only 30% feeling prepared to manage such threats. Threat actors are targeting both public- and private-sector organizations to disrupt mission-critical operations. The tense geopolitical environment adds further uncertainty to the global consciousness. Meanwhile, cyberattacks have grown bolder and more advanced, taking advantage of legacy data protections, and exploiting potential vulnerabilities in critical infrastructure.
Rising Defence Against Cyber Threats
Despite these challenges, there is reason for optimism. Law enforcement agencies are making significant strides in combating cyber threats, shutting down attackers and their networks, and seizing the profits from their illegal activities. On the technical side, technology services leaders are bringing sophisticated, intentional measures together to protect organizations and their customer data and get systems back up and running when incidents occur. AI-based tools are rapidly evolving to detect and respond to cyberattacks more quickly. Quantum-resistant encryption algorithms are also being developed to strengthen defenses.
In parallel, new regulations are emerging to safeguard critical information infrastructures. Several EU regulations , including the Digital Operational Resilience Act (DORA), the Cyber Resilience Act, and the NIS2 Directive are setting higher security standards for organizations across an array of industries.
Shaping Future Security with DORA
One of the these key regulations is DORA, which aims to bolster the financial sector’s ability to protect and recover from cyber threats. DORA mandates stronger risk management practices to help ensure that financial entities can withstand and recover from disruptions. Meanwhile, the NIS2 Directive calls for a common level of technical, operational and organizational measures to help strengthen the resilience of other critical industry sectors such as energy, utilities transport and more – including sectors that may not have been accustomed to such compliance measures .
Extending beyond compliance, the broader impact of these initiatives drives higher accountability across corporate boards and executive leadership – emphasizing risk reduction and security. In turn, these measures can help enhance the stability of both individual organizations and society as a whole. Together with ongoing technical advancements and regulatory support, we’re making significant progress toward a safer digital world.
Furthermore, 56% of business leaders identify cybersecurity vulnerabilities as top challenges when navigating business risks, and 55% report the frequency and speed of policy/regulatory changes significantly challenge tech modernization. Yet, 66% acknowledge the positive impact of regulations in their country, though 48% believe the pace of regulation is too fast, compared to 45% who think it is just right and 7% who feel it is too slow. Notably, countries like India, Australia, France, BeNeLux, MEA, Canada, and Germany report over 50% finding the pace too fast, whereas the US, Italy, Mexico, and China report 40% or less, with Italy highlighting 24% finding it too slow.
On the cybersecurity front, 67% of business leaders do not completely feel ready on cybersecurity and resiliency measures, versus 33% who do. Across all sectors, an average of only 32% feel ready, with countries like Brazil, India, China, and Mexico showing the highest sentiment of readiness, while the UK, Italy, Germany, and Japan show less confidence.