Search
Close this search box.

Ensure enhanced operational resilience

Start acting now to avoid catastrophic consequences with Proact and Dell Cybersense.

Preparing for compliance to new cybersecurity regulations needs time, effort and investment.

17 January 2025

DORA (The Digital Operational Resilience Act - Regulation (EU) 2022/2554).

Cyberattacks that are designed to destroy, steal or otherwise compromise your valuable data –including your backups – are increasing in frequency and cost.  Protecting your critical data and recovering it with assured integrity is key to resuming normal business operations post-attack – and the sooner you act, the better.

Get ready now to comply with DORA and NIS 2 changing regulations?

DORA and the NIS 2 directive affect different areas, like managing security with third-party suppliers, dealing with risks in the supply chain and disclosing vulnerabilities.

With a short deadline to the introduction of these major compliance requirements that will affect the majority of companies globally, you need to take action and start making plans to meet requirements.

Taking the right actions as soon as possible will be critical to your success.

Which organisations will be affected?

DORA

Banks and financial institutions, including third parties that provide information communication technologies services to banks, such as cloud platforms, data analytics services, and solutions from other IT partners and providers. Banks must ensure their own compliance to DORA and also take steps to verify the DORA compliance of any provider that handles digital financial data.

FCA CP19/32

Building Operational Resilience affects UK banks, building societies, Prudential Regulation Authority (PRA) designated investment firms, Solvency II firms, Recognised Investment Exchanges (RIEs), Enhanced scope Senior Managers & Certification Regime (SM&CR) firms and entities authorised or registered under the Payment Services Regulations 2017 (PSRs 2017) and/or the Electronic Money Regulations 2011 (EMRs 2011).

NIS 2

Any organisation with over 50 employees and an annual turnover of €10M+, as well as any organisation included in the original NIS Directive. Scope is also increased to include the electronic communications and digital services industries. While the legislation applies to the EU primarily, UK businesses need to prepare for the likely implementation of either the NIS 2 requirement, or a UK modified version.

Doing nothing is not an option...

Failure to comply with the new regulations can bring serious consequences.

NIS 2.0 Directive Fines

  • Up to €10 million or 2% of the entity’s global turnover, whichever is higher.
  • In severe cases, up to €20 million or 4% of the entity’s global turnover, whichever is higher.

DORA Non-Compliance Fines

  • Individuals, not just companies, can be fined, held accountable and be awarded possible custodial sentences.
  • For organisations: minimum 2% of average daily worldwide turnover for up to six months, with individual countries able and willing to increase the base rate of fines.
  • For individuals: maximum fine of €1M.

FCA CP19/32 consequences

Failure to comply with the Financial Conduct Authority puts you at risk of fines where there has been a breach of rules or market abuse. The FCA can also withdraw a firm’s authorisation. prohibiting individuals from carrying on regulated activities. suspending firms and individuals from undertaking regulated activities.

In addition to fines, the disqualification of being able to do business with other companies, or the reputational damage, could be severe.

Don’t get caught off guard.
Prepare now to comply with DORA and NIS 2 changing regulations.

Take the Proact approach to operational resilience, powered by Dell CyberSense

Proact have a simple seven-step approach that will ensure your organisation will reach compliance before the required deadlines:

1. Preparation

Assess the risks and vulnerabilities to your organisation's data and systems, identify critical assets and data, and determine the recovery objectives and strategies.

2. Backup

Establish a robust backup strategy that includes regular, secure backups of critical data, systems, and applications, both on-site and offline.

3 .Detection and Notification

The organisation should have a mechanism to detect any cyber-attack or data breach, and a notification process that involves alerting all necessary stakeholders, including IT and security teams, management and customers.

4. Containment and Recovery

Once the attack has been detected, it is crucial to contain the damage and prevent it from spreading further. This may involve isolating the affected systems, shutting down critical applications and starting the recovery process.

5. Investigation

After the attack has been contained, an investigation should be conducted to determine the cause, scope, and impact of the attack. This will help to identify any additional risks, vulnerabilities, or gaps in the organisation's security and recovery plans.

6. Remediation

The organisation should then implement remediation measures to address any identified weaknesses or gaps, such as implementing new security measures, patching vulnerabilities, or improving staff training and awareness.

7. Recovery

The final step is to restore critical systems and data from the backup and ensure that they are secure and functional. This may involve testing and validating the backup data and systems, as well as conducting additional security testing to ensure that the organisation is fully protected.

Why choose DELL technologies & Proact?

DELL are #1 globally in Data Protection. This allows Proact to leverage the best solution for your business needs and supply the service, so you can have confidence in your resilience.
Dell Cyber Recovery with CyberSense PowerProtect
Adding CyberSense analytics to the Dell Technologies PowerProtect Cyber Recovery vault enables an isolated copy of data to be recovered with a lower risk of contamination than live backups. CyberSense is fully integrated with Dell Cyber Recovery vault and uses machine learning and forensic tools to analyse and diagnose issues, determining the last good backup to restore while minimising disruption to the business.
DR versus cyber recovery diagram 1024x1024 v1

Proact Recovery Approach

The team will guide you through the process of being recovery ready, powered by Dell Technologies. 

  • 10+ years SOC (Security Operations Centre) services with 3 x UK SOCs
  • Mature BaaS (Backup as a Service) and DRaaS (Disaster Recovery as a Service) service and skillsets
  •  25+ years Cloud offerings
  • Strategic Managed Services partner
  • Fully managed Dell CyberSense provider

Contact

one of our specialists

By clicking Submit, I agree the terms and conditions outlined in the Proact Privacy Policy.