Ensure enhanced operational resilience
Ensure your business will have the processes and technology in place when the legislation comes into force in 2024.
Preparing for compliance to new cybersecurity regulations needs time, effort and investment.
Cyberattacks that are designed to destroy, steal or otherwise compromise your valuable data –including your backups – are increasing in frequency and cost. Protecting your critical data and recovering it with assured integrity is key to resuming normal business operations post-attack – and the sooner you act, the better.
Which organisations will be affected?
What are organisations required to do?
Cyberattacks that are designed to destroy, steal or otherwise compromise your valuable data – including your backups – are increasing in frequency and cost. Protecting your critical data and recovering it with assured integrity is key to resuming normal business operations post-attack.
NIS 2 Requirements
Risk assessment and management
Communication and cooperation
Security awareness and training
Supply chain security
ICT risk management and governance
ICT incident classification and reporting
Digital operational resilience testing
ICT third-party risk management
ICT third-party providers oversight framework
FCA CP19/32 Requirements
Firms must have performed mapping and testing of their important business services
Firms must also have identified any vulnerabilities in their operational resilience.
Doing nothing is not an option...
Failure to comply with the new regulations can bring serious consequences.
NIS 2.0 Directive Fines
Up to €10 million or 2% of the entity’s global turnover, whichever is higher.
In severe cases, up to €20 million or 4% of the entity’s global turnover, whichever is higher.
FCA CP19/32 consequences
Failure to comply with the Financial Conduct Authority puts you at risk of fines where there has been a breach of rules or market abuse.
The FCA can also withdraw a firm’s authorisation. prohibiting individuals from carrying on regulated activities. suspending firms and individuals from undertaking regulated activities.
In addition to fines, the disqualification of being able to do business with other companies, or the reputational damage, could be severe.
DORA Non-Compliance Fines
Individuals, not just companies, can be fined, held accountable and be awarded possible custodial sentences.
For organisations: minimum 2% of average daily worldwide turnover for up to six months, with individual countries able and willing to increase the base rate of fines.
Take the Proact approach to operational resilience.
Proact have a simple seven-step approach that will ensure your organisation will reach compliance before the required deadlines:
Cyber recovery round table exercise
In the event of a cyber incident, it’s critical in your business has the right technology and processes to be able to recover as fast as possible; and your staff are prepared.
Cyber event management is a collaborative effort for your organisation that IT cannot manage alone; you need to prepare expectations of what services IT will perform, and what other business functions need to perform.
Using the NCSC (National Cyber Security Centre) recommended scenarios, we have created our round table exercise to look at your business awareness and technical testing.
A security posture that doesn’t just rely on resilience
Any organisation shouldn’t rely on their operation resilience for their security posture; you should look to stop a potential threat ever reaching your recovery solution in the first instance. That’s secure by design.
At Proact we can fully manage your security posture across 5 core areas. Using our two 24/7 Security Operation Centre’s (SOC) to fill any gaps in resources, skills and technology to provide around-the-clock cyber defence.
Managing security risk
Protecting against cyber attack
Detecting cyber security events
Minimising the impact of cyber security incidents
We’ve got your back!
With deadlines fast approaching, Proact can help you plan and execute an optimum, tailored approach to DORA, NIS2 and Operational Resilience compliance.
- Assess your current position
- Define and plan what it will take for you to reach compliance
- Help you implement your plan
- Routine testing and plan reviews, to ensure it still meets your business needs.
The time to act is now to ensure compliance before the deadline. Turn your operational resilience into a competitive advantage.
one of our specialists