Connect with us

Business

Building Digital Resilience: The Roadmap to DORA Readiness 

Source: Finance Derivative

Rob Otto, EMEA Field CTO at Ping Identity

As we edge closer to the January 2025 deadline for the Digital Operational Resilience Act (DORA), the sense of urgency for organisations in the financial services sector to ready themselves is palpable. DORA marks a watershed in regulatory standards, stressing the essential need for these institutions to bolster their defences against digital disruption.

At its core, DORA is designed to ensure the financial sector’s digital infrastructure is robust enough to withstand and recover from technological disruptions. However, the journey to DORA compliance is shadowed by past incidents, like the massive cyberattacks on financial institutions, which have exposed millions of customer records, and system outages that left customers without access to banking services for days. Adding to the complexity, many firms struggle with legacy systems ill-suited to modern cybersecurity demands and a threat landscape that evolves more rapidly than they can adapt. This backdrop makes the path to readiness challenging yet non-negotiable, emphasising the urgent need for action.

There will be certain intricacies as organisations navigate DORA compliance. This act, with its profound repercussions for how we manage costs, spur innovation, and sustain profitability, is a wakeup call for finance firms. The prospect of large-scale cyberattacks warrants a big shift to how they proactively and reactively defend their business and their customers. 

Understanding DORA

DORA sets forth stringent requirements for financial entities. All 22,000 of them, including banks, insurance companies, and investment firms, not to mention the growing third-party ecosystem, must all focus on risk management, reporting, and testing of ICT systems. The Act forms part of the EU’s wider Digital Finance Package that is designed to give consumers protection and financial stability.

For stakeholders, DORA introduces a dual challenge: adhering to rigorous standards while continuing to innovate and compete in a rapidly evolving digital landscape. This balancing act is crucial, as we’ll discuss later, non-compliance not only risks regulatory sanctions but can also undermine consumer trust and corporate integrity.

Considering these challenges, it’s essential for organisations to understand the specific demands of DORA, including the need for a comprehensive risk management framework, detailed incident reporting procedures, and regular IT system testing. Such measures are not just regulatory obligations, but are pivotal in fortifying operational resilience and safeguarding against potential financial and reputational losses.

The importance of compliance

DORA compliance is more than a checkbox for regulatory adherence. It’s a strategic pivot toward ensuring enduring trust and maintaining a pristine reputation in a time where digital setbacks are inevitable realities rather than just possibilities.

This strategic imperative is vital for financial organisations as the resilience of their ICT systems not only dictates their ability to navigate challenging regulatory environments, but also reinforces their market standing by evidencing a steadfast commitment to operational excellence and the safeguarding of customer trust.

Practical steps towards compliance

Achieving compliance with DORA requires a structured approach, beginning with a thorough assessment of the current state of an organisation’s digital operational resilience. This assessment should consider four key elements to identify gaps in compliance and areas for improvement in risk management frameworks, incident reporting mechanisms, and IT system testing.

1. Develop a compliance roadmap: Outline a detailed plan that addresses identified gaps, allocates resources, and sets clear timelines for compliance milestones.

2. Enhance risk management frameworks: Integrate DORA’s requirements into existing risk management processes, ensuring digital operational risks are adequately identified, assessed, and mitigated.

3. Establish robust incident reporting procedures: Implement mechanisms for the timely detection and reporting of IT-related incidents, in line with DORA’s requirements.

4. Conduct regular IT system testing: Schedule and execute regular testing of IT systems to evaluate resilience against disruptions. This testing should be both thorough and reflective of real-world scenarios.

Leveraging digital identity for DORA readiness

Digital identity plays a pivotal role in establishing strong cybersecurity and business recovery strategies. By securing digital identities and transactions, organisations can significantly mitigate the risk of disruptions caused by cyber threats—a key component of digital operational resilience. Identity and Access Management (IAM) is critical in bolstering cybersecurity and aiding compliance, managing secure access, and protecting data. Here’s how:

– Authentication and access management: Implementing strong authentication and access management controls ensures that only authorised users can access critical systems, reducing the risk of breaches and disruptions.

– Automated compliance reporting: Leveraging digital identity solutions can automate the generation of compliance reports, making it easier for organisations to meet DORA’s reporting requirements.

– Enhanced incident response: Digital identity platforms can facilitate rapid detection and response to security incidents, a crucial component of DORA’s incident management requirements.

Final remarks

2025 will mark a milestone for financial service providers on a long-term journey towards digital supremacy and robustness. It’s perhaps one they might not have realised was completely necessary before the Act was imposed, nonetheless, the directives laid down by DORA, while stringent, will help them to navigate the digital perils of today and arm themselves against tomorrow’s uncertainties.

Adopting the DORA mandates is more than a regulatory exercise; it’s an opportunity to fundamentally rethink our digital operational strategies. It challenges us to look beyond compliance as a mere requirement, viewing it instead as a lever for strategic advancement and innovation.

For those of us steering these financial institutions, it’s time to reflect and act. Consider how we can extend our ambitions beyond the baseline of DORA compliance to redefine our digital operational ethos. And how we can embrace DORA’s principles as a catalyst for continuous innovation and improvement within our realms.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Business

Driving Business Transformation Through AI Adoption – A Roadmap for 2024

Author: Edward Funnekotter, Chief Architect and AI Officer at Solace

From the development of new products and services, to the establishment of competitive advantages, Artificial intelligence (AI) can fundamentally reshape business operations across industries. However, each organisation is unique and as such navigating the complexities of AI, while applying the technology in an efficient and effective way, can be a challenge.

To unlock the transformational potential of AI in 2024 and integrate it into business operations in a seamless and productive way, organisations should seek to follow these five essential steps:

  • Prioritise Data Quality and Quantity

Usefulness of AI models is directly correlated to the quantity and quality of the data used to train them, necessitating effective integration solutions and strong data governance practices. Organisations should seek to implement tools that provide a wealth of clean, accessible and high-quality data that can power quality AI.

Equally, AI systems cannot be effective if an organisation has data silos. These impede the ability for AI to digest meaningful data, and then provide the insights that are needed to drive business transformation. Breaking down data silos needs to be a business priority – with investment in effective data management, and an application of effective data integration solutions.

  • Develop your own unique AI platform

The development of AI applications can be a laborious process, impacting the value that businesses are gaining from them in the immediate term. This can be expedited by platform engineering, which modernises enterprise software delivery to facilitate digital transformation, optimising developer experience and accelerating the ability to deliver customer value for product teams. The use of platform engineering offers developers pre-configured tools, pre-built components and automated infrastructure management, freeing them up to tackle their main objective; building innovative AI solutions faster.

While the development of AI applications that can help streamline infrastructure, automate tasks, and provide pre-built components for developers is the end goal, it’s only possible if the ability to design and develop is there in the first place. Gartner’s prediction that Platform Engineering will come of age in 2024 is a particularly promising update.

  • Put business objectives at the heart of AI adoption – can AI deliver?

Any significant business change needs to be managed strategically, and with a clear indication of the aims and benefits they will bring. While a degree of experimentation is always necessary to drive business growth, these shouldn’t be at the expense of operational efficiency.

Before onboarding AI technologies, look internally at the key challenges that your business is facing and question “how can AI help to address this?” You may wish to enhance the customer experience, streamline internal processes or use AI systems to optimise internal decision-making. Be sure the application of AI is going to help, not hinder you on this journey

Also remember that AI remains in its infancy, and cannot be relied upon as a silver bullet for all operational challenges. Aim to build a sufficient base knowledge of AI capabilities today, and ensure these are contextualised within your own business requirements. This ensures that AI investments aren’t made prematurely, providing an unnecessary cost.

  1. Don’t be limited by legacy systems

Owing to the complex mix of legacy and/or siloed systems that organisations employ, they may be restricted in their ability to use real-time and AI-driven operations to drive business value. For example, IDC found that only 12% of organisations connect customer data across departments.

Amidst the ‘AI data rush’ there will be a greater need for event-driven integration, however, only an enterprise architecture pattern will ensure new and legacy systems are able to work in tandem. Without this, organisations will be prevented from offering seamless, real-time digital experiences, linking events across departments, locations, on-premises systems, IoT devices, in a cloud or even multi-cloud environment.

  • Leverage real-time technology

Keeping up with the real-time demands of AI can pose a challenge for legacy data architectures used by many organisations. Event mesh technology – an approach to distributed networks that enable real-time data sharing and processing – is a proven way of reducing these issues. By applying event-driven architecture (EDA), organisations can unlock the potential of real-time AI, with automated actions and informed decision making using relevant insights and automated actions.

By applying AI in this way, businesses can offer stronger, more personalised experiences – including the delivery of specialised offers, real-time recommendations and tailored support based on customer requirements. An example of this is in predictive maintenance, in which AI is able to analyse and anticipate future problems or business-critical failures, ahead of them affecting operations, and dedicate the correct resources to fix the issue, immediately. By implementing EDA as a ‘central nervous system’ for your data, not only is real-time AI possible, but adding new AI agents becomes significantly easier.

Ultimately, AI adoption needs to be strategic, avoiding chasing trends and focusing instead on how and where the technology can deliver true business value. Following the steps above, organisations can ensure they are leveraging the full transformative benefit of AI and driving business efficiency and growth in a data driven era.

AI can be a highly effective tool. However, its success is dependent on how it is being applied by organisations, strategically,  to meet clearly defined and specific business goals.

Continue Reading

Auto

Preparing for the Surge: Meeting the MCS Requirements of Electric Trucks

John Granby, Director of eTruck & Van, EO Charging and Erik Kanerva, Sales Director at Kempower

Auto electrification is moving at a rapid pace, with electric vehicles (EVs) going from a passion project for early technology adopters to the mainstream – especially when you consider the need to electrify consumer and commercial vehicles ahead of the government’s 2035 Zero Emission Vehicle mandate.

Electrification is also starting to play a vital role in public policy and commercial plans, leading to vehicle availability and a variety of improvements and increasing interest among commercial fleets’ prospective customers. As a result, all of the main car and van manufacturers have a respectable EV offering, and the eBus industry is well on its way to proposing a similarly credible offering for citizens.

Heavy-duty vehicle electrification has progressed slowly, but the pace has picked up over the last year, with several of the major truck manufacturers testing completely electric heavy trucks that are now near-ready to enter the general market.

This is a critical shift in the move towards net zero, given that heavy commercial vehicles account for around 25% of CO2 emissions from road transport emissions in the EU and approximately 6% of the region’s overall emissions. It’s a similar situation in the US, where medium and heavy-duty trucks account for around 29% of total road transport emissions or approximately 7% of the country’s total but make up fewer than 5% of all vehicles on the road.

Having clear goals and objectives in place for fleet electrification will be vital to ensuring the transport sector is on track. For example, Scania’s goal is that 50% of all vehicles it sells annually by 2030 will be electric. Despite Scania being the slowest into the market with battery electric vehicles, other vehicle manufacturers are following the same target, with Volvo Trucks setting itself a target for 50% fully electric vehicles by 2030 and the same with Renault, for example.

Meeting this ambitious goal will require the appropriate charging infrastructure in place so customers have the confidence to invest in the large-scale electrification of their fleets. That is one of the reasons why charging system manufacturer Kempower expects the commercial vehicle DC charging market in Europe and North America to have a 37% compound annual growth rate until 2030.

Trucks require substantial battery packs to provide a similar range as traditional engines, and having the right infrastructure in place to keep them regularly charged is certainly a key factor to consider when electrifying truck fleets. According to the European Automobile Manufacturers’ Association (ACEA), trucks will require up to 279,000 charging outlets by 2030, with 84% located in fleet hubs. By 2030, buses will require up to 56,000 charging outlets, with fleet hubs accounting for 92% of the total.

The Charging Interface Initiative (CharIN) is a global organisation that has been working on a standard for the rapid charging of trucks for several years. CharIN developed the Megawatt Charging System (MCS) concept, which serves as the foundation for the ISO and IEC standards which govern the design, installation, and operation of truck fast charging infrastructures.

The MCS is intended to standardise the quick delivery of enormous amounts of charging power to vehicles and provide stronger communication, which minimises downtime caused by unsuccessful charging events.

Customers who drive commercial vehicles follow particular driving habits. By taking advantage of the required break time from the hours-of-service restrictions governing their drivers, customers can travel further each day thanks to the increased charge rate that MCS offers. Better electrification of commercial cars is made possible by legislation that mandates that drivers take rest breaks. As a result, shorter charging durations to accommodate these breaks are beneficial.

The MCS will operate at up to 3,000A and 1,25 KV at its final development stage, delivering up to 3,75 MW of power when charging. With the backing of a significant segment of the industry, MCS is founded on an international consensus on technical standards. An internationally recognised standard is essential to promote harmonised solutions that reduce costs and boost interoperability without sacrificing safety and uptime.

Trucks on the highway are a key focus of the MCS, not only depot pricing. Large truck units operating long-haul routes and some smaller rigid trucks operating cross-border short-haul deliveries—such as logistics organisations operating deliveries between the United Kingdom and continental Europe—pay particular attention to this issue.

Most MCS charging occurs while drivers take breaks from their routes, but some depots may have a single MCS charger on site to do a flash charge if a truck needs to be turned around quickly. In order to balance this unit’s demand against other chargers on site, load management is crucial because it will require a power supply of at least 1 MW+.

Fleet operators should look to consider incorporating MCS into their whole charging ecosystem and solutions, regardless of whether they are thinking about how electrification will affect their fleet of vehicles on the road or how their depots will operate.

Adopting cutting-edge energy management technology solutions will enable effective fleet electrification, particularly at depots. Investing in effective load management technologies will be critical to maximising existing grid infrastructure capacity while decreasing the need for additional investments in generation or distribution capacity.

Investing in and deploying effective energy management technologies is the key to a smoother, more efficient shift for commercial fleet operators. They are critical in lowering energy expenses, both economically and environmentally.

Energy management solutions for charging electric fleets will also help maximise existing grid capacity, reducing the need to invest in new generation or distribution capacity. This will be an essential factor for fleet managers to consider as eTruck fleets expand and other commercial vehicle fleets, such as buses, increase demands on infrastructure.

With unprecedented energy and investment going into electrification, 2024 looks to be a pivotal year for picking up the momentum of progress around MCS in the logistics sector. If done right, it will create a shift of optimism in the market to accelerate the electrification of commercial fleets and promises to positively impact other sectors, such as marine and aviation, contributing significantly to reducing carbon emissions.

Continue Reading

Business

Three ways beauty and personal businesses can gain back lost revenue due to admin, ahead of summer

Attributed to: Samina Hussain-Letch, Executive Director, Square UK

The entrepreneurial beauty and personal care sector in Britain amounts to a whopping 36 billion pounds, but the pressure of manual labour endured by business owners is an obstacle for converting revenue and growth.

Our recent industry study highlights that nearly half (43%) of British barbers, spas, nail salons, personal trainers, tattoo parlours, and piercing studios are not using digital platforms or tools to automate bookings, ultimately losing over a full working day each week to administrative tasks alone. This equates to approximately two months lost per year, to manual admin tasks for beauty and personal care businesses.

We’ve listed three ways beauty and personal care businesses can gain back revenue ahead of summer:

  • Detoxing manual admin

Admin tasks are the equivalent to Pandora’s box for beauty and personal care businesses. The tasks may constitute using paper diaries to schedule appointments, manually rescheduling appointments, or taking bookings and sending reminders by message or phone call.

These seemingly minor chores can be a large time drain for businesses that rely on manual processes. The research found filing down time between client appointments to be one of the most difficult challenges, with 39% of the sector facing this over the last year, alone.

Businesses should identify how they could set timings to the specific duration of each service and still build in cleaning time after the appointment. Digital tools like an appointment booking software play a crucial role. By automating manual admin, owners can offer bookings with a wide booking window, allowing them to spend devoted time on each customer, resulting in the allowance to foster a loyal relationship that will keep them coming back, while giving their workforce time to clean up after the appointment.

  • Tapping into the power of technology

The solution here may sound simple, but business owners should again lean on technology to transform manual labour.

With time back, salons can give their workforce time to speak to customers on what other services they can offer to expand business offerings.

With the integration of tech tools for beauty and personal care businesses, nearly half (48%) of business owners would like staff to treat themselves to finishing work on time, while identifying new training for their team. Adopting a technology solution can unlock efficient management for businesses as appointments can be booked online and reminders can be sent using the software.

With the research showing that 42% of consumers want to book appointments on the weekend or after hours, working with the software promises ease for customers that are looking to make reservations after businesses are closed for the day.  But how can beauty and personal care business owners look to drive up their revenue when switching to an appointment software?

  • Driving up the revenue road

Our research also highlighted that only 1 in 5 of beauty and personal care businesses are automating marketing campaigns or inventory management. This sheds light that not all beauty and personal care businesses are optimising their toolset.

The time gained back from using automated appointment software allows businesses to think more strategically about marketing and pricing. Integration of an automated software readily links up with an online store that allows salons to not only manage inventory more effectively, but offer new products to clients on different channels of their choice.

With new offerings, businesses have extra opportunities and routes to drive up revenue. Selling products online is a sure-fire way of creating new business, as well as keeping their back end organised and offering consumers more options when it comes to buying products that are used within or after their appointment – as take home collateral.

Having an automated booking software for beauty and personal care businesses is a great way to unlock further revenue, train a workforce with time back, spend more time connecting with clientele and ensuring the business is driving bookings even while the salon is closed. It’s a win-win situation that will position businesses for success this year. Because as we all know, a business is only as successful as their customer satisfaction.

Continue Reading

Copyright © 2021 Futures Parity.