Cometh’s Post

🆕Latest from CISA🆕 The Department of Homeland Security and CISA have announced a significant advancement in enhancing U.S. cybersecurity through the Notice of Proposed Rulemaking (NPRM), mandated by the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). This initiative aims to augment CISA's capability in real-time pattern identification, critical information gap bridging, and swift deployment of resources to cyber-attacked entities by leveraging reported data on cybersecurity incidents and ransomware payments. 📰 The NPRM, set to formally publish in the Federal Register, opens a 60-day public commentary window to refine and finalize the rule, emphasizing the importance of rapid incident reporting for national protection and trend analysis. To read more about CIRCIA, check out the link here 👉 https://buff.ly/499jKb2 🤝 Homeland Security Secretary Alejandro N. Mayorkas and CISA Director Jen Easterly highlighted CIRCIA's transformative potential in spotting trends, aiding cyber incident victims, and facilitating information sharing to prevent future attacks. They stressed the collaborative effort behind the proposed rule and invited further public and private stakeholder feedback to enhance the final regulation. CISA's proactive engagement with stakeholders since September 2022 through Requests for Information and listening sessions has shaped the NPRM, with the ongoing feedback process aimed at maximizing CIRCIA's effectiveness in national cyber risk reduction. 📣 After you've read through the details, share your thoughts with us in the comments below about this latest initiative. ❓ What benefits do you think this can bring to our national security approach? ❓ What more would you like to see enacted? #CISA #NPRM #CIRCIA #initiative #DHS #riskmitigation #vulnerabilitymanagement #collaborativeeffort #cybersecurity #threatmitigation #riskmanagement

Great to see our Quod Orbis CEO, Martin Greenfield, commenting on the role of frameworks when it comes to preparing for the DORA January 2025 deadline. DORA introduces crucial elements around third-party risk management, which is vital for ensuring comprehensive IT resilience. With incidents like the recent CrowdStrike outage demonstrating the impact of third-party failures, it's clear that addressing these risks is not just a regulatory requirement but essential for business continuity. Learn more about how businesses can prepare: https://lnkd.in/eHies_Re #DORA #ISO27001 #ThirdPartyRisk #FinancialServices #OperationalResilience

📅 In just six months, the European Union’s Digital Operational Resilience Act (DORA) will come into force, ensuring the financial services sector and its IT suppliers can function during a cyber attack or IT outage. As European financial institutions and third-party IT vendors prepare for DORA’s introduction, Nicholas Fearn looks at: ✅ Key requirements and their impact on an organisation’s day-to-day operations ✅ The importance of implementing a robust IT risk management strategy and performing due diligence on your suppliers ✅ How the ISO 27001 framework provides a baseline for managing cyber risk for businesses preparing for DORA. Learn how you can bolster your information security and prepare for the implementation of DORA 👇 https://lnkd.in/eJuwHNAs 🗣️ Rayna Stamboliyska- RS Strategy, Crystal Morin- Sysdig, Graham Thomson- Irwin Mitchell, Martin Greenfield- Quod Orbis, Sean W.- Featurespace, Marc Lueck- Zscaler #DigitalOperationalResilienceAct #InformationSecurity #FinancialServicesSecurity #Cybersecurity #DORA

🚨 Navigating Cybersecurity in Financial Services: The Role of DORA 🚨 In today's interconnected world, financial institutions play a crucial role in servicing the public. However, this crucial responsibility also makes them prime targets for cyber attacks. The Digital Operational Resilience Act (DORA) has emerged as a game-changer in strengthening our defenses. By integrating and reinforcing existing regulations, including EBA guidelines and NIST frameworks, DORA offers a comprehensive approach to cybersecurity. Here's why DORA is pivotal: 🔐 Unified Framework: It consolidates multiple regulations into a single, robust framework, ensuring a coherent and streamlined approach to cybersecurity. 📈 Enhanced Resilience: DORA mandates stringent provisions for operational resilience, pushing financial entities to fortify their defenses against evolving threats. 🔍 Holistic Oversight: It emphasizes the need for regular testing, reporting, and continuous improvement, making institutions more resilient and responsive to potential cyber threats. As we move forward, DORA stands as a critical measure in safeguarding the integrity of our financial systems and ensuring the safety of the public. Let’s embrace these regulations and work together to bolster our cyber defenses. #Cybersecurity #DORA #FinancialServices #OperationalResilience #EBA #NIST #Compliance #RiskManagement

I'm thrilled to announce that I will be speaking at #RISK Digital, hosted by GRC World Forums! This time I will be moderating an exciting and forever important topic of "Cybersecurity in Critical Infrastructure: Lessons from the UK and EU" together with Francesco Capparelli, Emma Green and Ben A. Our panel discussion will be live in the digital wires from 11:00 AM to 11:30 AM - 18th September 2024. Focused on the protection of critical infrastructure, this panel will cover recent cyber threats and incidents in the UK and EU, strategies for securing essential services and the role of public-private partnerships in enhancing resilience against cyberattacks. The discussion will also delve into the implications of the #NIS2 Directive and the Digital Operational Resilience Act (#DORA), examining how these regulations are shaping the cybersecurity landscape. Register here: https://lnkd.in/gycHGkTN More details: https://lnkd.in/gYKnksZm Join us for insightful discussions on the latest trends, challenges, and solutions in governance, risk management, and compliance. Don't miss this opportunity to learn from industry experts and enhance your organisation's risk strategies. See you there! #RISKDigital #RiskManagement #Privacy #Security #Regulations #GRC #AI #Regtech #CSFI #CriticalInfrastructure #cybersecurity

🔍 DORA: What You Need to Know Before D-Day and Beyond Are you ready for January 2025? With just six months left, it's crucial for every payments firm operating in the EU to comply with the Digital Operational Resilience Act (DORA). Our partner, Vixio Regulatory Intelligence, has prepared a DORA Guide to help payments firms prepare to implement the five pillars of DORA: 1. ICT Risk Management 2. Incident Reporting 3. Digital Operational Resilience Testing 4. Management of Third-Party Risk 5. Information Sharing In an era of digital transformation and rising cyber threats, robust cybersecurity measures are more important than ever. DORA provides a structured framework to enhance your organisation's digital resilience. Check out the guide to ensure you're prepared for DORA-Day and beyond. 📥 https://lnkd.in/g6VG8mR7 #DORA #DigitalResilience #Cybersecurity #ICTRiskManagement #IncidentReporting #OperationalResilience #ThirdPartyRisk #InformationSharing #DigitalTransformation #Compliance #EURegulations

#ICYMI: Our VP of Clinical Safety, Bette McNee and Cyber Practice Leader, Margaux Weinraub, CPCU, ARM, CPLP, CCIC were highlighted in the June 2023 issue of Healthcare Risk Management via Relias. Bette discusses the factors behind the rise in sentinel event reports, while Margaux explores the debate among cybersecurity experts on the confidentiality of breaches. Check out the full articles here > https://lnkd.in/eJPVZaPH https://lnkd.in/ePtMct6a

The European Union's Digital Operational Resilience Act (DORA) mandates heightened focus on third-party risk, resilience, and testing for financial entities. The new regulations bring technical controls ambiguity, necessitating a comprehensive understanding of cybersecurity frameworks for compliance. Organizations need to prioritize aligning with DORA requirements, enhancing their resilience strategies, particularly in assessing and managing third-party risks and conducting regular testing. Stay ahead by proactively addressing technical control challenges to strengthen operational resilience and maintain regulatory conformity in the evolving cybersecurity landscape.

Six steps to protecting your assets and positioning your enterprise for future triumphs and robust cyber resilience. DORA is more than meeting legal requirements—it's about actively safeguarding, solidifying, and advancing your business in a digital-first era. 👾 As digital transformation accelerates, aligning with DORA isn't just about dodging disasters; it's a smart strategy that sets your business on a path to sustained growth and innovation. David Thomas, Head of Cyber Resilience at ITHQ, shares 6 reasons why embracing DORA is a smart move for all businesses: 1. Staying Ahead with Best Practices 2. Lower Insurance Premiums 3. Ensuring Business Continuity 4. Compliance Pays Off 5. Attracting Investment 6. Safeguarding Innovation Read the full article here: https://lnkd.in/ecSUyAa4 #DORA #DigitalOperationalResilienecAct #CyberResilience #Protect #DigitalEra 

📊 Is your business ready for #DORA? The Digital Operational Resilience Act is coming, and it's set to shake things up in the financial sector! ▶ Did you know? DORA aims to create a unified approach to #DigitalResilience across the EU financial sector. It's not just another regulation - it's a game-changer! 💡 Our CEO, Rayna Stamboliyska, recently shared some eye-opening insights on the challenges businesses face in preparing for DORA implementation. Here's what you need to know: • DORA aims to strengthen the IT security of financial entities • Many businesses are struggling with the complexities of compliance • Expert knowledge is crucial for navigating these new regulations 👉Want to learn more and learn from industry leaders? Check out ISMS.online's latest article: https://lnkd.in/eJuwHNAs 🤝As leaders in regulatory compliance, we're here to help you stay ahead of the curve. Contact us and let's build better together! #FinancialRegulation #Cybersecurity #BusinessCompliance