It’s DORA day! The EU financial services sector has been anticipating today since the Digital Operational Resilience Act was published in December 2022. DORA brings a significant shift to the sector in terms of how financial entities must manage risk linked to use of technologies, and it has created one

Continue Reading DORA: Navigating the New Era of Digital Operational Resilience in EU Financial Services

In a recent webinar forming part of DLA Piper’s ‘Digital Evolution in conversation with’ series, Kristof de Vulder caught up with Alessandro Ferrari, Linzi Penman and Conor McEneaney to discuss the scope and impact of the upcoming Digital Operational Resilience Act (DORA). They offered practical guidance to organisations dealing

Continue Reading Operational resilience: a look at your contracts and the impact of DORA 

First introduced in December 2020 by the European Commission, the European Cyber Resilience Act (“ CRA”) regulation was published in the Official Journal on November 20th. It will come into force on December 10, 2024, but will not be immediately applicable. Most obligations will only apply as from December

Continue Reading Navigating the European Cyber Resilience Act: key dates and obligations

This year, our DLA Piper Tech Index is global, and captures the views of an even wider cross section of organizations working in the technology space. The report itself contains fascinating and granular findings on a range of important topics, and we consider here the key points relevant for CGFR

Continue Reading Key insights from the Tech Index 2024 report

In Hungary, the NIS2 Directive was transposed in May 2023 following the adoption of Act 23 of 2023 on cybersecurity certification and cybersecurity supervision. Under the Hungarian legislation transposing the NIS2 Directive, domestic entities have until 30 June 2024 to register.

As the title of the new Hungarian legislation indicates

Continue Reading NIS2 Directive: The deadline for the registration of entities in Hungary is 30 June 2024

Since the enactment of Singapore’s Cybersecurity Act (Act) in August 2018, the digital battlefield has transformed dramatically. The nation’s move towards digitalisation has not only spurred the growth of Singapore’s digital economy but also brought new cyber threats and challenges to the fore.

Given this, the Cyber Security

Continue Reading Imminent Changes to Singapore’s Cybersecurity Act: New Obligations on Service Providers

BACKGROUND

The PRA, FCA and the Bank of England (the Regulators) have identified, for some time, the growing dependency of the UK finance sector on critical third parties who supply services to the finance sector (CTPs), including, in particular, the largest cloud service providers. The Regulators have

Continue Reading Operational Resilience in the UK Financial Services Sector: Proposed ‘Critical Third Party’ Regulations

The arrival of NIS2 is only one year away. With significantly enhanced requirements around cybersecurity management extending across the supply chain, increased reporting obligations in the case of cyber breach, and personal liability for senior management, working out whether or not an organisation will be in scope for NIS2 will

Continue Reading The NIS2 Enigma: who will be caught by the EU’s updated cyber requirements?

In March, the European Union Agency for Cybersecurity (ENISA) released a report, “Cybersecurity of AI and Standardisation,” which details the landscape of existing, planned, and considered standards pertaining to the cybersecurity of artificial intelligence (AI). The report identifies several gaps in existing approaches to protection of digital infrastructure

Continue Reading ENISA identifies gaps in approaches to the cybersecurity of AI