[Reading time: 12 seconds]
While we should regularly check our compliance with future legal obligations, including directives (e.g. NIS2) and regulations (e.g. DORA), we must never forget to regularly check our current security measures.
None of us wants to have to explain our inaction if a regulator ever knocks on our door.
But attackers are knocking on our door far more frequently than any regulator..
And our compliance with the law makes no difference to them!
If I was only checking 3 things for you, what would I check?
- I would check that every valuable account that is accessible online is protected with more than just a username and password.
- I would check that all of your valuable data and systems are backed up, that these backups are stored in a place that a ransomware attacker cannot access, and that these backups can be relied upon.
- I would check that the people who you rely on to manage your security on a day-to-day basis are not your weakest security link. After all, when it comes to your security doors, they have all the keys to your Kingdom.
In other words:
Don’t let your focus on DORA..
Distract you from your doors.