Our industry has been buzzing with key discussions on DORA compliance, third-party risks, legacy applications and the transformative world of AI. In this update, we’ll explore the latest advancements and solutions that can empower your organisation to thrive in the digital age.
DORA, the delightfully named Digital Operational Resilience Act, is the latest regulation to land in the laps of the UK’s financial services industries. Any organisation that works in the EU needs to adopt the stringent policies under the DORA legislation, from banks to building societies, from data reporting services organisations to, for the first time, IT Service Providers.
All is to be done by the 17th January 2025. The countdown has begun.
There are five areas covered under DORA, all risk-related, with a specific requirement that you not only document risks and procedures across your own company and that of your key suppliers but that you also have a tried and tested series of procedures as part of your Resilience Testing programme.
Whilst there is still some confusion about who falls under the DORA Programme, the European Commission has clearly drafted a robust series of obligations that must be met in twelve months.
In the same manner that we approached GDPR, Northdoor has built an initial “Welcome to DORA” programme with a workshop designed to help you map your existing systems onto the legislation needs, creating a “where are we now” standpoint.
DORA is a very extreme and thorough series of requirements, but without knowing where you are, it is very difficult to plan your route to meet your needs.
For more information about DORA, please get in touch with us.
In the good old days, it was perfectly acceptable that you work with suppliers on a handshake. There was an agreed system of supply, and suppliers were trusted with access to systems or data and more.
The GDPR programme was supposed to strengthen your organisation’s awareness of your suppliers’ potential risks, often managed by sending an annual questionnaire, which was usually returned, scanned over and filed away.
This traditional route had now been replaced, and with good reason.
There have been numerous breaches caused by third-party breaches, from MOVEit to Solar Winds, between them affecting tens of thousands of companies. In fact, third-party breaches account for 53% of all breaches (Ponemon Institute).
The age of trusting the responses on a spreadsheet, out of date the minute it was returned, is over.
Northdoor has a fully managed third-party risk solution, integrating bespoke questionnaires and independent cyber risk scores based on a hacker’s viewpoint of your suppliers’ domains. There are no agents to deploy, and there is continuous feedback available within 24 hours. Access to a dashboard showing real-time points of weakness in your suppliers’ domains, right down to server name/IP address and much more. All are available as a managed service from £12,000 a year.
For a free trial to review two of your critical suppliers, please contact us.
We all have them, written 10+ years ago by someone in IT who has left/retired yet is still a critical part of the business. Gupta? Progress? C+? PowerBuilder?
They are all out in the business world, running merrily until they break. So, what to do?
Modernising is always an option, but it takes time and money, lots of money. Running the application with little or no knowledge is a business risk.
With over 40 consultants experienced in a broad range of technologies, we are adept at understanding, documenting and supporting legacy applications to allow you to breathe easier.
For more information, please get in touch with us.
What does work look like with AI?
So, depending on the viewpoint you read, artificial intelligence is either the saviour of mankind or its downfall. Sides of the argument are being formed, and as has often been the case in recent times, views are increasingly polarised.
There is a common middle ground for those involved in IT and IT projects. AI has its place, and if controls are set up, it can bring value to organisations.
Interestingly, an article from the Institute of Customer Service states that satisfaction with chatbots has fallen to its lowest level for almost a decade, citing an issue with a cycle of doom when clients become frustrated when the bot needs to be told repeatedly that they need further assistance, preferably from a human.
Such instances might make headlines, but quite simply, AI is here to stay. However, it needs to be pointed in the right direction to make the most of its talents.
Microsoft’s recent announcement that Office 365 will have access to its Copilot enhancements highlights how AI can improve user efficiency. Both powerful and easy to use, the copilot is revolutionary in its approach to enhancing the world’s leading office solutions.
From business chat using natural language to query 0365 apps to AI-designed presentations, all with minimal effort. It will not always be correct the first time around, but it will provide a strong starting point.
For more information on how Microsoft Copilot can help your business, click here or contact us.
Subscribe to our newsletter to get the very latest insights and updates in the world of enterprise IT and data security: