The real-world effects of EU’s DORA regulation on global businesses

In this Help Net Security video, Matt Cooper, Director of Governance, Risk, and Compliance at Vanta, discusses the EU’s Digital Operational Resilience Act (DORA) and its effects six months after it went into effect. DORA is the first EU-wide framework for managing ICT risk in the financial sector, designed to strengthen digital resilience and reduce systemic risk.

In this video, Cooper explains the main requirements of DORA, including risk management, incident reporting, resilience testing, and third-party risk oversight. He also looks at how these rules are reshaping the way financial institutions and technology providers operate, both in Europe and the U.S.

Cooper shares how DORA is influencing board-level governance, contract negotiations with cloud and SaaS providers, and cross-border compliance challenges. He highlights why global CISOs must act now to align processes, avoid losing business, and prepare for similar regulations emerging worldwide. This session offers practical insights for security leaders.