DORA does not specifically mention escrow as an effective balancing act for stressed exit programs, but that does not mean escrow is not a solution. “Remember, DORA is technology agnostic and can’t say the solution, but there’s a clear reason why the likes of PRA, OCC, RBI, and MAS are all escrow names: It works,” Scott said.
Regardless of the priorities set by the organization, it is important to have a multidisciplinary team where technical staff play a central role, and CISOs should represent this. That way, compliance and security measures can go hand in hand. Focusing only on a top-down compliance approach without involving technical staff may create problems on the ground, according to Beltug, Belgium’s largest association of CIO & Digital Technology leaders.
If getting ready for this Act seems overwhelming, hiring the right people and bringing in legal and legal advice can help. Brandon says that once “there’s a good understanding of what’s out there, it will be easier to build an internal team from the relevant departments, such as infosec, compliance, procurement, and legal.”
Source link