The Core of the Matter
This insightful session provided a detailed examination of the Digital Operational Resilience Act (DORA), Loi européenne sur l'IAet le NIS 2 Directive, crucial regulations reshaping how organizations approach compliance requirements and risk across Europe and beyond. Experts from BigID and Deloitte explored the key obligations, intersections, real-world implications, and actionable strategies for operationalizing compliance. In this webinar, you’ll discover how to strengthen operational resilience, implement AI risk controls, and align your data security and privacy practices with these evolving mandates, digital threats, and the new AI landscape.
Key Insights at a Glance:
- Financial Fortification is Now Law: DORA demands that financial entities establish robust IT security and resilience frameworks to withstand and recover from ICT disruptions.
- AI Accountability Arrives: The EU AI Act introduces a risk-based framework for AI, requiring organizations to classify AI systems and implement measures for safe, trustworthy, and human-centric use.
- Cyber Resilience Expands: NIS 2 broadens the scope of cybersecurity obligations, impacting a wider range of essential and important entities with stricter requirements for incident reporting and risk management.
Deep Dive: Understanding the Overlap
The webinar highlighted significant commonalities between DORA, the EU AI Act, and NIS 2. Accountability and control form a cornerstone of all three, emphasizing the need for organizations to understand their data, processes, and associated risks. Building business processes, conducting thorough risk assessments, and establishing clear internal and external reporting mechanisms are vital requirements. Furthermore, managing third-party risk emerged as a critical shared concern, requiring organizations to scrutinize their supply chains and data sharing practices. Transparency and the ability to provide timely notifications in case of incidents are also paramount across these regulations. The speakers also discussed how technology like BigID plays a crucial role in enabling organizations to meet these complex demands, offering solutions for data discovery, classification, réponse aux incidents, l'évaluation des risques, data lifecycle management, AI security, and automated compliance workflows.
Memorable Quotes
“Technology is a very, very important part of being able to manage compliance well… a prerequisite of being able to manage complex system landscapes and a more complicated regulatory landscape.” – Bart Witteman, Deloitte
“Risk management addresses all three regulations; you need to be able to distinguish between low and high-risk data. And it’s important to have a tool that can identify and label risk properly” – Gaetano Bisaz, BigID
“That’s why companies leveraging AI must meet these compliance obligations related to risk management, data governance, transparency, and IT security.” – Bart Witteman, Deloitte
“Building registers of processes of activities, and making sure that you assess them appropriately is very important, but also internally and externally, you can report on what you’re doing, so you can take ownership and responsibility.” – Bart Witteman, Deloitte
Poll Results & Insights
A poll question was launched asking the audience, “How would you rate your organization’s current compliance readiness across DORA, NIS2, and the EU AI Act?”
- 28% of the attendees have not started or made any progress
- A smaller portion (11%) of attendees reported being mostly compliant.
- 25% of attendees indicated they were still in the early stages of compliance.
- 35% of the audience is currently in progress with partial implementation
- No attendees reported being fully compliant and having operationalized all regulations.
This poll underscores the complexity of these regulations and the ongoing work required for organizations to achieve full compliance.
Ressources connexes
- Solution Brief: Mitigate Risk and Meet NIS2 Standards
- Blog: What is DORA? Adapting Safe Digital Technologies
- Report: How to Approach the EU AI Act
Watch On-Demand or Take Action
Missed the live discussion? Watch the full webinar on-demand here
Ready to see how BigID can help you meet these regulatory demands? Request a personalized demo today
Want to stay in the loop? [Subscribe to our newsletter→]
