The deadline for financial entities is looming – get actionable information and advice on DORA compliance with industry expert Paul Dwyer!

Welcome to Razorwire, your go-to podcast for cutting-edge insights and expert analysis in the world of information security. I'm your host, Jim, and in today's episode, we have the privilege of speaking with Paul Dwyer, a veteran in cybersecurity risk and compliance with over 30 years of experience and the head of the International Cyber Threat Task Force (ICTTF).

• In This Episode:**
• **Operational Resilience:** Learn about the fines and individual accountability for compliance failures under DORA and NIS2.
• **Governance Focus:** Increased attention on cybersecurity from governing bodies and the c-suite.
• **Risk-Based Approach:** Why regulations emphasize proportional, risk-centric controls over mere compliance.
• **Business Opportunities:** Opportunities for small and midsize players in offering compliance services against large cloud providers.
• **Regulatory Adaptability:** The need for DORA regulations to be adaptable to various organizational risks.
• **Training and Awareness:** The crucial need for thorough DORA awareness programs for all levels of staff, especially non-tech leaders.
• **Compliance Tools:** Introducing tools like CyberPrism and AI-based solutions for assisting organizations in DORA compliance.
• **Information Sharing:** The importance of peer-to-peer intelligence sharing and distinguishing it from mere information sharing.
• **Leadership Evolution:** The need for CISOs and other leaders to possess hybrid skills tying cybersecurity with business strategy and legal frameworks.
• Key Takeaways:** Real-world examples of compliance failures leading to significant fines and the importance of personal accountability at the boardroom level. How DORA and NIS2 regulations are evolving to include a risk-based approach, shifting the focus from mere compliance to a truly risk-centric perspective. New business opportunities that DORA presents for small and midsize players, including offering compliance services and challenging large cloud providers.
• Quote of the Day:**
• "Anybody can fill out a little compliance spreadsheet, oh, there we go tick, tick, tick, we're doing all that, it goes through. But those days are gone because you need to trust, verify everything, you need to get the evidence." - Paul Dwyer
• Other Episodes You'll Enjoy:**
• [Cybersecurity Burnout and Organisational Culture with Yanya Viskovich & Eve Parmiter](https://www.razorthorn.com/cybersecurity-burnout-and-organisational-culture-with-yanya-viskovich-eve-parmiter/)
• [The Art of Cyber Deception: How To Get Inside The Mind of A Hacker with Rob Black](https://www.razorthorn.com/the-art-of-cyber-deception-how-to-get-inside-the-mind-of-a-hacker-with-rob-black/)
• Connect with Your Host James Rees:**
• Hello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cybersecurity professionals dedicated to making a hacker’s life that much more difficult. Our guests bring you experience and expertise from a range of disciplines and career stages, providing various viewpoints for improving your cybersecurity.
• New Episodes Every Other Wednesday!**
• For more information or questions, email podcast@razorthorn.com. Need consultation? Visit www.razorthorn.com for a personalized, integrated approach to information security.
• Follow Us:**
• **LinkedIn:** Razorthorn Security
• **YouTube:** Razorthorn Security
• **Twitter:** @RazorThornLTD
• **Website:** www.razorthorn.com
• Listen to this episode on your favorite podcasting platform:** https://razorwire.captivate.fm/listen