Recognising the significance of operational resilience, economies are shifting emphasis from preparing for specific attacks such as ransomware to being prepared for any unforeseen circumstances. A notable example is the EU's Digital Operational Resilience Act (DORA), which lays down the requirements for the industry to prevent, detect, contain, and recover from incidents related to information and communication technology (ICT).
In today's complex and interconnected global financial ecosystem, financial firms face new and evolving risks. Increasing reliance on third-party service providers for software and infrastructure who often do not have the same legacy of robust cybersecurity standards as the financial sector means that financial firms cannot only rely on their existing abilities to thwart cyber attacks. They must be resilient; able to continue operating in the face of disruption that comes their way.
Operational resilience encompasses several traditional activities, such as business continuity and risk management, to ensure the company can stay agile in the risk landscape. As opposed to cybersecurity, which focuses on preventing and defending against cyberattacks, resilience is about maintaining operations in the face of such attacks.
