AttackIQ has launched automated testing aligned with the Digital Operational Resilience Act (DORA). DORA is an EU regulation that came into force in January 2023. Organisations were given until January 2025 to prepare for enforcement.
This automated testing by AttackIQ is a significant step towards organisations being ready for the enforcement date. Any organisation not ready after that will face fines.
Carl Wright, Chief Commercial Officer of AttackIQ, said, “AttackIQ is committed to helping EU financial entities & critical 3rd party providers strengthen their defenses against targeted attacks and achieve DORA compliance with minimal disruption.
“Our DORA assessments streamline the process by automating emulations based on real-world attacker behaviors outlined in MITRE ATT&CK.”
What is DORA?
DORA aims to improve the resilience of organisations in the financial services industry. It does not just apply to banks and those offering financial services; it also applies to all third-party service providers.
In 2020, over 22,000 entities operated in the pan-European financial system. The European Systemic Risk Board (ESRB) is concerned that these are all heavily interconnected. In a 2020 report, it identified the risk of a cyberattack that could spread and impact the stability of the entire system.
To prevent this, DORA was created. It covers six main areas:
- ICT risk management
- ICT third-party risk management
- Digital operational resilience testing
- ICT-related incidents
- Information sharing
- Oversight of critical third-party providers
What is AttackIQ announcing?
Different parts of DORA bring a range of testing requirements. This is what AttackIQ has focused on. Its fully automated testing solution is designed to make it easier for organisations to meet their compliance requirements. In its announcement, AttackIQ calls out three key sets of testing. They are:
- Automated Threat Emulation: The DORA assessments execute the top tactics, techniques, and procedures (TTPs) employed by adversaries known to target financial services organizations. These TTPs reflect the latest intelligence and threat research into the top methods used by EU financial sector adversaries.
- Actionable Insights: The DORA Assessment Report provides comprehensive recommendations and mitigation strategies for any testing scenario that was not prevented. Recommendations are derived from the extensive knowledge base of the AttackIQ research team, enriched with insights from MITRE ATT&CK standards and industry best practices.
- MITRE ATT&CK Alignment: The DORA assessments align with MITRE ATT&CK, offering actionable insights in a framework leveraged by cybersecurity practitioners worldwide.
AttackIQ customers can get access to these automated tests through one of two test packages:
- DORA Basic assessment evaluates essential, minimum functionalities of controls, providing a foundational understanding of their effectiveness.
- DORA Advanced assessment utilizes more sophisticated and targeted TTPs to go beyond the scope of the Basic tests. It offers a more in-depth analysis.
Enterprise Times: What does this mean?
Testing is a critical part of any cybersecurity programme to meet compliance requirements. However, regular testing is expensive and increasingly complex. But organisations have no choice but to test or find themselves subject to increasingly large fines.
AttackIQ already offers its customers automated testing. Adding DORA to its packages expands its appeal to customers and gives it access to a whole new market. With just six months left until the EU begins to enforce DORA, the financial services industry across Europe needs to act quickly to ensure compliance. If not, its members are likely to face fines and other penalties.