A survey by Veeam Software has uncovered that 96% of financial services organisations in the EMEA region believe their data resilience is lacking.
The survey gathered insights from senior IT decision-makers at financial services firms in the UK, France, Germany, and the Netherlands regarding challenges in adapting to DORA, an EU framework set for January 2025 to bolster defences against cyber threats. While 94% of organisations prioritise DORA more than before the deadline, many face obstacles:
- Increased stress on IT and security teams (41%);
- Rising costs from ICT vendors (37%);
- Regulations hindering innovation (22%);
- Lack of budget for compliance (20%).
Despite prioritising DORA, organisations struggle with:
- Lack of recovery and continuity testing (24%);
- Absence of incident reporting (24%);
- No designated DORA implementation lead (24%);
- Unconducted digital operational resilience testing (23%);
- Unverified backup integrity and secure recovery (21%).
The most challenging requirement is third-party risk oversight, with 34% citing it as difficult, though 20% have not implemented it due to visibility issues into third-party operations.
Data Resilience Maturity Model - DRMM
22% of organisations believe DORA's design could be improved for better compliance, calling for simplification and increased third-party risk guidance. In response, Veeam and McKinsey launched the Data Resilience Maturity Model (DRMM), based on insights from over 500 IT and operations leaders. This framework helps organisations assess their data resilience and integrates IT, security, and compliance into a unified strategy, increasing resilience and ensuring DORA compliance. The Veeam DORA Confidence Survey, conducted by Censuswide, included 404 senior IT decision-makers from financial services in the UK, France, Germany, and the Netherlands.
Veeam aims to ensure businesses can confidently recover from disruptions through "radical resilience." Their solutions focus on data resilience, offering backup, recovery, portability, security, and intelligence. This provides IT and security leaders with assurance that their apps and data are protected and accessible across various environments, including cloud and Kubernetes.
