[Reading time: 16 seconds]
The DORA (Digital Operational Resilience Act) regulation takes effect in January 2025. (If you don’t know what DORA is, my intro might help.)
The SEAR (Senior Executive Accountability Regime) is a key element of IAR (the Individual Accountability Framework). (If you don’t know what IAR is, I mention it here.)
So what?
If I have mentioned too many three- and four-letter acronyms, just focus on this one:
IRS: Implement Reasonable Security.
Why IRS?
Because if you are accountable for cyber security in a regulated financial services firm…
You must ensure you have implemented reasonable security measures*.
Otherwise, you could be held accountable for your inaction.
* If you don’t know what ‘reasonable’ could look like, keep an eye out for Wednesday’s email.