ContentsOperational information securityTransitioning to DORA: impact on BAIT/VAIT ISMS requirements1. Stronger link to risk analysis2. Mandatory, technology-agnostic control implementation3. Universal applicability to all ICT systemsUse of cyberspace and network security controls (Art. 9(3)(e)(vi) DORA)Information security measures (RTS RMF Art. 8)DORA requires a complete set of:ICT solutions for detection (RTS RMF Art. 13)Minimum mandatory detection requirements:Alert routing & security incident response linkageAlerts must be routed to the ICT security functionVulnerability analysis (RTS RMF Art. 14)Minimum mandatory vulnerability processes: Operational information security Transitioning to DORA: impact on BAIT/VAIT ISMS requirements (Page 24) BaFin confirms: Key areas of uplift compared with BAIT/VAIT: 1. Stronger link to risk analysis … Continue reading Operational information securityRead More →