Ms. Wittman is a lawyer in Munich and a partner at Bitsea. To enhance digital operational resilience, the European Commission has introduced the Digital Operational Resilience Act (Regulation (EU) 2022/2554 – “DORA”) as part of its Digital Finance Package 2020. Currently, regulations on digital resilience are scattered across various sector-specific EU laws and guidelines (e.g., MiF II, CRD, PSD2, Guidelines

Today, we are shedding light on a topic that is still all too readily overlooked as the “little sister of programming”. What hardly anyone cared about 20 years ago is to be placed under state control in the immediate future! As we now know, a major focus of Bitsea is checking for hidden risks in software. Many people typically first

Open source in focus: Dora, vulnerabilities and the security of the software supply chain In a world where open source is ubiquitous, experienced developers no longer rely on reinventing the wheel. Their secret weapon? Open source. The reasons for using it are to improve productivity, shorten development time and reduce development costs. But now the Digital Operational Resilience Act (DORA),

What is DORA? DORA stands for Digital Operational Resilience Act. DORA is EU regulation aiming at financial institutions which defines EU-wide uniform requirements to guarantee a consistent level of maturity in cybersecurity and operational resilience for all their operations within the EU. DORA is structured around four fundamental principles: IT and Cybersecurity Risk Management: Financial institutions would be required to