The Digital Operational Resilience Act (DORA) enters into effect on January 17, 2025, introducing new cyber-risk management, reporting, and contracting obligations for financial entities and their ICT service providers.

DORA also introduces the qualification of ‘critical’ ICT service providers. Service providers to financial entities will be designated as a ‘critical’ ICT service provider and be supervised directly by European Authorities who have broad inspection powers to ensure that these providers are complying with DORA’s regulatory demands.

This webinar will examine DORA’s framework for designating ‘critical’ ICT service providers and offer insights on how these providers can prepare to meet their new obligations. It is the second in our DORA webinar series, following the inaugural session held on December 5, 2024.

Items that will be covered during the webinar include:

• A brief overview of DORA’s main obligations and what they mean for ICT service providers
• A breakdown of the criteria for determining ‘critical’ ICT service providers
• Practical steps on how ICT service providers can prepare to comply with DORA

Click here to read our 2025 Cybersecurity Forecast. To learn more about Wilson Sonsini’s data, privacy, and cybersecurity team, please click here. To learn about our fintech and financial services team, click here.