DORA Countdown: One Month Left Until the Deadline

17. December 2024

DORA, the Digital Operational Resilience Act, will fully apply as of 17 January 2025. The EU regulation requires that all regulated financial institutions implement the listed requirements for internal processes and systems and ensure that their third-party ICT service providers do the same. The approaching deadline in addition to the regular year-end business is most likely causing sleepless nights for some information security managers. They are asking themselves: How can they make the most of the short time left until 17 January 2025? Which steps are practical “quick wins”? What measures are “must-haves” for the first supervisory review?

To help you find the right answers, we have summarized everything you need to know from our news blog:

Everything you need to know in compact form

Digital Operational Resilience Act (DORA): The 7 Most Important Questions

DORA & NIS-2

NIS-2 and DORA: Why Two Pieces of EU Cybersecurity Legislation?

Thread-Led Penetration Testing (TLPT)

DORA Deep Dive: Threat-Led Penetration Testing (TLPT)

RTS & ITS

DORA Requirements Become More Concrete: Further RTS and ITS Published

Obligation to report ICT-related incidents

Person holds a telephone to the reader and next to it is the title of the article.

DORA Deep Dive: Reporting of ICT-Related Incidents

We take the next steps with you

Are You Ready for DORA? If Not, Here’s 5 Tips on What to Consider during Planning

Setting off for DORA – Your Preparation in 3 Steps

Do you have further questions about DORA or need specific support with implementation in your company? Get in touch. We will be happy to assist you.

Also interesting:

Part-IS and ISO 27001: How to Leverage Synergies for Your Compliance

Jan 14, 2026

On 22 February 2026, the EU Regulation Part-IS for aviation organizations will come into force. They must manage information security risks in a way that best protects civil aviation safety. Many already rely on an ISMS according to ISO 27001 – but is that enough for...

Assessing the Security of AI Chatbots: Pentests Uncover Critical Vulnerabilities in LLM Platforms

Jan 9, 2026

Artificial intelligence (AI) is transforming the business world. Large language model (LLM) platforms in particular are increasingly finding their way into companies across a wide range of industries. Many are choosing in-house hosted solutions to protect sensitive...

Security Advisories on OrangeHRM und memos

Dec 16, 2025

The pentest professionals at usd HeroLab identified multiple vulnerabilities in the applications OrangeHRM and memos during web application pentests. The vulnerabilities were reported to the vendors as part of the Responsible Disclosure Policy. Detailed information on...

DORA Countdown: One Month Left Until the Deadline

Everything you need to know in compact form

DORA & NIS-2

Thread-Led Penetration Testing (TLPT)

RTS & ITS

Obligation to report ICT-related incidents

We take the next steps with you

Also interesting:

Part-IS and ISO 27001: How to Leverage Synergies for Your Compliance

Assessing the Security of AI Chatbots: Pentests Uncover Critical Vulnerabilities in LLM Platforms

Security Advisories on OrangeHRM und memos

Categories

Categories

usd AG

News

Part-IS and ISO 27001: How to Leverage Synergies for Your Compliance

Assessing the Security of AI Chatbots: Pentests Uncover Critical Vulnerabilities in LLM Platforms

Security Advisories on OrangeHRM und memos

Follow Us