Webinar overview:

Join our one-off webinar with David McCatty, UK Finance and Mick Flitcroft, Chantal Constable, and James Pearce from NCC Group where we explore the key cyber-security provisions within DORA and what they mean for the UK’s Financial Services sector.

With the deadline for complying with the EU's Digital Operational Resilience Act (DORA) set for January 2025, pressure is mounting for financial institutions and service providers across the industry, including many based in the UK.

In this one-hour session, we cover:

  • DORA re-cap: What DORA is and who it applies to
  • Where you should be in your plans for DORA readiness
  • Reflections from those in the industry already addressing DORA compliance challenges
  • DORA uncloaked: how cyber security experts NCC Group have interpreted key aspects of the regulation
  • Which aspects of DORA are still undefined?
  • How to assess your current DORA readiness

What is DORA?

The Digital Operational Resilience Act, or DORA, builds on existing institutional EU requirements in response to market-wide, ongoing digital transformation and evolution of new associated risks. As many firms in the UK have operations within the EU, DORA may affect them. A deadline of 17 January 2025 has been set for those affected to ensure they are compliant, and organisations must act now to guard against evolving risks.

The Act aims to set uniform requirements for the operational resilience of almost all financial entities operating in the EU, including third-party ICT service providers. DORA also mandates that all participants in the financial system have the necessary safeguards in place to mitigate attacks and other risks, such as supplier failure, service deterioration, and concentration risk.

Chantal Constable

Chantal Constable

Head of Financial Services and Insurance, NCC Group

I’m currently Head of Financial Services and Insurance (FSI) for NCC Group leading our go to market sector strategy and end to end client engagement t...

I’m currently Head of Financial Services and Insurance (FSI) for NCC Group leading our go to market sector strategy and end to end client engagement team. Prior to this I spent 10 years at CGI where I headed up growth for their Insurance business as well as running CGI’s Retail and Corporate Banking business in the UK with full P&L responsibility. This encompassed CGI’s payments capability, open banking offerings including overlay services, collections, anti-financial crime and trade finance applications as well as managed IT services and legacy modernisation delivery. It’s a fascinating time to be in the FS and Insurance market and I’m fortunate enough to be invited to industry panels to speak on subject matters such as cyber security trends, debt management in the pandemic, approaches to digital transformation and the potential of open finance for the UK financial services market.

Read more
James Pearce

James Pearce

Commercial Director, Consulting and Implementation, NCC Group

James started in cyber security, purely by accident, in 2008. Initially working on PCI DSS and ISO 27001 compliance projects with private sector clien...

James started in cyber security, purely by accident, in 2008. Initially working on PCI DSS and ISO 27001 compliance projects with private sector clients before becoming a QSA in 2012 and joining NCC Group in 2013.

James is a Director within NCC Group’s Consulting and Implementation practice working primarily with private sector clients in industries including FSI, TMT, professional services, and retail.

James’ focus is on building cyber security programs to help organisations improve their cyber resilience. James is also part of our Strategic Advisor team and regularly speaks at client events, including NCC Group’s CISO Council.

Read more
Mick Flitcroft

Mick Flitcroft

Executive Principal Consultant, NCC Group

Mick Flitcroft has over 30 years of security and leadership experience across various sectors. He is an Executive Principal Consultant within NCC Grou...

Mick Flitcroft has over 30 years of security and leadership experience across various sectors. He is an Executive Principal Consultant within NCC Group’s Professional Services and is also the Global Lead for Government Compliance services across the whole business.  He is responsible for delivering a wide range of cyber security and information assurance consultancy that includes security architecture and design reviews, creation of security strategies, defining risk methodologies, undertaking various risk management activities and the creation and delivery of service/product accreditation and compliance programmes.

Mick is also a delivery lead for large scale engagements and is responsible for the ICS/OT, SCADA and IIoT service delivery across NCC Group as well as ISA 62443 global offerings. 

Read more
Daniel McCatty

Daniel McCatty

Principal, Cyber and Third Party Risk, UK Finance

Daniel has recently joined UK Finance as a principal for Cyber and Third Party Risk. He joins from Deloitte's Risk Advisory practice where he was a Se...

Daniel has recently joined UK Finance as a principal for Cyber and Third Party Risk. He joins from Deloitte's Risk Advisory practice where he was a Senior Manager in Cyber, Data and Digital, primarily supporting Banking and Capital Markets firms on their recovery and resilience capabilities and addressing regulatory policies such as UK Operational Resilience and the EU DORA.

Prior to this he spent 4 years working as part of the FCA's Technology, Resilience and Cyber department, assessing firm's technical capabilities across technology and cyber and helping shape the resilience regulatory agenda on operational resilience, incident response and cross-authority and cross-sector engagement.

Read more
NCC Group

NCC Group

NCC Group is a leading global cyber business with its heritage in the UK, operating and impacting across multiple sectors and geographies. We work to ...

NCC Group is a leading global cyber business with its heritage in the UK, operating and impacting across multiple sectors and geographies. We work to protect global financial services every day, supporting more than 500 global financial institutions.

For more than 30 years, our research-driven business model has provided the foundation for not only our innovative cyber solutions but also the continuous development of the wider sector. Recognised for our technical depth and insight, our key partnerships in the cyber environment and contributions to government policy disseminate to create maximum value for our clients.

NCC Group’s powerful cyber solutions and consultancy exist to support organisations in assessing, developing and managing their cyber resilience posture, to confidently maximise the opportunities that sustain business growth and to strive for future proofing. More than 250 banks use our Threat Intelligence services, and we also work with 12 of the 20 world’s largest banks.

We have a significant market presence in the UK where 4 of the top 5 banks and 5 of the top 10 insurers are NCC Group clients, as well as in Europe and North America, and a growing footprint in Asia Pacific. This is supported by our dedicated and expert global team of 2,400 employees, passionate about working towards a more secure digital future.

Read more

Any Financial Services organisation or critical ICT supplier to a Financial Services organisation with European operations to fall under DORA.

  • CISO
  • CIO
  • CTO
  • Head of Operational Resilience
  • Head of Reg tech Compliance
  • Risk Management