Cyrille Badeau, Vice President International Sales, ThreatQuotient
“Expect the unexpected” is a saying that holds particular weight in cybersecurity. In 2025, with continuing technological advancement, the divide between game-changing business opportunities and serious cyber threats has never been starker. With innovation and disruption unlikely to slow the pace any time soon, all sectors must build their operational resiliency to stay ahead and ensure stability.
For the financial sector – a lucrative target for cybercriminals – this need has been reinforced by the EU’s Digital Operational Resilience Act (DORA), which came into effect earlier this year. DORA focuses on accountability (underpinned by the threat of significant fines), as well as mandating strict requirements across areas including risk management, incident reporting, resilience testing, third-party oversight, and information sharing. Like GDPR, DORA requirements extend to US third parties and partners.
Visibility and Accountability
DORA aims to standardise cybersecurity practices across the financial industry and reduce the risk of single points of failure, particularly those within large and complex supply chains. One of the biggest challenges for security teams today is securing visibility into third-party providers within their ecosystem due to their volume, diversity, and the constant monitoring required.
Utilising a Threat Intelligence Platform (TIP) with advanced capabilities can enable a security team to address this gap by monitoring and triaging threats within third-party systems through automation. It can flag potential signs of compromise, vulnerabilities, and risky behaviour, enabling organisations to take pre-emptive action before risks escalate and impact their systems. These capabilities can extend to filtering out noise and prioritising threats, thus minimising alert fatigue.
Dynamic Risk Management
A major aspect of DORA is implementing a robust risk management framework. However, to keep pace with global expansion and new threats and technologies, this framework must be responsive, flexible, and up-to-date. Sourcing, aggregating, and collating threat intelligence data to facilitate this is a time-exhaustive task, and unfeasible for many resource-stretched and siloed security teams.
Selecting a TIP that delivers a continuous stream of actionable data – including new vulnerabilities, attack vectors, and industry-specific threats – can be invaluable.
Furthermore, an advanced TIP enables security teams to integrate security feeds from other organisations into their threat intelligence feed, presenting a comprehensive overview of current threats across organisations and industries. This data is then normalised, correlated, prioritised, and translated into a unified, digestible feed.
Speedy and Secure Reporting
To promote collective resilience, DORA encourages secure, timely information sharing between financial institutions and regulators. In the high-pressure event of an incident, reports may not be a priority or subject to human error.
Advanced TIPs that incorporate automation and AI capabilities can automatically generate and distribute threat reports. This not only improves response times but also helps teams meet DORA’s strict incident reporting timelines with confidence. Additionally, when a TIP facilitates secure information sharing across trusted networks, security teams can easily foster threat intelligence sharing communities. This allows organisations to collaborate and scale cybersecurity responses both within and beyond the boundaries of their industries.
Supporting Operational Resilience Testing
DORA also requires organisations to regularly test their digital resilience through simulations and stress testing. From tabletop scenarios to full-scale simulations, these exercises evaluate how well systems, processes, and people can withstand and respond to real-world cyber threats.
With an advanced TIP, security teams can leverage customisable workflows to recreate specific operational stress scenarios. These scenarios can be further enhanced by feeding real-world data on attacker behaviours, tactics, and trends, ensuring that simulations reflect actual threats rather than outdated risks.
Building a Culture of Proactive Defence
Effective threat intelligence management is the foundation of responsive, scalable cybersecurity. By adopting an intelligence-led approach, financial organisations can shift from reactive to proactive, making DORA compliance a natural outcome rather than a constant challenge.
In an increasingly volatile threat landscape, effective threat intelligence management delivers the insight and agility security teams need to stay ahead. As DORA continues to shape the future of operational resilience across the EU financial sector and its global ecosystems, an advanced threat intelligence platform is a valuable investment.
For more information on how a threat intelligence platform can assist in DORA compliance, please see the link the ThreatQuotient’s datasheet here: DORA brief
