Linkedin-in Facebook-f X-twitter
Headlines
Photo by FlyD on Unsplash

Scottish CISOs face budget crunch as EU’s DORA takes effect

As the European Union’s Digital Operational Resilience Act (DORA) comes into force today, Chief Information Security Officers (CISOs) across Scotland

Facebook
LinkedIn
X

As the European Union’s Digital Operational Resilience Act (DORA) comes into force today, Chief Information Security Officers (CISOs) across Scotland are grappling with budget pressures to meet the new compliance demands.

What is DORA?

DORA is a comprehensive EU regulation aimed at strengthening the financial sector’s resilience against digital threats and IT disruptions.

While it doesn’t directly apply to the UK, Scottish financial entities offering services to EU financial institutions or operating in the EU market must comply with DORA’s stricter requirements.

The Challenge for Scottish CISOs

CISOs, who are responsible for an organization’s information and data security, are facing significant challenges in Scotland:

  1. Budget Constraints: Over three-quarters of UK CISOs feel their IT budgets don’t adequately reflect their board’s commitment to compliance. This disconnect is likely to be mirrored in Scottish financial institutions.
  2. High Implementation Costs: Nearly half of UK businesses reported spending over €1 million (£844,500) in the last two years on implementing regulations like DORA. Scottish firms are likely facing similar expenditures.
  3. Regulatory Pressure: 60% of CISOs said that meeting new regulatory requirements like DORA has added pressure to their role. This pressure is particularly acute for Scottish financial services operating in or servicing EU markets.

Impact on Scottish Businesses

Scottish financial entities, particularly those with EU operations or clients, must now ensure they can withstand, respond to, and recover from cyber threats and IT disruptions as per DORA’s requirements. This includes:

  • Implementing robust ICT risk management frameworks
  • Establishing clear incident reporting procedures
  • Conducting regular digital resilience testing

The Road Ahead

Despite the challenges, there’s a silver lining. The majority of senior security professionals, including those in Scotland, see value in DORA’s efforts to strengthen the financial sector’s resilience. However, the road to compliance may be rocky for many Scottish firms, especially smaller ones facing resource constraints.

As DORA enforcement begins, Scottish CISOs and financial institutions must navigate these budget pressures while striving to enhance their digital operational resilience. The coming months will be crucial in determining how well Scotland’s financial sector adapts to this new regulatory landscape.

Related Stories from Silicon Scotland

  • Cyber, Security
Cyber security and AI fuelling growth in IT spending, says Forrester
  • Cyber
Cybersecurity experts come together for Cyber Scotland 2025 in Aberdeen
ransomware attacks on the rise
  • Cyber
Ransomware attacks soar as new cybercrime groups reshape threat landscape in 2025
uk requests apple access
  • Cyber
UK Allegedly Demands ‘Backdoor’ to All Apple Encrypted Data
boost uk cyber defence recruitment
  • Cyber
UK Armed Forces launch fast-track cyber warrior recruitment to counter rising digital threats
  • Cyber
Third-party Attack Vectors Plague Insurance Companies

Other Stories from Silicon Scotland

low digital health readiness
  • Business
Only 28% of UK businesses are starting 2025 with good digital health, Zoho study reveals
infant imitation research using ai
  • AI
Scottish project uses AI to study infant origins
scotland s deeptech accelerator graduates
  • AI
‘Deeptech’ milestone as latest companies graduate from Scottish accelerator
ai emphasis crime and defence
  • AI
UK rebrands AI Safety Institute to focus on national security threats
charity ai task force
  • AI
New Charity AI Task Force Aims to Expand Tech’s Positive Impact
  • Cyber, Security
Cyber security and AI fuelling growth in IT spending, says Forrester
  • Technology
Scotland’s gardening podcast shines spotlight on Scottish gardening after reaching listeners in 56 countries
  • Technology
TikTok owner ByteDance sheds light on IPO plans: What investors need to know
edinburgh ai consultancy growth
  • AI, Business
AI led transformation firm records 40% growth in revenue