DORA and NIS2 – What Do I Need to Know?

Discover the connection between the NIS2 security directive and DORA in this clip from HANDD’s recent webinar. NIS2, the second iteration of the network and information security directive, set to be enforced from October 17th, focuses on bolstering resilience across various industries and corporations in the European Union.

View the clip and transcript below or watch the full webinar.


Sam Malkin : So before we go right into DORA, I wanted to spend a few moments talking about the NIS2 security directive and its relationship with DORA – some of the similarities, some of the differences and kind of where they overlap. So NIS2 is the second iteration of what’s known as the network and information security directive which was first published in 2016. And this second version is going to come into force on the 17th of October of this year. So something else for us to kind of worry about, or be thinking about. NIS2 kind of aims to increase the resiliency of networks and services across all industries and corporations across the European Union. And that differs slightly from DORA where DORA is only going to apply to those in the financial sector. Interestingly, it’s also being released on the 17th of October, we’ve got the 17th of January today, we’re also seeing some 17ths as we move through these slides. So I don’t know whether it’s just a happy coincidence, or you know, something by design by the European Union. NIS2 is going to cover off large numbers of organisations, lots of service providers, and lots of different businesses, and basically anything that the European Union is deeming as being fundamental to society, our financial markets, they’re fundamental to modern society, whether you like that fact or not. And as such, you guys that operate within those, if you’re in scope for DORA, you’re also going to be in scope for NIS2, you’re going to have to apply both of them or comply with both of them by the time 2025 rolls around. What we’re seeing is an update, that’s basically a technological update. So it’s bringing it up to speed with things that are commonplace in 2024. So you’ll see on the screen there, you know, multi factor authentication, how to avoid and how to try and recover from ransomware attacks, lots in there, and training and education and zero trust networks and things like that.

Need support to achieve DORA compliance?

HANDD is experienced in helping banks and financial institutions navigate the complexities of new cyber regulation, and DORA is no exception. Our experienced team of cyber-risk specialists can help you find and identify non-compliant areas of your business in preparation for the full launch of DORA in 2025.

Book a call with our DORA Consultant: Call +44 (0)845 643 4063 or email

Need more? View all our DORA resources here.