Ensuring that any organization can withstand, respond effectively to, and recover quickly from IT disruptions is a strategic imperative. This is particularly true within the financial sector.
The Digital Operational Resilience Act (DORA), which became mandatory on 17 January this year, was put in place to serve as a robust standard for resilience. It doesn’t just need organizations in scope to implement sophisticated technological defences; it needs them to have a proactive, well-informed workforce that is ready to tackle cyber threats.
At its core, DORA is a five-pillar framework. These cover ICT risk management, incident reporting, digital operational resilience testing, third-party risk management, and information sharing. Technology is a critical component of all of these pillars; however, the human element is equally important. This is hardly surprising when you consider that various sources cite human errors as being responsible for between 70% and 95% of all cyber incidents. This means that even when the most robust technological safeguards are in place, the human element will be a significant source of vulnerability.
Regardless of the source of the incident, employees can also be the difference between a controlled breach and a full-scale disruption.
What is needed is highly targeted training and simulation exercises that help organizations ensure that their staff are equipped to identify emerging threats, report incidents promptly, and engage in effective remediation efforts.
Digital operational resilience testing and human risk
Digital operational resilience testing under DORA goes beyond merely identifying what the vulnerabilities are. It also involves actively testing the human layer.
Simulated phishing attacks and other real-world-based cyber threat exercises serve multiple purposes. They not only provide a practical measure of employee readiness, but they also help to build essential knowledge and skills for identifying genuine communications from deceptive ones.
By exposing staff to realistic threat scenarios, organizations are cultivating a security-first mindset. This is vital for mitigating risks before they escalate and disrupt business operations.
Awareness enhances incident reporting
The quick reporting of incidents is a cornerstone of DORA compliance. It mandates strict timelines, for example, notifying relevant authorities within four hours of classifying a major incident, as well as following up with detailed reports within set timeframes.
It is important to ensure employees are aware of this, so they are equipped to act as the eyes and ears of the organization and support compliance. Their ability and readiness to spot and report anomalies will help to reduce the time to containment and ensure that incidents are managed efficiently and effectively. This not only supports DORA compliance, but it also safeguards both financial and reputational assets.
Establishing a sharing culture
In addition to ensuring individual preparedness, training, and awareness initiatives will also help establish an environment where information is able to flow freely. By encouraging employees to share all of their observations on suspicious activities or emerging threats, an organization will get stronger collective intelligence.
Staff need to be able to actively participate in the reporting process through easy-to-use tools and transparent processes. This will enable them to contribute to a dynamic, organization-wide threat intelligence network. Not only does this type of collaborative approach support internal decision-making, but it will also help to enhance the overall resilience of the financial ecosystem when these insights are shared across the industry.
A more resilient organizational culture
Ultimately, investing in employee training and awareness is far more than a tick-box DORA compliance exercise. It is a strategic investment in any financial sector organisation’s future. Building a culture that prioritizes cybersecurity will ensure that every member of the team understands their critical role in safeguarding the organization and the financial industry as a whole.
The nature of cyber threats will always be evolving, so a well-informed and agile workforce is the most important line of defence because it can adapt to and mitigate risks before they get a chance to occur.
Organizations should also look at additional innovative strategies, such as cross-sector workshops, inter-company threat simulations, or advanced behavioral analytics, as next steps toward deepening their digital resilience. These initiatives not only further empower employees but also help build genuine expertise, creating a ripple effect that will improve security standards across the industry.
Claude Code creator confirms cause of massive source code leak
Apple turns 50: ITPro's favorite devices
Channel partners are sleepwalking into an AI code generation trap
How IT leaders are tackling vendor sprawl
Building resilience in global tech trading: Lessons from leading circular markets
How vendor consolidation is reshaping partner strategy in 2026
Stop selling tech. Sell your values
How the Cybersecurity and Resilience Bill could impact MSPs
Serving the needs of SMEs starts with vendors delivering partner success programs
Channel your innovation: Why IT partnerships are essential for the future of retail
