The Cyber Resilience Act (CRA) underscores the growing significance of cybersecurity in today's economy. While the aim of enhancing focus on mitigating vulnerabilities in digital product lifecycles is commendable, certain sectors like finance already exhibit robust cyber resilience. The Digital Operational Resilience Act (DORA) introduces a comprehensive cybersecurity and ICT risk management framework, mirroring CRA requirements for financial services. We are weary of this duplication, which stands to lead to a complex regulatory landscape for the financial sector.
Explore our joint statement for more details on our position.