All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

DORA regulation creates compliance challenges for London law firms beyond GDPR requirements

1h ago· 1 min readenNews
Bagel score 75 of 100
75/100
Toasty
Bagelometer

Crusty in the right places. Worth the chew.

Score75TypenewsSentimentnegative

Summary

The article discusses how the Digital Operational Resilience Act (DORA), which took full effect in January 2025, is impacting London law firms. Unlike GDPR, which focuses on data privacy and post-breach compliance, DORA mandates operational resilience—requiring firms to demonstrate technical ability to withstand, document, and recover from severe cyber disruptions in real time. The regulation applies beyond banks and insurers to technology vendors in the deal ecosystem, including law firms. Many firms that treated data compliance as "solved" after GDPR are now facing new pressures as DORA addresses infrastructure resilience rather than data handling, potentially leading to client losses for non-compliant firms.

Key quotes

· 3 pulled
DORA instead focuses on operational resilience: the technical and mathematical ability to withstand, document, and recover from severe cyber disruptions in real time.
GDPR addresses what happens to data after a breach, while DORA addresses whether infrastructure can prevent one, with no overlap between th
Since GDPR began in 2018, many firms treated data compliance as solved by updating privacy notices, appointing data protection officers, and moving on.
Snippet from the RSS feed
DORA compliance requires operational resilience for cyber disruptions, making common messaging and cloud tools a liability for UK law firms handling sensitive client communications.

You might also wanna read

China formalizes tougher outbound-investment rules following Meta's Manus acquisition blockade

China has formalized tougher outbound-investment review rules, codifying the approach used by the National Development and Reform Commission

thenextweb.com·4h ago

ShinyHunters leaks 4.9 million Charter Communications customer records after extortion refusal

ShinyHunters, a hacking group, claims to have leaked personal data of 4.9 million Charter Communications customers after the telecom company

theregister.com·15h ago

Tesla Self-Certifies Level 4 Autonomous Vehicles Under New Texas Law

A new Texas law permits companies with SAE Level 4 or higher autonomous vehicles to offer commercial driverless transportation. Tesla immedi

notateslaapp.com·18h ago

Falcon AIDR Provides Prompt Layer Threat Detection for Kubernetes AI Applications

The article discusses how AI applications deployed in cloud environments introduce new security threats at the "prompt layer" — the interfac

crowdstrike.com·1d ago

17-Year-Old Builds Free Security Scanner After Seeing Small Businesses Priced Out of Cybersecurity

A 17-year-old security professional recounts how small businesses are priced out of cybersecurity solutions. After a healthcare practice in

infosecwriteups.com·1d ago

Microsoft calls for coordinated vulnerability disclosure after zero-day disclosures put customers at risk

Microsoft addresses the recent public disclosure of zero-day vulnerabilities that were not shared with the company beforehand, putting custo

microsoft.com·1d ago