Top Menu

Understanding DORA Article 10: The Incident Reporting Challenge

The European Union (EU) implemented the full enforcement of DORA cybersecurity requirements on the heels of the new NIS2 Directive, and reactions from the financial sector and other impacted industries have been (understandably) mixed. While all organizations understand the importance of risk management, incident reporting, and accountability, new requirements for 2025 and beyond have left some businesses searching for more unified, automated, and minimally disruptive solutions.

DORA Article 10 Basics

The Digital Operational Resilience Act (DORA) is an EU regulation developed to protect the financial sector from digital security risks by enhancing cybersecurity and resilience. A unified framework for incident reporting, resilience testing, risk management, and information sharing ensures all relevant organizations maintain a high level of vigilance. Articles 8-13 of DORA establish important ground rules for information and communications technology (ICT) security practices.

DORA Article 10 requires businesses in the financial sector to consistently detect anomalous activities, using multiple layers of control to monitor activity and ensure alert thresholds and response triggers are appropriate. Article 10 also requires regular testing of detection mechanisms to verify effectiveness. These requirements expand the DORA scope beyond security policies and procedures to encompass ICT security tools and technology. DORA enforcement officially began on January 17, 2025.

 

The Challenges of DORA Compliance

The onset of DORA enforcement followed a two-year preparation period that gave organizations time to integrate new practices and create appropriate risk management frameworks and protocols. As Article 10 layers in responsibility for the identification and verification of effective cybersecurity tools, implementation challenges experienced by companies of all sizes include:

  • Lack of historical and real-time visibility into ICT risk exposure and security incidents
  • Inability to access forensic data for post-breach investigations
  • Difficulty identifying and mapping critical ICT assets and system interdependencies

The financial penalties associated with DORA Article 10 non-compliance make it imperative to overcome these challenges quickly, with fines for cybersecurity failures reaching up to 2% of annual turnover (revenue). Additional consequences, including reputational damage, operational disruptions, and regulatory actions can have an equally devastating impact. These deterrents call for solutions that not only meet but far exceed minimum compliance requirements.

 

 

The Keys to DORA Article 10 Compliance

Financial organizations can breathe easier when they have ICT monitoring and security solutions in place that allow them to see the risks, close the gaps, and stay compliant.

This makes it essential for businesses to identify, detect, and mitigate security risks as quickly as possible, while using forensic-level insights to close compliance gaps before they can lead to violations. The best performance monitoring solutions utilize efficient, automated workflows and seamless forensic data access to minimize the legwork and guesswork of DORA compliance.

End-user Experience (EUE) Scoring

Performance and security issues often overlap in their symptoms, while differing in root cause. This makes it important to understand the impact of each domain (network, application, server, or client) on a given network transaction or anomaly.

Packet-level Forensics  

Deep-packet inspection is another important pillar of DORA compliance, with unabridged packet data providing the ultimate source of network truth needed to accurately assess and address ICT risks. Packet analysis also helps to reveal the precise timing, source, and affected assets after a breach attempt, and improve visibility into the interactions between critical assets and systems across cloud, hybrid, and on-premises infrastructures to inform strategic risk assessments.

Advanced, network performance monitoring solutions make this valuable data available for real-time traffic monitoring and conclusive forensic investigations.

Timely Anomaly Detection  

The prompt detection of anomalous activities is an objective emphasized by DORA Article 10, and for good reason. It currently takes organizations an average of – a statistic with potentially dire consequences in an industry where the cost associated with extensive dwell time can be significant.

Solutions that go beyond simple monitoring to continuously identify threats and anomalous user behaviors empower operations and security teams to respond and remediate in compliance with DORA expectations.

The VIAVI Advantage

Article 10 requires financial entities to put mechanisms in place to promptly detect anomalous activities, including network performance issues. These mechanisms include early warning indicators, procedures, and response plans to protect organizations from ICT-related incidents. Enhanced network visibility is the underlying factor that can turn these aspirations into reality.

Many organizations assume they are compliant but lack the needed real-time and forensic visibility into performance issues and security risks. VIAVI provides the right tools to detect anomalous activities in accordance with Article 10, leveraging the combination of packets and enriched flow data to characterize traffic patterns and user behavior quickly and accurately. Enhanced forensic visibility also provides the granular, actionable data required for compliance teams to fulfill reporting obligations with confidence.

VIAVI Observer’s patented EUE scoring algorithm automatically analyzes volumes of complex packet data to assess performance using a consistent numerical scoring method. EUE scores can link performance issues to the relevant network, application, server, or client domain to complement DORA Article 10 requirements. VIAVI also provides cost-effective solutions to facilitate packet capture and back-in-time review to streamline DORA-mandated investigation, reporting, and recovery activities.

Bringing It All Together

DORA compliance does not always mean added operational complexity or disruption. The right solution can produce a host of unexpected benefits that bolster network performance, reduce downtime, and enhance customer satisfaction while establishing the visibility needed to confidently fulfill DORA obligations, such as:

  • Delivering industry-leading network performance visibility, featuring EUE scoring for every transaction. Customizable dashboards and highly optimized workflows enable fast anomaly detection and root cause analysis.
  • Supporting DORA Article 8 requirements for dependency identification and ICT risk mapping.
  • Providing deep visibility into traffic composition, enabling detailed forensic post-breach investigations and providing actionable insights into network and device behavior.

———

Learn more by:

Visiting our website: Bridging the Compliance Gap

or

Reading our white paper: Navigating NIS2 and DORA Compliance

 

 

 

 

 

 

 

About The Author

Related Posts

5G Environmental Benefits

VIAVI Releases 2018 State of the Network Study

Open RAN Set To Revolutionize The Mobile Networks Ecosystem

Key risks for telecom providers

©2025 VIAVI Solutions. All rights reserved.
×
Close