The recent implementation of the Digital Operational Resilience Act (DORA) underscores the critical need for enhanced operational resilience within the high-stakes and highly regulated financial services sector. DORA mandates that organisations in the financial sector and in industries providing technology services to the financial sector strengthen their operational resilience through structured risk and incident management and continuous stress testing.
This heightened regulatory scrutiny coincides with a surge of cyberattacks and mounting pressures on network teams. To navigate this complex landscape, financial institutions must prioritise network automation to better manage risk and test operational resilience.
Go deeper with GlobalData
The ‘Butterfly Effect’ in networks
Financial institutions operate vast, interconnected networks, consisting of thousands of endpoints and governed by complex firewall rules. Each rule represents a potential vulnerability, and single misconfiguration can trigger a ‘Butterfly Effect’ which can lead to security breaches, operational downtime and compliance failures.
A recent Skybox Security study revealed the extent of the challenges faced by network professionals in financial services. Manual tasks, such as firewall management and network provisioning consume a monumental 42% of network professionals’ workweeks in financial services. An additional 10% of their time is spent correcting misconfigurations, highlighting serious inefficiencies in resource allocation.
The sheer volume of routine tasks including configuring firewalls, updating access controls and provisioning networks are essential but these tasks often detract from strategic priorities. As attack surfaces expand and threats increase, network teams are struggling to find time to secure networks or focus on high-value initiatives proactively.
A clear path forward thanks to automation
To navigate these challenges, financial institutions must shift their approach to allocating resources. Automation offers a clear path forward by streamlining workflows, reducing manual errors and freeing network teams to focus on strategic priorities. In fact, our study found that 67% of professionals in financial services expect it will provide more time to focus on higher-value tasks, such as designing and implementing innovative network solutions and optimising network performance.
By automating routine processes like firewall rule management, network policy updates and access provisioning, network teams can reclaim their time. This reduction in manual tasks alleviates workload pressures, enabling professionals to dedicate their expertise to proactive risk management and operational resilience testing.
Automation is also a key enabler of compliance to adhere to DORA’s stringent requirements. With 92% of network professionals in financial services concerned about internal audit failures and 96% worried about external audits, automation provides real-time visibility into network configurations, detects and remediates misconfigurations and maintains audit trails. This ensures that organisations adhere to regulatory standards with minimal manual intervention, significantly reducing the risk of non-compliance.
In addition, automation facilitates regular stress testing and scenario planning, which are core components of DORA’s operational resilience mandates. These capabilities allow networking teams in financial institutions to identify vulnerabilities and improve strategies proactively, rather than reacting to disruptions as they happen.
Automation provides enhanced visibility and control over network operations, a benefit cited by 71% of network and security professionals in financial services. With better visibility, network teams can quickly identify and address potential issues before they escalate, preventing costly downtime and outages. By automating tasks like compliance assessments and firewall rule recertification, businesses can optimise their workflows and achieve greater precision in change control.
The implementation of network automation can also greatly help reduce the risk of human error; a benefit cited in our study by 41% of network professionals in financial services. By standardising processes and ensuring consistency across networks, automation reduces the likelihood of misconfigurations and enhances overall security and resilience.
A foundation for long-term success
Financial institutions are facing a perfect storm: escalating cyberattacks and increasing pressures on network teams, all the while navigating stringent new regulations. The challenges facing financial institutions may be significant, however they are not insurmountable.
Automation is key to effectively addressing the complexities of network management, mitigating risks and meeting regulatory demands. The ability to adapt and innovate will be key to maintaining competitiveness and resilience. With automation at the core of their strategies, financial institutions can not only comply with DORA but also build a foundation for long-term success.
John Stevenson is Technical Director at Skybox Security
