Chris is a Senior Consultant at URM who has worked in IT for over 30 years, with more than 14 years’ experience in information security. For the last 6 years, Chris has been focused on the provision of consultancy and auditing services to a wide range of private and public sector organisations. He is a Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Payment Card Industry Qualified Security Assessor (PCI QSA), ISO 9001 Certified Lead Auditor and an ISO 27001 Certified Lead Implementer. Chris has managed information security risk and compliance across the technology departments of a major multinational organisation, as well as the ongoing compliance of numerous public service network services. Chris has extensive experience initiating and managing major ISO 27001, Sarbanes-Oxley, CAS(T) and ND1643 certification projects and also has a comprehensive knowledge of PCI DSS and SOC.
InfoSec Insider
Season
1
, Episode
21
DORA - EU Cybersecurity Legislation for Financial Organisations
In this episode of InfoSec Insider, Chris Heighes, Senior Consultant at URM, takes a deep dive into the Digital Operations Resilience Act (DORA), a new EU regulation for financial entities and their key suppliers to improve their digital operational resilience, which comes into force on 17 January 2025. Chris Leverages his 30 years of IT experience and 15 years’ experience in information security to discuss:
- What DORA is
- Which entities are in scope of the Act
- How DORA’s requirements differ from those of ISO 27001, the International Standard for Information Security Management Systems (ISMS)
- The timelines for implementation of DORA and how it will be enforced.