Using EU Cybersecurity Compliance as a Strategic Advantage

New regulatory measures such as the Digital Operational Resilience Act (DORA), the NIS2 Directive, and the EU AI Act are driving organisations in the UK, EU, and beyond to enhance vigilance in addressing evolving cybersecurity and operational risks. These regulations aim to improve cybersecurity resilience, ensure responsible AI use, and strengthen accountability. Non-compliance carries extensive consequences, making it essential for organisations to understand where they stand.

AuditBoard, in partnership with Ascend2 Research, surveyed 272 risk, InfoSec, and IT compliance professionals to assess organisations’ current compliance maturity. A vast 91% of respondents report feeling concerned about cybersecurity threats to their organisation, and 86% are aware of incidents within their industry in the past year. However, disparity exists between awareness of these risks and the actions currently undertaken to mitigate them. For example, 14% of those who say they’re compliant with DORA are not monitoring third-party ICT service providers, and only a little over half of those who say they’re compliant with the EU AI Act execute comprehensive risk assessments. A number of organisations simply aren’t in compliance yet, even as initial deadlines have already passed.

Download your free copy of Unlock Regulatory Compliance With DORA, NIS2, and the EU AI Act to explore the findings in more detail, including insights on the use of frameworks, prioritisation of regulations, changes in workload, and top challenges across industries.