Regulations
Digital Operational Resilience Act (DORA)
The Digital Operational Resilience Act (DORA) is a European Union regulation that came into force on 17 January 2025. It requires financial organisations to strengthen their cybersecurity resilience to help them stay protected as the financial services sector shifts to the increasing use of digital technologies. DORA also contains obligations that apply to financial organisations’ third-party ICT service providers, so it’s relevant to a wide range of organisations.
EU Network and Information Security Directive 2 (NIS2)
The Network and Information Security Directive 2 (NIS2) is a European Union regulation that came into force for EU member states as of 17 October 2024, the deadline for member states to enact legislation. NIS2 makes organisations’ senior management directly accountable for mitigating, responding to, and reporting cybersecurity incidents, as well as setting out strict timelines for notifying authorities of a breach.
EU AI Act
In August 2024, the European Union’s AI Act (Act) entered into force — a first of its kind legislation that regulates the development, provision, deployment, and importation of Artificial Intelligence (AI) systems into the EU. The Act separates AI risks into four categories and sets out different rules for each risk level.
The aim of the Act is to regulate AI to ensure that these risks are properly managed, minimised, and remediated. The Act will be fully enforceable August 2026. However, some parts of the Act will apply sooner.
U.S. Financial Industry Regulatory Authority (FINRA)
The Financial Industry Regulatory Authority (“FINRA”) is a non-governmental organization that sets regulations for broker-dealers and exchange markets in the United States. Barracuda’s financial industry customers subject to FINRA regulations depend on Barracuda products and services to protect their business, including obligations to retain immutable backup copies of certain data. Please review specific Barracuda product information for more details about how products store data.