Customize Consent Preferences

We use cookies to help you navigate efficiently and perform certain functions. You will find detailed information about all cookies under each consent category below.

The cookies that are categorized as "Necessary" are stored on your browser as they are essential for enabling the basic functionalities of the site. ... 

Always Active

Necessary cookies are required to enable the basic features of this site, such as providing secure log-in or adjusting your consent preferences. These cookies do not store any personally identifiable data.

No cookies to display.

Functional cookies help perform certain functionalities like sharing the content of the website on social media platforms, collecting feedback, and other third-party features.

No cookies to display.

Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics such as the number of visitors, bounce rate, traffic source, etc.

No cookies to display.

Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.

No cookies to display.

Advertisement cookies are used to provide visitors with customized advertisements based on the pages you visited previously and to analyze the effectiveness of the ad campaigns.

No cookies to display.

As the deadline for compliance with the EU’s Digital Operational Resilience Act (DORA) looms, research from Green Raven Limited reveals a concerning gap in confidence regarding supply chain cybersecurity. Despite rigorous preparations for DORA, a significant number of senior cybersecurity professionals, including those from the financial sector, continue to view their supply chains as the weakest link in their security frameworks.

The research conducted by Green Raven sheds light on the vulnerabilities that organisations face, even as they approach compliance with DORA. As of January 17, 2025, financial institutions engaged in cross-border operations with the EU must adhere to DORA’s stringent requirements, which aim to enhance operational resilience within the financial sector, particularly in the face of cyber threats. However, the survey results suggest that organisations are still struggling to address one of their most critical vulnerabilities: their supply chains.

Key Findings from Green Raven’s Survey

A survey conducted by Green Raven, through independent research firm Censuswide, interviewed 200 senior cybersecurity professionals across UK organisations with over 1,000 employees. Of the respondents, 21 were from financial entities engaged in cross-border operations with the EU, and 44% of all respondents expressed concerns over the vulnerability of their supply chain. For financial sector professionals, the figure was nearly identical, with 43% agreeing that their supply chain represented their most significant cybersecurity risk.

Morten Mjels, CEO of Green Raven Limited, commented, “It’s troubling that even after investing significant time and resources in preparing for DORA, such a high proportion of financial sector respondents still feel that their supply chain is their weakest point. This highlights the challenge of addressing third-party risk management effectively, despite the frameworks provided by DORA.”

The Impact of Third-Party Risk Management

Banks and financial institutions, which are specifically impacted by DORA’s provisions regarding ICT suppliers, remain highly focused on third-party risk management (TPRM). Among the cybersecurity professionals from such organisations, an even higher percentage (53%) acknowledged that supply chain security was their weakest link. This further underscores the significant concerns financial institutions have regarding their reliance on external suppliers and contractors for critical services.

Mjels noted, “While this doesn’t necessarily indicate a lack of confidence in their security strategies, it does highlight the fact that supply chains remain the primary area of concern. Financial institutions are especially aware of the vulnerability of third-party suppliers, which are a key focus of DORA’s mandates.”

The Need for Greater Focus on Supply Chain Cybersecurity

DORA will require organisations, especially financial entities, to take a deeper look at their supply chain cybersecurity practices. Green Raven is addressing this challenge by developing tools and solutions that enable organisations to effectively identify, understand, and manage their supply chain cybersecurity risks.

With cyber threats evolving constantly, it is becoming increasingly difficult for organisations to secure their entire network, especially as supply chains grow more complex and involve multiple third-party vendors. Organisations must now be proactive in their approach to supply chain security, ensuring that every external partner adheres to high security standards.

Green Raven’s Solutions for Supply Chain Security

Green Raven Limited offers a comprehensive Supply Chain Monitoring Service that utilises advanced cyber intelligence techniques to provide in-depth visibility and control over entire supply chain networks. These services are aligned with DORA’s objectives and are designed to help organisations manage third-party risks more effectively. By utilising cutting-edge technologies, Green Raven is helping organisations strengthen their cybersecurity resilience against threats that may arise from their supply chain.

Mjels concluded, “The challenges highlighted by our research underline the urgency for organisations to invest in sustainable, practical solutions to manage supply chain cybersecurity. With DORA coming into effect in January 2025, now is the time to ensure that all aspects of cybersecurity, especially in supply chains, are given the attention they deserve.”

Charlotte Patterson

Meet Charlotte Patterson, a seasoned journalist with a passion for uncovering the untold stories that shape our world. With a keen eye for detail and a dedication to unbiased reporting, Charlotte has earned a reputation for her insightful analyses and thought-provoking features. Her diverse portfolio spans politics, culture, and global affairs.

© 2025 AGF | All Rights Reserved