An insider's perspective on DORA and NIS2 | Very Important Questions

Описание: Europe's new cyber guidance DORA and NIS2 were supposed to strengthen financial and critical infrastructure security, but they're having the opposite effect. Field CISO Pierre Noel reveals why these well-intentioned regulations are often lowering security standards and turning cybersecurity into a checkbox exercise.

Pierre shares real stories from his experience working with regulators across Europe and Asia, including the regulator who asked banks to lower their firewalls for penetration testing.

The conversation covers why compliance frameworks often miss the real threats, how young consultants without field experience are writing cyber rules that don't work in practice, and why the traditional CISO role needs to evolve into something broader.

Key topics covered:
[00:00] Intro
[00:08] Regulator asks banks to lower firewalls
[01:02] Pierre explains European cybersecurity regulations
[03:13] Why geopolitical threats drive Dora
[04:18] Small financial firms create systemic risk
[06:10] Third party vendor dependencies threaten security
[07:15] Compliance versus security creates dangerous gaps
[08:44] How financial regulators vary by country
[10:19] Stories regulators never ask about
[11:29] 30 mystery servers found in bank
[16:21] Young consultants lack real world experience
[17:48] Enforcement will determine regulation success
[20:26] Essential monitoring and incident response priorities
[23:25] Why tabletop exercises reveal board unpreparedness
[26:47] Information sharing requirements face cultural barriers
[30:47] Chief resilience officer replaces traditional CISO
[35:46] Psychology drives every cybersecurity incident
[37:07] AI policies missing from most organizations
[38:09] Data classification systems nobody actually uses
[42:34] Risk based approach beats vendor pitches

Pierre Noel is Field CISO at Expel and former CISO of Microsoft Asia. He has extensive experience building cybersecurity communities and working with financial regulators across Europe, Asia, and Switzerland.

-

🤳 Connect with us!
Subscribe to our YouTube channel:    / @expelsecurity  
LinkedIn:   / expel  
Twitter:   / expelsecurity