Cybersecurity & Information Protection

Learn more about the challenges of cybersecurity
and how we can assist you

Quick access: how Arendt can help you | hot topic - about DORA | latest news, laws and regulations updates

Cyber related crime is on the rise, both in quantity and sophistication. Most systems today are connected making them vulnerable. Further, personal and business data is viewed as the “new gold” and may be very valuable.

The challenging landscape of cybersecurity threats is continuously evolving, and every organisation should adopt a suitable strategy for protection, detection and response to cyberattacks.

Any such strategy must address several questions: How ready is my organization to face a cyber attack or data breach? Do we have a crisis team/incident response plan in place? Do we know what regulations are in place that are related to cyber/data breaches and the necessary reporting requirements? And the list goes on.

To answer these questions, Arendt has developed a One-Stop-Shop offering that provides comprehensive support from a legal, regulatory and operational perspective, delivered by a multidisciplinary team.

How can we help?

The danger is out there, and it is forecast to become worse – let’s not wait for something to happen. Adopting a proactive approach is always better. Arendt is committed to support you as an advisor and facilitator, no matter where you may be in your cybersecurity & information protection journey.

  • Crisis Management - We have a dedicated Cybersecurity & Information Protection team that is there to help you when an incident happens.

  • Response readiness - We are also here to help you before a cyber attack or data breach occur, through a variety of services:
    • we offer a quick health check / stress test of your existing practices
    • our team can assess your risks across your organisation and build a cybersecurity & information protection roadmap to help you respond most effectively during times of crisis
    • we can support you with a continued review of your readiness and provide your board of directors and management with (regulatory) awareness and response training
    • we can implement a hotline providing peace of mind in case you sense an issue, have questions or need immediate help. 

Learn more about our Cybersecurity & Information Team expertise and how they can help you here_

About DORA


DORA (Digital Operational Resilience Act)

Regulations regarding cybersecurity & information protection are on the rise across the globe. The EU continues to be the leading pioneer of cyber and information protection rules including the recently passed DORA (Digital Operational Resilience Act). This EU regulatory framework has been in force as from 16 January 2023 and creates a unified regulatory framework for digital operational resilience which requires EU financial entities to ensure they can withstand, respond to and recover from any ICT-related threats.

On 5 January 2024, the CSSF released a circular on ICT-related incident reporting frameworks, which outlines prior to DORA certain requirements that must be complied with under both this circular and DORA.

The main DORA-requirements for in scope entities deal with a wide range of digital operational resilience topics, divided into 5 pillars:

  • ICT risk management
  • ICT-related incident management, classification and reporting
  • Digital operational resilience testing
  • Managing of ICT third-party risk
  • Information-sharing arrangements

Interested in knowing more about DORA?

DORA  webinar - 5 October 2023

How DORA will impact the Financial Services industry, an informative client webinar that addressed:

  • Common struggles posing challenges to digital operational resilience
  • DORA regulatory framework: context and scope
  • DORA requirements: timelines, organizational & technical requirements, regime on reporting, penalties and remedial measures
  • Key questions you should be asking yourself to determine your position and next steps.

Watch the recording of this webinar here_

Do you have questions? Contact us through cybersecurity@arendt.com_

Latest news, laws and regulations updates

- Article, February 2024 - Digital Operational Resilience Act (DORA) – the countdown for (re)insurers to get ready_
- Newsflash, January 2024 - ICT-related incident reporting – new CSSF Circular and Regulation_
- Newsflash, January 2024 - DORA: first set of final level 2 rules for ICT and third-party risk management and incident reporting frameworks_
- Newsflash, April 2023 - Digital Operational Resilience Act (DORA) - CSSF compliance preparation survey for investment fund managers_
- Newsflash, January 2023 - DORA in force from 16 January 2023 – check your digital operational resilience readiness_

Related Content

DORA: first set of final level 2 rules for ICT and third-party risk management and incident reporting frameworks
The ESAs have published the first set of final draft technical standards under DORA aimed at enhancing the digital operational resilience of the EU fi...
Read More_
Back to 2023 – Forward to 2024
An overview of the major recent legal and regulatory developments under Luxembourg and EU law and upcoming changes.
Read More_
Digital Operational Resilience Act (DORA) - CSSF compliance preparation survey for investment fund managers
On 3 April, the CSSF sent a DORA compliance preparation survey to a number of investment fund managers, to be completed and returned by 15 June 2023.
Read More_
Webinar - Digital Operational Resilience Act (DORA) - How DORA will impact the financial services ...

Would you like to configure your browsing experience at

Let us know your profile and favourite topics


Banks & Financial Institutions and Insurance


Private Clients
Public Sector

UCITS / Liquid Alts

Private Debt
Private Equity
Real Estate