News in the Channel - issue #29

REGULATION

How channel partners can turn NIS2 and DORA into opportunity New legislation concerning regulation and cyber risk governance has come into effect recently, but research shows that many companies are not prepared for it – and this provides an opportunity for channel partners, as Christina Decker, director of Strategic Channels Europe at Trend Micro, explains.

In the last few months, Europe’s Network and Information Security Directive 2 (NIS2) and the Digital Operational Resilience Act (DORA) have come into effect, opening a new era of regulation, accountability and cyber risk governance. Their arrival couldn’t be timelier. The threat landscape has intensified, with last year alone seeing several high-profile data breaches rooted in one persistent vulnerability: poor visibility and oversight of third-party suppliers. Yet, despite the urgency, many organisations are already falling behind on the fundamentals. Research shows that just half of companies are fully compliant with NIS2, and more than one in 10 firms claiming DORA readiness aren’t even monitoring their third-party vendors – one of the regulation’s core requirements. The consequences are potentially severe: fines, reputational damage and increased exposure to cyberattacks that increasingly target the weakest link in the supply chain. Powerful opportunity For businesses, the challenge is clear. But for the channel, this moment represents a powerful opportunity: to lead, to advise, and to build lasting customer relationships based on trust, resilience and recurring value. This is what we call the experience premium: the advantage channel partners bring by combining technical capability

with a deep understanding of regulatory complexity and business risk. Unlike point-solution vendors, channel partners are already embedded in their customers’ ecosystems. They know the infrastructure, workflows and security gaps. That places them in a unique position to guide clients through the journey toward NIS2 and DORA compliance – not just in meeting deadlines, but in building sustainable strategies that evolve with changing threats and regulatory expectations. It’s not just about helping customers buy security tools. It's about helping them operationalise security. NIS2 and DORA place strong emphasis on supply chain risk management, incident reporting and continuous monitoring. These aren’t one-off exercises – they require ongoing visibility and governance across increasingly complex digital ecosystems. That’s why understanding and managing an organisation’s attack surface is becoming critical to achieving and maintaining compliance. Cyber exposure extends beyond the boundaries of a company’s internal systems. It includes every digital and physical asset, as well as third-party services and vendors, each representing a potential entry point for attackers. Without clear insight into this expanding landscape, it’s impossible to assess risk effectively or

Christina Decker director, Strategic Channels Europe

trendmicro.com

The threat landscape has intensified, with last year alone seeing several high-profile data breaches rooted in one persistent vulnerability: poor visibility and oversight of third- party suppliers.

take timely action to reduce it. For channel partners, helping

CONTINUED

www.newsinthechannel.co.uk

35

Powered by