Unlock Compliance Confidence: DORA & Cybersecurity Essentials for Insurers

Introduction

Since the Digital Operational Resilience Act (DORA) came into effect in January 2025, insurers and financial institutions must prepare for a new wave of regulatory obligations focused on strengthening digital resilience and managing ICT-related risks.

This webinar is tailored for legal professionals in cybersecurity, data protection, regulatory compliance, and in-house insurance teams and will provide a practical overview of DORA’s key requirements, including ICT risk management, incident reporting, third-party oversight, and operational resilience testing, while also exploring how these obligations interact with existing UK frameworks such as the FCA’s operational resilience regime.

Attendees will gain a clear understanding of DORA’s scope and its impact on insurers, legal and contractual strategies for compliance, and expert guidance on managing regulatory risk and preparing for supervisory scrutiny.

What You Will Learn

This webinar will cover the following:

• An introduction to DORA and why DORA matters for insurers and legal advisors
• Scope and Applicability for Insurers
• Which insurance entities fall under DORA’s scope?
• Cross-border implications for UK insurers with EU operations
• Interaction with UK operational resilience rules (e.g. FCA PS21/3)
• The Core Compliance Pillars and a breakdown of DORA’s five key pillars:
• ICT Risk Management - legal obligations and governance structures
• Incident Reporting - timelines, thresholds, and legal risk
• Digital Resilience Testing - threat-led penetration testing (TLPT) requirements
• Third-Party Risk Management - contractual obligations and oversight
• Information Sharing - legal considerations around cyber threat intelligence
• Contractual Implications
• Third-Party Risk and Contractual Negotiations
• Drafting and amending clauses for compliance e.g. right to audit and inspect
• Risk in legacy contracts
• Cyber Insurance & Risk Transfer
• How DORA is reshaping the cyber insurance market
• Legal considerations in underwriting and claims
• Alignment with other global frameworks e.g. New York Department of Financial Services (NYDFS) cybersecurity regulations
• Enforcement, Penalties & Litigation Risk
• Supervisory powers and sanctions under DORA
• Legal exposure for non-compliance
• Preparing for regulatory investigations and audits
• Practical Steps
• Conducting gap assessments
• Advising clients on governance and board-level accountability
• Building internal awareness and training programmes

This pre-recorded webinar will be available to view from Monday 9th March 2026

Alternatively, you can gain access to this webinar and 2,100+ others via the MBL Webinar Subscription. Please email webinarsubscription@mblseminars.com for more details.