More than 3.2 million DDoS attacks in the first half of 2025 occurred in EMEA.

24% of financial services organizations have not implemented incident reporting (a DORA requirement).

94% of organizations are clear on the steps they need to take for DORA compliance.

20% of financial services organizations have yet to secure the necessary budget to meet DORA requirements.

40% of organizations call DORA a current "top digital resilience priority".

22% of financial services organizations believe the volume of digital regulation is becoming a barrier to innovation or competition.

94% of organizations surveyed now rank DORA higher in their organizational priorities than they did in the month before the deadline.

Half (50%) of the respondents said DORA requirements have been integrated into their broader resilience programs.

Only 20% of financial services organizations have yet to implement third-party risk oversight (a DORA requirement).

34% of financial services organizations cite third-party risk oversight as the most challenging DORA requirement to implement.

24% of financial services organizations have not identified a DORA implementation lead (a DORA requirement).

24% of financial services organizations have not established recovery and continuity testing (a DORA requirement).

23% of financial services organizations have not conducted digital operational resilience testing (a DORA requirement).

41% of senior IT decision makers at financial services report increased stress and pressure on IT and security teams due to DORA.

39% of senior IT decision makers at financial services reported DORA remains a central focus.

96% of EMEA financial services organizations believe they need to improve their resilience to meet DORA requirements.

21% of financial services organizations have not ensured backup integrity and secure data recovery (a DORA requirement).

37% of financial services organizations are dealing with higher costs passed on by ICT vendors as a consequence of DORA.

22% of financial services organizations felt that DORA’s design could have been improved to aid compliance

Over a third (more than 33.3%) of financial services organizations named third-party oversight the most challenging DORA requirement to implement.