🎧 A severe IT incident – and the clock is ticking. Why DORA leaves no leeway when it comes to reporting IT incidents and how companies can prepare is explained by Josefine Spengler in this episode. Tune in now!
Listen now:
Josefine Spengler is a lawyer at Annerton specialising in IT law. In her practice, she advises companies particularly on IT compliance, incident response, and digital regulatory requirements.
🔍 What to expect in this episode:
-
When an IT incident is classified as “severe”
-
Which deadlines companies must meet under DORA – from classification to final reporting
-
Why attacks on service providers may also be subject to reporting obligations
-
The importance of legally sound contracts and internal processes
-
How companies can prepare effectively with scenarios, checklists, and training exercises
One particularly important point: A successful cyberattack is automatically subject to mandatory reporting – and responsibility remains with the company, even if external partners are affected.
Stay informed and subscribe to the PayTechLaw newsletter. We’ll notify you as soon as a new episode is available.
Stay tuned – next week’s episode will cover business continuity under DORA.
Test it now quickly and easily: How ready is your company for DORA?
🎯 Take advantage of Annerton’s free DORA self-test: In just a few minutes, you can check your individual DORA maturity and identify specific areas for action.
About this podcast
Alles Legal – Fintech Recht Kompakt delivers sharp, weekly insights into legal and compliance matters in the world of banking. (in German only)
This podcast is a collaboration between Payment & Banking and PayTechLaw.
Each Wednesday, we unpack the legal developments shaping the financial world – clearly, concisely, and without the legal jargon.
Since 2021, PayTechLaw authors and Annerton attorneys have brought depth and clarity to complex topics.
Whether it’s PSD3, DORA, or FiDA – we provide the legal context you need.
In 20 minutes. No detours.
