Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On the podcast: 40-50% of organisations lack the skills for DORA compliance. There's only one option - train or risk non-compliance.

DORA is exposing a quiet crisis: talent burnout. Staff can’t scale without support.

On the podcast: DORA compliance needs IT, security and business talking daily. Silos won’t cut it anymore.

“We haven’t seen any substantive change in cybersecurity — unless it’s driven by compliance. PCI DSS got people moving, but only on part of their data. Enforcement is what’s waking people up.”

Six months into DORA — is financial services building real resilience or just ticking boxes? In this episode of Razorwire, host James Rees is joined by Richard Cassidy, Jonathan Care, and first-time guest Romain Deslorieux to dissect how the Digital Operational Resilience Act (DORA) is really playing out in financial services — beyond the policies and into the pressure.

“You’re securing an institution layered with decades of outdated tech.” Unlike startups, NHS security means battling generations of forgotten systems.

“Different integrators, no escrow, legacy code… it’s a big mess.” The NHS faces systemic tech failures that sabotage even the best InfoSec intentions.

“People don’t take security seriously until it’s too late.” The NHS — like many institutions — only acts after the damage is done. That has to change.

“You’re inheriting 30 years of technical debt — it’s a Frankenstein system.” New tech can’t save the NHS unless someone untangles the mess underneath.

“You’re not going to get top-tier infosec talent on a nurse’s salary.” Recruiting cybersecurity professionals into the NHS is a challenge when commercial roles pay double.