#dora

#dora

GDPR fines pushed past the £1 billion (€1.2 billion) mark in 2025 as Europe's regulators were deluged with more than 400 data breach notifications a day, according to a new survey that suggests the post-plateau era of enforcement has well and truly arrived. The figures come from the latest GDPR Fines and Data Breach Survey published by DLA Piper, which puts total fines issued across Europe last year at roughly £1 billion (€1.2 billion), up from £996 million in 2024. While that year-on-year increase is modest, regulators have now handed down €7.1 billion (£6.2 billion) in penalties since GDPR came into force in May 2018.

For almost ten years, the DORA research initiative has explored the effectiveness and metrics of top-performing organizations driven by technology. This effort has gathered insights from over 36,000 professionals from various sizes of organizations and a wide range of industries. DORA aims to unravel the link between operational practices (capabilities) and their outcomes, focusing on significant achievements both organization-wide and to its members.

Cloud platforms, outsourced IT, and digital trading systems power day-to-day operations - but they also introduce serious risks. Cyberattacks, system failures, and supplier disruptions can trigger regulatory breaches, financial losses, and reputational damage. To strengthen the resilience of Europe's financial system, the EU introduced the Digital Operational Resilience Act (DORA), often called the DORA Directive. Although the UK is no longer part of the EU, DORA still applies to many UK firms.