Files

Hermes cc3976fb7f ideas: editorial sweep — atomization, interlinking, restructuring

- Split competitive-analysis-2026-05.org → TOC + 9 competitor files in
  ideas/competitors/. Dropped date from filename. All competitor UUIDs
  generated, TOC keeps original UUID for backlink continuity.
- Deleted passepartout-economics.org archive (replaced by 27-node KB).
- Inlined 5 'See also' blocks into natural prose (compliance-index,
  first-mover-window, revenue-table, orders-of-magnitude-time,
  native-org-knowledge-base).
- Linked 7 orphan compliance pages back to compliance index + finished
  truncated sentences.
- Linked all 14 Agora requirement docs from topic-relevant pages
  (identity→lisp-machine-security, infrastructure→compute-marketplace,
  social-space→growth-strategy, exchange→agora-contracts, etc.).
- Linked ai-industry-impact from investment-thesis, sufficiency-flip,
  verification-appliance, effects-growth-flywheel (up from 1 to 10+ pages).
- Fixed CREATED timestamps to use git commit dates instead of today.
- Made all links absolute from root (no port inheritance).
- Removed stale agora/docs/ duplicate content.

2026-05-24 16:25:55 +00:00

1.5 KiB

Raw Blame History

DORA (Digital Operational Resilience Act)

DORA (Digital Operational Resilience Act)

DORA (Digital Operational Resilience Act)

EU regulation (effective January 2025) for the financial sector. Requires: ICT risk management, incident reporting, digital operational resilience testing, ICT third-party risk management (including contractual access and audit rights for critical ICT providers), information sharing, threat-led penetration testing (TLPT) for systemic institutions.

Who must comply: 22,000+ financial entities in the EU (banks, investment firms, payment processors, crypto-asset providers, insurance companies). Also ICT third-party providers deemed critical.

Penalties: Up to 2% of average daily turnover × number of days breached, or 10M EUR for legal entities. Personal liability for management.

Why it matters: DORA's third-party risk management requirement is a natural gate stack use case — every ICT provider access must be gated, logged, and auditable. TLPT (threat-led penetration testing) maps to the evaluation harness. First-mover advantage is extremely time-sensitive: DORA is already in effect (January 2025). Financial institutions are scrambling for compliance tooling. A DORA gate package at $50K/yr with zero incremental cost per additional user is an immediate sale.

1.5 KiB Raw Blame History Unescape Escape

DORA (Digital Operational Resilience Act)

DORA (Digital Operational Resilience Act)

1.5 KiB

Raw Blame History