{"id":7178,"date":"2026-05-26T11:04:38","date_gmt":"2026-05-26T09:04:38","guid":{"rendered":"https:\/\/logmanager.com\/?post_type=learning_hub&#038;p=7178"},"modified":"2026-05-27T10:52:40","modified_gmt":"2026-05-27T08:52:40","slug":"narizeni-dora-a-log-management","status":"publish","type":"learning_hub","link":"https:\/\/logmanager.com\/cs\/learn\/narizeni-dora-a-log-management\/","title":{"rendered":"Role log management p\u0159i pln\u011bn\u00ed po\u017eadavk\u016f na\u0159\u00edzen\u00ed DORA"},"content":{"rendered":"\n<p>Log management je d\u016fle\u017eitou sou\u010d\u00e1st\u00ed pln\u011bn\u00ed po\u017eadavk\u016f regulace DORA. V tomto \u010dl\u00e1nku se pod\u00edv\u00e1me na oblasti, ve kter\u00fdch pom\u00e1h\u00e1 zajistit soulad, lep\u0161\u00ed dohled a vy\u0161\u0161\u00ed \u00farove\u0148 provozn\u00ed odolnosti.<\/p>\n\n\n<div class=\"flex items-start gap-4 lg:gap-6 bg-white rounded-2xl lg:rounded-24 p-6 pr-8 lg:p-8 lg:pr-10 my-6 lg:my-10\">\n            <div class=\"flex-shrink-0 size-7\">\n            <svg width=\"28\" height=\"28\" viewBox=\"0 0 28 28\" fill=\"none\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\">\n                <g clip-path=\"url(#clip0_2972_5339)\">\n                <path d=\"M14.0025 28.0049C21.7358 28.0049 28.0049 21.7358 28.0049 14.0025C28.0049 6.26912 21.7358 0 14.0025 0C6.26912 0 0 6.26912 0 14.0025C0 21.7358 6.26912 28.0049 14.0025 28.0049Z\" fill=\"#00E24A\"\/>\n                <path d=\"M12.9659 20V11.2727H15.3864V20H12.9659ZM14.1818 10.1477C13.822 10.1477 13.5133 10.0284 13.2557 9.78977C13.0019 9.54735 12.875 9.25758 12.875 8.92045C12.875 8.58712 13.0019 8.30114 13.2557 8.0625C13.5133 7.82008 13.822 7.69886 14.1818 7.69886C14.5417 7.69886 14.8485 7.82008 15.1023 8.0625C15.3598 8.30114 15.4886 8.58712 15.4886 8.92045C15.4886 9.25758 15.3598 9.54735 15.1023 9.78977C14.8485 10.0284 14.5417 10.1477 14.1818 10.1477Z\" fill=\"white\"\/>\n                <\/g>\n                <defs>\n                <clipPath id=\"clip0_2972_5339\">\n                <rect width=\"28\" height=\"28.0049\" fill=\"white\"\/>\n                <\/clipPath>\n                <\/defs>\n            <\/svg>\n        <\/div>\n    \n    <div class=\"infobox-content leading-normal\"><p><strong>TL;DR<\/strong><\/p>\n<p data-start=\"0\" data-end=\"306\">V kontextu regulace DORA p\u0159edstavuje log management z\u00e1kladn\u00ed vrstvu pro observabilitu, odolnost a auditovatelnost. Pom\u00e1h\u00e1 organizac\u00edm plnit po\u017eadavky DORA prost\u0159ednictv\u00edm centralizovan\u00e9ho sb\u011bru log\u016f, monitorov\u00e1n\u00ed a alertov\u00e1n\u00ed v re\u00e1ln\u00e9m \u010dase, uchov\u00e1v\u00e1n\u00ed auditn\u00edch stop a zlep\u0161en\u00ed p\u0159ehledu nap\u0159\u00ed\u010d IT syst\u00e9my.<\/p>\n<p data-start=\"308\" data-end=\"381\">Log management je nejv\u00edce relevantn\u00ed pro n\u00e1sleduj\u00edc\u00ed \u010d\u00e1sti regulace DORA:<\/p>\n<ul data-start=\"383\" data-end=\"618\" data-is-last-node=\"\" data-is-only-node=\"\">\n<li data-section-id=\"1om686y\" data-start=\"383\" data-end=\"432\"><strong data-start=\"385\" data-end=\"415\">\u0158\u00edzen\u00ed ICT rizik<\/strong> <em data-start=\"416\" data-end=\"430\">(\u010dl\u00e1nky 5\u20137)<\/em><\/li>\n<li data-section-id=\"106nc08\" data-start=\"433\" data-end=\"491\"><strong data-start=\"435\" data-end=\"468\">Detekce a reakce na incidenty<\/strong> <em data-start=\"469\" data-end=\"489\">(\u010dl\u00e1nky 10, 17\u201320)<\/em><\/li>\n<li data-section-id=\"ny5txo\" data-start=\"492\" data-end=\"554\"><strong data-start=\"494\" data-end=\"535\">Hl\u00e1\u0161en\u00ed incident\u016f (z\u00e1va\u017en\u00e9 incidenty)<\/strong> <em data-start=\"536\" data-end=\"552\">(\u010dl\u00e1nky 19\u201320)<\/em><\/li>\n<li data-section-id=\"gjzx9d\" data-start=\"555\" data-end=\"618\" data-is-last-node=\"\"><strong data-start=\"557\" data-end=\"604\">Sd\u00edlen\u00ed informac\u00ed o kybernetick\u00fdch hrozb\u00e1ch<\/strong> <em data-start=\"605\" data-end=\"618\" data-is-last-node=\"\">(\u010dl\u00e1nek 45)<\/em><\/li>\n<\/ul>\n<\/div>\n<\/div>\n\n\n\n<h2 class=\"wp-block-heading\">Co je DORA?<\/h2>\n\n\n\n<p><a href=\"https:\/\/data.consilium.europa.eu\/doc\/document\/PE-41-2022-INIT\/en\/pdf\" target=\"_blank\" rel=\"noopener\">Na\u0159\u00edzen\u00ed o digit\u00e1ln\u00ed provozn\u00ed odolnosti (DORA)<\/a> je na\u0159\u00edzen\u00ed Evropsk\u00e9 unie, jej\u00edm\u017e c\u00edlem je zv\u00fd\u0161it odolnost finan\u010dn\u00edch instituc\u00ed v\u016f\u010di kybernetick\u00fdm a ICT hrozb\u00e1m. Jedn\u00e1 se o legislativu, pr\u00e1vn\u011b z\u00e1vazn\u00fd p\u0159edpis, kter\u00fd m\u00e1 p\u0159\u00edm\u00fd \u00fa\u010dinek ve v\u0161ech \u010dlensk\u00fdch st\u00e1tech EU (a nemus\u00ed b\u00fdt tedy transponov\u00e1na jako nap\u0159\u00edklad NIS2).<\/p>\n\n\n\n<p>Na\u0159\u00edzen\u00ed stanovuje pravidla pro \u0159\u00edzen\u00ed ICT rizik, zvl\u00e1d\u00e1n\u00ed bezpe\u010dnostn\u00edch incident\u016f, testov\u00e1n\u00ed kybernetick\u00e9 odolnosti, dohled nad poskytovateli ICT slu\u017eeb t\u0159et\u00edch stran a sd\u00edlen\u00ed informac\u00ed o kybernetick\u00fdch hrozb\u00e1ch.<\/p>\n\n\n\n<p>Jedn\u00e1 se o dal\u0161\u00ed evropskou regulac\u00ed zam\u011b\u0159enou na kybernetickou bezpe\u010dnost. Dopl\u0148uje \u0161ir\u0161\u00ed sm\u011brnici <a href=\"https:\/\/logmanager.com\/cs\/blog\/it-compliance\/role-log-managementu-a-siem-v-novem-zakonu-o-kyberneticke-bezpecnosti\/\">NIS2<\/a> (v \u010cesk\u00e9 republice reprezentovan\u00e9 nov\u00fdm z\u00e1konem o kybernetick\u00e9 bezpe\u010dnosti) t\u00edm, \u017ee p\u0159in\u00e1\u0161\u00ed detailn\u011bj\u0161\u00ed a specificky zam\u011b\u0159en\u00e9 po\u017eadavky pro finan\u010dn\u00ed sektor.<\/p>\n\n\n\n<p>Na\u0159\u00edzen\u00ed DORA vstoupilo v platnost na za\u010d\u00e1tku roku 2023 a od ledna 2025 se j\u00edm povinn\u00e9 subjekty p\u016fsob\u00edc\u00ed v EU mus\u00ed \u0159\u00eddit.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Na koho se vztahuje na\u0159\u00edzen\u00ed DORA?<\/h2>\n\n\n\n<p>Na\u0159\u00edzen\u00ed DORA se vztahuje na \u0161irok\u00e9 spektrum finan\u010dn\u00edch subjekt\u016f p\u016fsob\u00edc\u00edch v EU. Dopad\u00e1 tak nap\u0159\u00edklad na:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>banky,<\/li>\n\n\n\n<li>poji\u0161\u0165ovny,<\/li>\n\n\n\n<li>investi\u010dn\u00ed firmy,<\/li>\n\n\n\n<li>poskytovatele platebn\u00edch slu\u017eeb,<\/li>\n\n\n\n<li>poskytovatele ICT slu\u017eeb ve finan\u010dn\u00edm sektoru.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Jak log management souvis\u00ed s na\u0159\u00edzen\u00edm DORA?<\/h2>\n\n\n\n<p>DORA vy\u017eaduje, aby finan\u010dn\u00ed instituce m\u011bly velmi detailn\u00ed p\u0159ehled o d\u011bn\u00ed ve sv\u00e9m IT prost\u0159ed\u00ed. K tomu jsou mimo jin\u00e9 pot\u0159eba n\u00e1stroje n\u00e1stroje pro detekci, anal\u00fdzu a reakci na kyberbezpe\u010dnostn\u00ed hrozby a provozn\u00ed incidenty.<\/p>\n\n\n\n<p><a href=\"https:\/\/logmanager.com\/cs\/blog\/log-management\/log-management-best-practices\/\">Log management<\/a> a <a href=\"https:\/\/logmanager.com\/cs\/blog\/log-management\/analyza-logu\/\">anal\u00fdza log\u016f<\/a> \u00fazce souvis\u00ed s po\u017eadavky DORA p\u0159edev\u0161\u00edm kv\u016fli schopnostem zajistit:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>centralizovan\u00fd sb\u011br log\u016f,<\/li>\n\n\n\n<li>log monitoring a upozorn\u011bn\u00ed v re\u00e1ln\u00e9m \u010dase na hrozby, anom\u00e1lie a provozn\u00ed incidenty,<\/li>\n\n\n\n<li>dlouhodob\u00e9 uchov\u00e1v\u00e1n\u00ed log\u016f pro auditin\u00ed a forenzn\u00ed \u00fa\u010dely,<\/li>\n\n\n\n<li>analytick\u00e9 n\u00e1stroje pro investigaci p\u0159\u00ed\u010din a dopad\u016f.<\/li>\n<\/ul>\n\n\n\n<p>Pod\u00edvejme se nyn\u00ed na konkr\u00e9tn\u00ed ustanoven\u00ed regulace DORA, u kter\u00fdch log management pom\u00e1h\u00e1 zajistit soulad s na\u0159\u00edzen\u00edm (<a href=\"https:\/\/logmanager.com\/cs\/?p=3680\">IT compliance<\/a>).<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Kl\u00ed\u010dov\u00e9 povinnosti a po\u017eadavky na odolnost dle DORA<\/h2>\n\n\n\n<p>N\u00ed\u017ee uv\u00e1d\u00edme p\u0159ehled hlavn\u00edch po\u017eadavk\u016f na\u0159\u00edzen\u00ed DORA, kter\u00e9 maj\u00ed vztah k n\u00e1stroj\u016fm pro spr\u00e1vu log\u016f. Na p\u0159\u00edkladech uk\u00e1\u017eeme, jak efektivn\u00ed log management pom\u00e1h\u00e1 tyto po\u017eadavky napl\u0148ovat.<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>\u0158\u00edzen\u00ed a organiza\u010dn\u00ed r\u00e1mec (\u010dl\u00e1nek 5)<\/li>\n<\/ol>\n\n\n\n<p>Tento \u010dl\u00e1nek ukl\u00e1d\u00e1 odpov\u011bdnost za \u0159\u00edzen\u00ed ICT rizik p\u0159\u00edmo na bedra veden\u00ed organizace.<\/p>\n\n\n\n<p><strong>Vazba na log management:<\/strong><\/p>\n\n\n\n<p>Centralizovan\u00e9 n\u00e1stroje pro spr\u00e1vu log\u016f poskytuj\u00ed p\u0159ehled o aktivit\u00e1ch syst\u00e9m\u016f, incidentech a anom\u00e1li\u00edch. Ty jsou u\u017eite\u010dn\u00e9 p\u0159edev\u0161\u00edm administr\u00e1tor\u016fm a dal\u0161\u00edm IT specialist\u016fm p\u0159i jejich ka\u017edodenn\u00ed pr\u00e1ci.<\/p>\n\n\n\n<p>Logy ale z\u00e1rove\u0148 slou\u017e\u00ed jako zdroj dat pro pro reporting rizik a trend\u016f, kter\u00e9 umo\u017e\u0148uj\u00ed \u010dinit informovan\u00e1 rozhodnut\u00ed na mana\u017eersk\u00e9 \u00farovni. Celkov\u011b tak podporuj\u00ed obezn\u00e1menost veden\u00ed o stavu IT prost\u0159ed\u00ed a vy\u017eadovan\u00fd dohled nad souladem s regulac\u00ed.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">2. \u0158\u00edzen\u00ed ICT rizik (ICT Risk Management Framework, \u010dl\u00e1nek 6)<\/h3>\n\n\n\n<p>Tento \u010dl\u00e1nek definuje j\u00e1dro povinnost\u00ed pro finan\u010dn\u00ed subjekty, tzv. r\u00e1mec \u0159\u00edzen\u00ed ICT rizik. Framework ukl\u00e1d\u00e1 finan\u010dn\u00edm instituc\u00edm povinnost rychle a efektivn\u011b \u0159e\u0161it digit\u00e1ln\u00ed rizika a zajistit vysokou \u00farove\u0148 odolnosti proti nim. Mimo jin\u00e9 sem spad\u00e1:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>identifikace ICT rizik,<\/li>\n\n\n\n<li>ochrann\u00e1 a preventivn\u00ed opat\u0159en\u00ed,<\/li>\n\n\n\n<li>detekce anom\u00e1li\u00ed,<\/li>\n\n\n\n<li>reakce a obnova po incidentu,<\/li>\n\n\n\n<li>pr\u016fb\u011b\u017en\u00e9 zlep\u0161ov\u00e1n\u00ed a sd\u00edlen\u00ed informac\u00ed.<\/li>\n<\/ul>\n\n\n\n<p>Ve\u0161ker\u00e9 procesy, n\u00e1stroje, politiky a strategie k tomu mus\u00ed b\u00fdt kvalitn\u011b zdokumentov\u00e1ny.<\/p>\n\n\n\n<p>Po\u017eadavky na \u0159\u00edzen\u00ed ICT rizik vypl\u00fdvaj\u00edc\u00ed z DORA jsou vysok\u00e9. Nav\u00edc, jak vypl\u00fdv\u00e1 z \u010dl\u00e1nku 5, veden\u00ed organizace odpov\u00edd\u00e1 za schv\u00e1len\u00ed a dohled nad strategi\u00ed \u0159\u00edzen\u00ed ICT rizik, a mus\u00ed tak m\u00edt dostate\u010dn\u00e9 znalosti.<\/p>\n\n\n\n<p><strong>Vazba na log management:<\/strong><\/p>\n\n\n\n<p>Logov\u00e1n\u00ed podporuje v\u00edce \u010d\u00e1st\u00ed r\u00e1mce \u0159\u00edzen\u00ed ICT rizik:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Detekce: D\u00edky upozorn\u011bn\u00edm v re\u00e1ln\u00e9m \u010dase a detekci anom\u00e1li\u00ed.<\/li>\n\n\n\n<li>Reakce: <a href=\"https:\/\/logmanager.com\/cs\/blog\/log-management\/jak-na-logovani-typy-logu-zdroje-co-logovat\/\">Logy<\/a> pom\u00e1haj\u00ed investigovat rozsah a dopad incidentu.<\/li>\n\n\n\n<li>Obnova po incidentu a u\u010den\u00ed: Historick\u00e1 data umo\u017e\u0148uj\u00ed anal\u00fdzu p\u0159\u00ed\u010din, p\u0159ezkoum\u00e1n\u00ed incidentu, optimalizaci a zaveden\u00ed n\u00e1pravn\u00fdch opat\u0159en\u00ed do budoucna.<\/li>\n<\/ul>\n\n\n\n<h3 class=\"wp-block-heading\">3. ICT syst\u00e9my, protokoly a n\u00e1stroje (\u010dl\u00e1nek 7)<\/h3>\n\n\n\n<p>Tento \u010dl\u00e1nek ukl\u00e1d\u00e1 povinnost zajistit, aby ICT syst\u00e9my a n\u00e1stroje byly spolehliv\u00e9, bezpe\u010dn\u00e9 a nep\u0159etr\u017eit\u011b monitorovan\u00e9.<\/p>\n\n\n\n<p><strong>Vazba na log management:<\/strong><\/p>\n\n\n\n<p><a href=\"https:\/\/logmanager.com\/cs\/reseni\/log-management\/\">Log management n\u00e1stroje<\/a> se b\u011b\u017en\u011b vyu\u017e\u00edvaj\u00ed pro udr\u017eov\u00e1n\u00ed bezpe\u010dnosti a spolehlivosti IT prost\u0159ed\u00ed. Tyto n\u00e1stroje zaji\u0161\u0165uj\u00ed kontrolu nad spr\u00e1vnou funk\u010dnost\u00ed IT syst\u00e9m\u016f, a jejich aktivn\u00ed monitoring z hlediska bezpe\u010dnostn\u00edch incident\u016f, pokles\u016f v\u00fdkonu nebo provozn\u00edch anom\u00e1li\u00ed.<\/p>\n\n\n\n<p>Nap\u0159\u00edklad pr\u016fmyslov\u00fd z\u00e1vod Panasonicu pou\u017e\u00edv\u00e1 Logmanager pr\u00e1v\u011b t\u00edmto zp\u016fsobem \u2013 pro monitoring d\u016fle\u017eit\u00fdch zdroj\u016f, jako jsou switche, Wi-Fi p\u0159\u00edstupov\u00e9 body, Windows servery, p\u0159\u00edstupov\u00e9 logy a firewally. V\u00edce se dozv\u00edte v na\u0161\u00ed <a href=\"https:\/\/logmanager.com\/cs\/home\/panasonic-2\/\">p\u0159\u00edpadov\u00e9 studii<\/a>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">4. Detekce anom\u00e1li\u00ed (\u010dl\u00e1nek 10)<\/h3>\n\n\n\n<p>\u010cl\u00e1nek 10 na\u0159\u00edzen\u00ed DORA se zam\u011b\u0159uje na schopnost finan\u010dn\u00edch instituc\u00ed v\u010das detekovat anom\u00e1lie ve sv\u00e9m IT prost\u0159ed\u00ed. Tedy aktivity, kter\u00e9 mohou signalizovat bezpe\u010dnostn\u00ed incidenty nebo jin\u00e1 rizika.<\/p>\n\n\n\n<p>Dle DORA finan\u010dn\u00ed instituce mus\u00ed:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Zav\u00e9st mechanismy pro detekci anom\u00e1li\u00ed.<\/li>\n\n\n\n<li>Zajistit, aby tyto mechanismy umo\u017e\u0148ovaly monitoring v re\u00e1ln\u00e9m \u010dase nebo t\u00e9m\u011b\u0159 re\u00e1ln\u00e9m \u010dase a byly schopny odhalit jak intern\u00ed chyby, tak extern\u00ed \u00fatoky.<\/li>\n\n\n\n<li>Pou\u017e\u00edvat automatizovan\u00e9 monitorovac\u00ed n\u00e1stroje tam, kde je to mo\u017en\u00e9.<\/li>\n\n\n\n<li>Nastavit p\u0159eddefinovan\u00e1 pravidla a prahov\u00e9 hodnoty pro identifikaci neobvykl\u00e9ho chov\u00e1n\u00ed.<\/li>\n\n\n\n<li>Zajistit funguj\u00edc\u00ed syst\u00e9m notifikac\u00ed a upozorn\u011bn\u00ed, kter\u00e9 spust\u00ed reakci na incident.<\/li>\n<\/ul>\n\n\n\n<p>Ve sv\u00e9 podstat\u011b \u010dl\u00e1nek 10 vy\u017eaduje, aby finan\u010dn\u00ed instituce disponovaly robustn\u00edmi a proaktivn\u00edmi monitorovac\u00edmi a alertovac\u00edmi mechanismy, kter\u00e9 dok\u00e1\u017eou rychle odhalit a p\u0159isp\u011bt k promptn\u00edmu \u0159e\u0161en\u00ed ICT hrozeb a incident\u016f.<\/p>\n\n\n\n<p><strong>Vazba na log management:<\/strong><\/p>\n\n\n\n<p>DORA v \u010dl\u00e1nku 10 v\u00fdslovn\u011b po\u017eaduje mechanismy pro \u201ev\u010dasn\u00e9 odhalov\u00e1n\u00ed neobvykl\u00fdch aktivit\u201c a ICT incident\u016f. Centralizovan\u00e1 spr\u00e1va log\u016f a anal\u00fdza se b\u011b\u017en\u011b vyu\u017e\u00edvaj\u00ed k v\u010dasn\u00e9mu upozorn\u011bn\u00ed na hrozby \u010di provozn\u00ed selh\u00e1n\u00ed, stejn\u011b jako pro n\u00e1slednou anal\u00fdzu p\u0159\u00ed\u010din.<\/p>\n\n\n\n<p>Re\u00e1ln\u00fdm p\u0159\u00edkladem vyu\u017eit\u00ed log managementu t\u00edmto zp\u016fsobem je nasazen\u00ed n\u00e1stroje Logmanager v IT prost\u0159ed\u00ed telekomunika\u010dn\u00edho oper\u00e1tora Telco Pro Services. V\u00edce se dozv\u00edte v na\u0161\u00ed <a href=\"https:\/\/logmanager.com\/cs\/pripadove-studie\/telco-pro-services\/\">p\u0159\u00edpadov\u00e9 studii<\/a>.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">5. Hl\u00e1\u0161en\u00ed a \u0159\u00edzen\u00ed ICT incident\u016f (\u010dl\u00e1nky 17\u201320)<\/h3>\n\n\n\n<p>\u0158\u00edzen\u00ed ICT incident\u016f je jedn\u00edm ze st\u011b\u017eejn\u00edch pil\u00ed\u0159\u016f regulace DORA. DORA vy\u017eaduje zaveden\u00ed postup\u016f pro <em>\u201eidentifikaci, sledov\u00e1n\u00ed, zaznamen\u00e1v\u00e1n\u00ed, kategorizaci a klasifikaci ICT incident\u016f podle jejich priority a z\u00e1va\u017enosti\u201c<\/em> (\u010dl\u00e1nek 17).<\/p>\n\n\n\n<p>Z\u00e1va\u017en\u00e9 incidenty mus\u00ed b\u00fdt neprodlen\u011b hl\u00e1\u0161eny veden\u00ed organizace a n\u00e1sledn\u011b i p\u0159\u00edslu\u0161n\u00fdm dozorov\u00fdm org\u00e1n\u016fm (\u010dl\u00e1nek 19). Takov\u00e9 hl\u00e1\u0161en\u00ed by m\u011blo obsahovat vysv\u011btlen\u00ed incidentu, jeho dopadu, popis p\u0159ijat\u00fdch opat\u0159en\u00ed v reakci na incident, a rovn\u011b\u017e posouzen\u00ed p\u0159\u00edpadn\u00fdch dopad\u016f mimo povinn\u00fd subjekt.<\/p>\n\n\n\n<p>DORA d\u00e1le ukl\u00e1d\u00e1 povinnost prov\u00e1d\u011bt zp\u011btn\u00e9 vyhodnocen\u00ed incident\u016f a implementovat z\u00edskan\u00e1 ponau\u010den\u00ed (\u010dl\u00e1nek 16).<\/p>\n\n\n\n<p><strong>Vazba na log management:<\/strong><strong><br><\/strong>Centralizovan\u00e9 a podrobn\u00e9 logov\u00e1n\u00ed je pro spr\u00e1vu a hl\u00e1\u0161en\u00ed incident\u016f podle DORA zcela z\u00e1sadn\u00ed. Logy poskytuj\u00ed d\u016fkazy a \u010dasovou osu nutnou k pochopen\u00ed toho, co se stalo, ke spr\u00e1vn\u00e9 klasifikaci incident\u016f a k dodr\u017een\u00ed stanoven\u00fdch term\u00edn\u016f pro hl\u00e1\u0161en\u00ed regul\u00e1tor\u016fm. Umo\u017e\u0148uj\u00ed tak\u00e9 ur\u010dit, kter\u00e9 slu\u017eby byly zasa\u017eeny, vyhodnotit dopad, identifikovat p\u0159\u00ed\u010diny a navrhnout opat\u0159en\u00ed k pos\u00edlen\u00ed obrany a prevenci do budoucna.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">6. Penetra\u010dn\u00ed testov\u00e1n\u00ed a testov\u00e1n\u00ed odolnosti (\u010dl\u00e1nky 24\u201327)<\/h3>\n\n\n\n<p>Na\u0159\u00edzen\u00ed DORA zav\u00e1d\u00ed p\u0159\u00edsn\u00e9 po\u017eadavky na testov\u00e1n\u00ed digit\u00e1ln\u00ed odolnosti organizace. Instituce mus\u00ed pravideln\u011b prov\u00e1d\u011bt hodnocen\u00ed odolnosti, v\u010detn\u011b penetra\u010dn\u00edho testov\u00e1n\u00ed zam\u011b\u0159en\u00e9ho na kybernetick\u00e9 hrozby (Threat-Led Penetration Testing, TLPT), a to minim\u00e1ln\u011b jednou za t\u0159i roky (\u010dl\u00e1nek 26).<\/p>\n\n\n\n<p>Tyto testy, p\u0159ipom\u00ednaj\u00edc\u00ed tzv. \u201ered-team\u201c cvi\u010den\u00ed, simuluj\u00ed re\u00e1ln\u00e9 kybernetick\u00e9 \u00fatoky za \u00fa\u010delem prov\u011b\u0159en\u00ed schopnosti detekce, ochrany a reakce. Organizace mus\u00ed z\u00e1rove\u0148 adresovat v\u0161echny zji\u0161t\u011bn\u00e9 slabiny prost\u0159ednictv\u00edm p\u0159ijet\u00ed n\u00e1pravn\u00fdch opat\u0159en\u00ed (\u010dl\u00e1nek 27).<\/p>\n\n\n\n<p><strong>Vazba na log management:<\/strong><strong><br><\/strong>Centralizovan\u00e1 spr\u00e1va log\u016f je pro TLPT testy velmi d\u016fle\u017eit\u00e1. Log management syst\u00e9my poskytuj\u00ed upozorn\u011bn\u00ed na podez\u0159el\u00e9 aktivity, co\u017e je z\u00e1sadn\u00ed pro bezpe\u010dnostn\u00ed monitoring. Uchov\u00e1van\u00e9 logy nav\u00edc podporuj\u00ed dokumentaci v\u00fdsledk\u016f a jsou podkladem pro n\u00e1sledn\u00e9 n\u00e1pravn\u00e9 kroky vy\u017eadovan\u00e9 po testu.<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">7. Sd\u00edlen\u00ed informac\u00ed o kybernetick\u00fdch hrozb\u00e1ch (\u010dl\u00e1nek 45)<\/h3>\n\n\n\n<p>Na\u0159\u00edzen\u00ed DORA podporuje finan\u010dn\u00ed instituce v tom, aby se dobrovoln\u011b zapojovaly do iniciativ zam\u011b\u0159en\u00fdch na sd\u00edlen\u00ed informac\u00ed o kybernetick\u00fdch hrozb\u00e1ch (\u010dl\u00e1nek 45).<\/p>\n\n\n\n<p>C\u00edlem je p\u0159irozen\u011b pos\u00edlit kolektivn\u00ed odolnost prost\u0159ednictv\u00edm sd\u00edlen\u00ed indik\u00e1tor\u016f kompromitace (Indicators of Compromise, IOC) a best practices p\u0159i boji s hrozbami.<\/p>\n\n\n\n<p><strong>Vazba na log management:<\/strong><\/p>\n\n\n\n<p>Logy umo\u017e\u0148uj\u00ed organizac\u00edm z\u00edsk\u00e1vat prakticky vyu\u017eiteln\u00e9 IOC a detekovat ji\u017e zn\u00e1m\u00e9 indik\u00e1tory sd\u00edlen\u00e9 ostatn\u00edmi subjekty. To posiluje spolupr\u00e1ci a podporuje c\u00edl DORA zv\u00fd\u0161it kybernetickou odolnost nap\u0159\u00ed\u010d cel\u00fdm finan\u010dn\u00edm sektorem.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Mapov\u00e1n\u00ed log managementu na po\u017eadavky regulace DORA<\/h2>\n\n\n\n<p><strong>Centralizovan\u00fd sb\u011br log\u016f<\/strong><strong><br><\/strong><strong>Podpora:<\/strong> \u010dl\u00e1nky 6, 10, 17, 24\u201327, 45<br>Centralizovan\u00e1 spr\u00e1va log\u016f umo\u017e\u0148uje shroma\u017e\u010fovat a uchov\u00e1vat z\u00e1znamy o ud\u00e1lostech z r\u016fzn\u00fdch syst\u00e9m\u016f na jednotn\u00e9 platform\u011b. T\u00edm podporuje po\u017eadavek DORA na konzistentn\u00ed a integrovan\u00fd dohled nad ICT riziky a incidenty.<\/p>\n\n\n\n<p><strong>Monitoring a upozorn\u011bn\u00ed v re\u00e1ln\u00e9m \u010dase<\/strong><strong><br><\/strong><strong>Podpora:<\/strong> \u010dl\u00e1nky 6, 10, 17, 26<br>Monitoring v re\u00e1ln\u00e9m \u010dase umo\u017e\u0148uje okam\u017eit\u00e9 odhalen\u00ed hrozeb a anom\u00e1li\u00ed. DORA klade d\u016fraz na v\u010dasnou detekci a reakci, kterou tento mechanismus p\u0159\u00edmo podporuje.<\/p>\n\n\n\n<p><strong>Uchov\u00e1v\u00e1n\u00ed log\u016f a auditn\u00ed stopy<\/strong><strong><br><\/strong><strong>Podpora:<\/strong> \u010dl\u00e1nky 17\u201320, 26, 27<br>Dlouhodob\u011b uchov\u00e1van\u00e9 logy a auditn\u00ed stopy poskytuj\u00ed d\u016fkazy pro zp\u011btn\u00e9 vyhodnocen\u00ed incident\u016f, regulatorn\u00ed reporty a implementaci n\u00e1pravn\u00fdch opat\u0159en\u00ed.<\/p>\n\n\n\n<p><strong>Detekce anom\u00e1li\u00ed a anal\u00fdza<\/strong><strong><br><\/strong><strong>Podpora:<\/strong> \u010dl\u00e1nky 6, 10, 20, 26<br>Detekce anom\u00e1li\u00ed je n\u00e1strojem pro odhalov\u00e1n\u00ed hrozeb i provozn\u00edch probl\u00e9m\u016f, p\u0159isp\u00edv\u00e1 k proaktivn\u00edmu \u0159\u00edzen\u00ed incident\u016f a t\u00edm k pr\u016fb\u011b\u017en\u00e9mu zlep\u0161ov\u00e1n\u00ed digit\u00e1ln\u00ed odolnosti organizace.&nbsp;<\/p>\n\n\n\n<figure class=\"wp-block-table is-style-stripes\"><table class=\"has-fixed-layout\"><tbody><tr><td><strong>Po\u017eadavek DORA<\/strong><\/td><td><strong>Jak log management podporuje compliance s DORA<\/strong><\/td><\/tr><tr><td><strong>\u0158\u00edzen\u00ed ICT rizik<\/strong> (\u010dl\u00e1nky 5\u20137)<\/td><td>Centralizovan\u00fd sb\u011br log\u016f umo\u017e\u0148uje viditelnost do chov\u00e1n\u00ed digit\u00e1ln\u00edch aktiv. Log monitoring podporuje rychlou detekci bezpe\u010dnostn\u00edch a provozn\u00edch rizik.<\/td><\/tr><tr><td><strong>Detekce a reakce na incidenty<\/strong> (\u010dl\u00e1nky 10, 17\u201320)<\/td><td>Monitoring a upozorn\u011bn\u00ed v re\u00e1ln\u00e9m \u010dase pro detekci anom\u00e1li\u00ed. Logy incident\u016f a auditn\u00ed stopy pro klasifikaci, vy\u0161et\u0159ov\u00e1n\u00ed a n\u00e1pravu.<\/td><\/tr><tr><td><strong>Reportov\u00e1n\u00ed incident\u016f (z\u00e1va\u017en\u00fdch incident\u016f)<\/strong> (\u010dl\u00e1nky 19\u201320)<\/td><td>Detailn\u00ed z\u00e1znamy o aktivit\u00e1ch pro anal\u00fdzu dopad\u016f a p\u0159\u00ed\u010din. Uchov\u00e1v\u00e1n\u00ed log\u016f pro spln\u011bn\u00ed regulatorn\u00edch compliance po\u017eadavk\u016f.<\/td><\/tr><tr><td><strong>Penetra\u010dn\u00ed testov\u00e1n\u00ed (TLPT)<\/strong> (\u010dl\u00e1nky 24\u201327)<\/td><td>SIEM a anal\u00fdza log\u016f pro detekci simulovan\u00fdch \u00fatok\u016f. Zaznamen\u00e1v\u00e1n\u00ed v\u00fdsledk\u016f test\u016f a n\u00e1sledn\u00fdch krok\u016f jako d\u016fkaz o n\u00e1prav\u011b.<\/td><\/tr><tr><td><strong>Sd\u00edlen\u00ed informac\u00ed o kybernetick\u00fdch hrozb\u00e1ch<\/strong> (\u010dl\u00e1nek 45)<\/td><td>Extrakce indik\u00e1tor\u016f kompromitace (IOC) z log\u016f pro sd\u00edlen\u00ed informac\u00ed o hrozb\u00e1ch. Zpracov\u00e1n\u00ed sd\u00edlen\u00fdch dat o hrozb\u00e1ch v n\u00e1stroj\u00edch pro monitoring log\u016f za \u00fa\u010delem detekce nov\u00fdch hrozeb.<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p class=\"has-xs-font-size\"><em>Tab 1: Po\u017eadavky na\u0159\u00edzen\u00ed DORA a log management<\/em><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Z\u00e1v\u011brem<\/h2>\n\n\n\n<p>DORA p\u0159edstavuje komplexn\u00ed regulaci digit\u00e1ln\u00ed odolnosti ve finan\u010dn\u00edm sektoru. Log management je pak jedn\u00edm z kl\u00ed\u010dov\u00fdch pil\u00ed\u0159\u016f usnad\u0148uj\u00edc\u00edm napln\u011bn\u00ed souladu s t\u00edmto na\u0159\u00edzen\u00edm.<\/p>\n\n\n\n<p>Centralizovan\u00fd sb\u011br log\u016f, upozorn\u011bn\u00ed v re\u00e1ln\u00e9m \u010dase, auditn\u00ed stopy, uchov\u00e1v\u00e1n\u00ed z\u00e1znam\u016f a analytika napl\u0148uj\u00ed c\u00edle DORA v oblastech transparentnosti, p\u0159ipravenosti a odpov\u011bdnosti.<\/p>\n\n\n\n<p>Pokud finan\u010dn\u00ed instituce slad\u00ed spr\u00e1vu log\u016f s pr\u00e1vn\u00edmi po\u017eadavky DORA, zajist\u00ed si nejen soulad s regulac\u00ed, ale i vy\u0161\u0161\u00ed odolnost v\u016f\u010di rostouc\u00edm kybernetick\u00fdm hrozb\u00e1m.<\/p>\n\n\n\n<p>N\u00e1stroj Logmanager b\u011b\u017en\u011b vyu\u017e\u00edvaj\u00ed organizace v\u0161ech velikost\u00ed pro napln\u011bn\u00ed z\u00e1konn\u00fdch po\u017eadavk\u016f na kybernetickou bezpe\u010dnost. Chcete-li se dozv\u011bd\u011bt v\u00edce o tom, jak v\u00e1m m\u016f\u017ee pomoci se souladem s regulac\u00ed DORA, nev\u00e1hejte <a href=\"https:\/\/logmanager.com\/cs\/kontaktujte-nas\/\">n\u00e1s kontaktovat<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>DORA p\u0159edstavuje komplexn\u00ed regulaci digit\u00e1ln\u00ed odolnosti ve finan\u010dn\u00edm sektoru.<\/p>\n","protected":false},"author":4,"featured_media":3994,"parent":0,"template":"","learning_hub_tag":[],"class_list":["post-7178","learning_hub","type-learning_hub","status-publish","has-post-thumbnail","hentry"],"acf":[],"_links":{"self":[{"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/learning_hub\/7178","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/learning_hub"}],"about":[{"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/types\/learning_hub"}],"author":[{"embeddable":true,"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/users\/4"}],"version-history":[{"count":5,"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/learning_hub\/7178\/revisions"}],"predecessor-version":[{"id":7265,"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/learning_hub\/7178\/revisions\/7265"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/media\/3994"}],"wp:attachment":[{"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/media?parent=7178"}],"wp:term":[{"taxonomy":"learning_hub_tag","embeddable":true,"href":"https:\/\/logmanager.com\/cs\/wp-json\/wp\/v2\/learning_hub_tag?post=7178"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}