Articles about Regulations

A new State of the Security Profession survey from The Chartered Institute of Information Security (CIISec) shows that 91 percent of the profession believe ultimate responsibility for cybersecurity lies with the board and not security managers or CISOs (just 31 percent).

The survey focused on regulation in the light of a wave of major regulations either recently passed or coming into force -- including the EU AI Act, DORA, NIS2 and the UK’s Data (Use and Access) Bill.

Continue reading →

New research shows that only 29 percent of all organizations say their compliance programs consistently meet internal and external standards.

The report from Swimlane reveals that fragmented workflows, manual evidence gathering and poor collaboration between security and governance, risk and compliance (GRC) teams are leaving organizations vulnerable to audit failures, regulatory penalties and security gaps.

Continue reading →

A new survey of over 200 CISOs across a wide range of industries in the United States reveals that many are unprepared for tough new regulations including the SEC's cybersecurity disclosure rules in the USA and the Digital Operational Resilience Act (DORA) in the EU.

The study from Onyxia Cyber shows 67 percent of CISOs report feeling unprepared for these new compliance regulations, while 52 percent admit to lacking sufficient knowledge about how to report cyberattacks to the government.

Continue reading →

A new report from LogRhythm, based on a survey from Dimensional Research, reveals that 95 percent of enterprises have changed their cybersecurity strategies in the last 12 months.

Drivers of this change include keeping pace with the shifting regulatory landscape (98 percent), the need to meet customer expectations for data protection and privacy (89 percent) and the rise of AI-driven threats and solutions (65 percent).

Continue reading →

A new report shows that 79 percent of public sector organizations have started to use AI in production (compared to 83 percent in the private sector) but that trust remains a major concern.

The study, from enterprise resilience platform Splunk, shows trust and reliability in AI-enabled systems -- particularly around cybersecurity tools that employ AI -- continue to be the main concerns for decision-makers (48 percent public, 36 percent private).

Continue reading →

A changing regulatory landscape can prove difficult for app developers as they need to make sure they remain compliant and keep up with evolving rule sets.

We spoke to Pedro Rodriguez, head of engineering at AI-powered compliance intelligence platform Checks, to find out how AI can help mobile app developers to handle data responsibly and keep up with ever-changing global regulations,

Continue reading →

Earlier this year, several prominent tech leaders came together to sign a letter advocating for pausing development of advanced AI models, citing their potentially "profound risk to society and humanity”. This was swiftly followed by British Prime Minister Rishi Sunak proposing the creation of a new UK-based watchdog dedicated to the AI sector.

Although the move garnered mixed responses, an essential aspect seems to have been overlooked amid this debate -- a legislation-led institutional may not be the most effective or comprehensive approach to regulating AI.

Continue reading →

The cryptocurrency industry rose to prominence in the United States in 2014. Since then, people have debated whether the U.S. government should get involved in regulating the new form of commerce and to what extent.

On one hand, Congress doesn’t want to stifle the innovation resulting from the burgeoning crypto industry. On the other, regulation would increase safety and encourage investors to feel more confident in cryptocurrency. The future of crypto is up in the air, but professionals agree that any regulation would have to be done delicately.

Continue reading →

Privacy, Regulations, and Cybersecurity: The Essential Business Guide is your guide to understanding what "privacy" really means in a corporate environment: how privacy is different from cybersecurity, why privacy is essential for your business, and how to build privacy protections into your overall cybersecurity plan.

First, author Chris Moschovitis walks you through our evolving definitions of privacy, from the ancient world all the way to the General Law on Data Protection (GDPR).  He then explains -- in friendly, accessible language -- how to orient your preexisting cybersecurity program toward privacy, and how to make sure your systems are compliant with current regulations.

Continue reading →