Regulation Updates
A Comprehensive Guide to the Digital Operational Resilience Act (DORA)
Financial institutions are increasingly more dependent than ever on Information and Communication Technology (ICT). This dependency offers numerous benefits, like increased efficiency and the ability to provide innovative services, but also exposes ...
How to Prepare for the EU’s NIS2 Directive
The Network and Information Systems Directive 2 (NIS2) is sweeping legislation designed to improve the cybersecurity of network and information systems in the European Union (EU). The new directive was released to ...
A Deep Dive into the EU Cybersecurity Certification Scheme on Common Criteria (EUCC)
As cyber threats evolve, the European Union has taken significant steps to bolster cybersecurity across its member states. Central to this effort is the European Cybersecurity Certification Scheme on Common Criteria (EUCC), ...
The Dual Edges of AI in Cybersecurity: Insights from the 2024 Benchmark Survey Report
Artificial intelligence (AI) in cybersecurity presents a complex picture of risks and rewards. According to Hyperproof’s 5th annual benchmark report, AI technologies are at the forefront of both enabling sophisticated cyberattacks and ...
How to Adapt to Executive Order 14028
In May 2021, the White House released the Executive Order on Improving the Nation’s Cybersecurity, also known as EO 14028. The document is fairly dense, but its contents are of the utmost ...
Cybersecurity in Financial Disclosures: 11 Topics Your Section 1C of 10-K Filings Should Address
Last year, the Securities and Exchange Commission (SEC) announced new disclosure rules for publicly traded companies. Regulation S-K Item 106, which mandates cybersecurity disclosures in corporate 10-K filings, sheds light on how ...
NIST CSF 2.0: Everything You Need to Know About the Update
In November of 2023, we published this handy guide covering all the proposed changes to NIST CSF for those anticipating the long-awaited updates to this flexible and ubiquitous framework. That day has ...
2023 Regulatory Roundup: All the Major Compliance Changes that Happened
Life comes at you fast, and that’s especially true for CISOs grappling with the many compliance risks in cybersecurity. From greater regulatory pressures and heightened privacy standards to increased personal liability, topped ...
Embracing ESG Risk Management: It’s Simpler Than You Imagine
Everywhere business executives look these days, the discussion is turning to “ESG” — environmental, social, and governance issues — and how a company can demonstrate that it has its own ESG house ...
What’s New in SOC 2®: A Comprehensive Guide to the 2023 Revisions
The compliance landscape is constantly evolving, and so are the standards that govern it. SOC 2®, a widely recognized framework for assessing service organizations’ controls, has recently undergone revisions. In this blog ...
