EU Unveils Cybersecurity Overhaul with Proposed Update to Cybersecurity Act
The EU’s Cybersecurity Act 2.0 will aim to address some of the challenges of the current CSA, including the slow rollout of certification schemes
The Proposal tag covers proposals that could shape cybersecurity policy, technical standards, incident response, and protections for digital systems.
Search across headline titles and summaries.
Background for this topic.
A proposal is a documented plan for introducing, changing, or funding a security measure, policy, architecture, or project. It turns a problem or requirement into a decision by defining scope, objectives, options, cost, dependencies, owners, and implementation criteria. In security reporting, it may cover a vulnerability-remediation plan, access-control redesign, security tooling purchase, or response to a proposed technical standard.
Its security value depends on connecting identified threats and vulnerabilities to specific controls and verification steps. Reviewers should examine assumptions about assets, trust boundaries, data handling, and third parties; privacy and regulatory constraints where personal data is involved; and plans for testing, rollout, monitoring, exception handling, and reassessment. A proposal that omits residual risk, ownership, measurable acceptance criteria, or maintenance can leave weaknesses unresolved after approval.
Weekly headline count for the current query.
The EU’s Cybersecurity Act 2.0 will aim to address some of the challenges of the current CSA, including the slow rollout of certification schemes
The UK government’s proposed ransomware payment ban for public sector and critical infrastructure will come with national security exemptions
At Infosecurity Europe 2025, Axonius’ Jon Ridyard proposed seven best practices to build mature vulnerability management processes
Meredith Whittaker, Signal's CEO, has threatened to pull the company out of Sweden if a proposed government bill requiring encryption backdoors becomes law
A proposed settlement order from the FTC will require GoDaddy to strengthen its security practices following multiple data breaches at the web hosting giant
A UK government consultation has proposed banning public sector and critical infrastructure organizations from making ransomware payments to disincentivize attackers from targeting these services
The US government has set out proposals to increase security obligations on healthcare providers to protect patient data amid surging cyber-attacks in the sector
The US FTC has proposed a $2.95m fine for security camera firm Verkada for alleged security failings that allowed hackers to access customers' video footage
The US FAA has proposed new rules for aircraft to address cyber vulnerabilities caused by the increased interconnectivity of critical systems
A proposed amendment of eIDAS could “weaken the security of the Internet as a whole”, said a letter signed by over 500 individuals and organizations
The CSRB proposed ten concrete recommendations for both governmental bodies and industries
Regulator's proposed order to cover civil penalty and consumer refunds
Proposed legislation could imperil adequacy agreement with EU
The policy paper published today outlines the government’s approach to regulating AI technology in the UK, with proposed rules addressing future risks and opportunities
The cybersecurity industry has until Wednesday, June 29, to submit views on a proposed code of practice for app store operators and developers
Concerns raised over South Africa’s proposal to tie people’s biometric data to their SIM cards
Bipartisan proposal aims to protect America’s healthcare and public health sector