Security news aggregator

Latest coverage for Regulation

Regulation covers the laws and rules that shape data protection, breach reporting, cyber risk management, and accountability for organizations.

26 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Regulation is the set of laws, rules, and formal requirements that govern how organizations collect, use, store, transfer, and secure information. In cybersecurity, its scope may depend on the data involved, the organization’s sector, and the jurisdictions in which it operates. Requirements can address privacy, access control, risk assessment, retention, encryption, audit records, third-party oversight, and notification of certain security incidents.

For practitioners, regulation turns security obligations into evidence-based operational work: identifying regulated data, mapping it to systems and suppliers, testing safeguards, and preserving records that demonstrate compliance. It also affects vulnerability management and incident response, because organizations may need documented remediation priorities, investigation procedures, and legally defined notifications. Meeting a regulatory requirement does not guarantee that systems are secure; controls must still reflect current threats and the organization’s actual attack surface. Noncompliance can create legal, financial, and operational exposure, particularly when weak governance obscures who is responsible for protecting data.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 26 Filtered view

Businesses still chase the cheapest option, but politics and licensing shocks are changing priorities, says OpenNebula Interview Sovereignty remains a hot topic in the tech industry, but interpretations of what it actually means – and how much it matters – vary widely between organizations and sectors. While public bodies are often driven by regulation and national policy, the private sector tends to take a more pragmatic, cost-focused view.…

Mind the cyber gap – similar flaws highlighted multiple years in a row Concerned about the orgs that safeguard your money? The UK's annual cybersecurity review for 2025 suggests you should be. Despite years of regulation, financial organizations continue to miss basic cybersecurity safeguards.…

PLUS: Montana TikTok ban ruled unconstitutional; Dollar Tree employee data stolen; critical vulnerabilities Infosec in brief The European Union’s Parliament and Council have reached an agreement on the Cyber Resilience Act (CRA), setting the long-awaited security regulation on a path to final approval and adoption, along with new rules exempting open source software.…

Pitches storage, cloudy software compliance to twitchy EU customers thinking about GDPR Microsoft has confirmed that from the beginning of 2023, it will introduce an EU Data Boundary solution designed to help customers in the European Union and the European Free Trade Association comply with legislation including the General Data Protection Regulation (GDPR).…

Our poll reveals how much organisations rely on the compliant storage and hosting sensitive data in their data centres Reader Survey Results Data protection is a top priority for organisations tasked with protecting the integrity of not just their own data, but also the personally identifiable information (PII) they store and process on behalf of their business partners and customers. Not doing it properly risks losing their trust and falling foul of increasingly stringent data protection regulation. So what can be done to toughen up your defences?…

The Register 3 years, 8 months ago

The point solution IAM evolution under reform

A consolidation of IAM tools, suppliers and managed services providers is changing the default approach Sponsored Feature The inexorable pace of technological innovation in response to the unrelenting growth of cyber attacks has led to fragmentation within cyber security provision. Things generally follow a common pattern, starting with a new security requirement being identified, whether a response to a novel threat, or a compliance or regulation challenge. This leads buyers to specialized tools, usually from smaller vendors that do one thing well. But inevitably over time, buyers end up using a mishmash of systems and tools, each with its own job and management processes.…

The Register 3 years, 11 months ago

Simplifying backup and recovery management

Removing the risks of fragmented data protection Webinar Nothing ever stays the same for long in IT. New ways to meet the changing requirements of businesses are constantly needed alongside in-house structural and policy reforms, plus the added complication of complying with new and updated regulations.…

Loading more headlines...