Security news aggregator

Latest coverage for Regulation

Regulation covers the laws and rules that shape data protection, breach reporting, cyber risk management, and accountability for organizations.

83 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Regulation is the set of laws, rules, and formal requirements that govern how organizations collect, use, store, transfer, and secure information. In cybersecurity, its scope may depend on the data involved, the organization’s sector, and the jurisdictions in which it operates. Requirements can address privacy, access control, risk assessment, retention, encryption, audit records, third-party oversight, and notification of certain security incidents.

For practitioners, regulation turns security obligations into evidence-based operational work: identifying regulated data, mapping it to systems and suppliers, testing safeguards, and preserving records that demonstrate compliance. It also affects vulnerability management and incident response, because organizations may need documented remediation priorities, investigation procedures, and legally defined notifications. Meeting a regulatory requirement does not guarantee that systems are secure; controls must still reflect current threats and the organization’s actual attack surface. Noncompliance can create legal, financial, and operational exposure, particularly when weak governance obscures who is responsible for protecting data.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 83 Filtered view

Experts Say Clinical Laboratory Improvement Amendments Are Seriously OutdatedThe Department of Health and Human Services is seeking public feedback pertaining to cybersecurity matters and the use of artificial intelligence for potentially updating decades-old, rules-of-the-road regulations for U.S. clinical laboratories that test human specimens for health conditions.

Mark McClain on Why Governance Is the Foundation for Managing Non-Human IdentitiesSailPoint CEO Mark McClain says AI agents should be governed through human identity policies rather than managed independently, arguing that credential visibility, access governance and regulatory compliance will become foundational as enterprises scale up AI adoption.

AI Governance, Compliance and Workforce Challenges Top GovSec AgendaGovSec Summit USA 2026 explored how federal agencies are balancing AI adoption, regulatory complexity and national security priorities. Discussions centered on cyber resilience, AI governance, workforce challenges and public-private collaboration as critical pillars of modern government defense.

Policy as Code Turns Static Compliance Documents Into Enforceable, Auditable PolicyFor decades, policies, standards and procedures have anchored security and compliance governance. But static documents can no longer keep pace with dynamic regulations and frontier technology. Policy as Code transforms them into machine-readable, enforceable, continuously verifiable rules that drive real business decisions.

Bank Info Security 1 month, 2 weeks ago

CISA Town Halls Set Final Stage for CIRCIA Debate

June Meetings Could Shape Which Entities Must Report Cyber IncidentsThe Cybersecurity and Infrastructure Security Agency's June town halls will give critical infrastructure operators a final opportunity to influence how the agency defines covered entities, reportable incidents and compliance requirements before issuing long-awaited CIRCIA regulations.

Bank Info Security 2 months, 1 week ago

Proof of Concept: Anatomy of a Breach - the Aftermath

Blackbaud's Attorneys Jon Olson and Ron Raether on Legal Risk, Trust and RecoveryIn part three of the Anatomy of a Breach series, attorneys Jon W. Olson and Ron Raether examine what happens in the aftermath of a breach crisis. The experts discuss legal exposure, regulatory scrutiny and how early decisions can shape long-term trust, litigation outcomes and recovery.

Bank Info Security 2 months, 1 week ago

Europe Moves to Delay and Dilute AI Regulations

Trilogue Deal Carves Out Industrial AI, Adds Nudifier BanLawmakers from Europe's political institutions agreed to water down the continent's landmark artificial intelligence regulation at a moment when the 2024 AI Act has barely started to be implemented. The law's requirements for high-risk AI will likely only be enforced starting in December 2027.

Bank Info Security 2 months, 1 week ago

NY Fines Delta Dental $2.25M Over 2023 MOVEit Hack

Investigators Find Violations of State Cyber RegulationsNew York fined Delta Dental $2.25 million for the company's response to the mass exploit of a zero-day vulnerability in Progress Software' MOVEit file transfer application. Delta Dental is one of thousands of organizations caught up in the blast radius of an automated 2023 Memorial Day hack.

HHS OCR Director Says Cost of Inaction May Outweigh Compliance BurdensThe Trump administration has yet to decide whether to continue a proposed overhaul of the HIPAA Security Rule floated by its predecessor administration. But the nation's top federal enforcer of health regulation provided some insight into what regulators are thinking.

Bank Info Security 3 months, 2 weeks ago

Reengineering AML in the Era of Instant Payments

Financial Institutions Are Rethinking Controls to Ensure Frictionless TransactionsWhen the Federal Reserve lifted FedNow's transaction limit from $1 million to $10 million last November, the regulatory change transformed instant payments from a retail convenience to a corporate treasury rail. AML decisions on high-value instant wire transfers must now be made in real time.

Bank Info Security 3 months, 3 weeks ago

White House AI Policy Blueprint Leaves Key Risks Unresolved

Federal Proposal Pushes AI Adoption While Avoiding Regulatory DetailThe White House AI framework urges rapid deployment and federal alignment to counter China while proposing guardrails on fraud, safety and speech - but leaves unresolved conflicts on IP, content regulation and state preemption that Congress must navigate.

Program Offers Up to $100K for Security Upgrades and $50K for AssessmentsNew York is rolling out new cybersecurity regulations for water and wastewater utilities, requiring operators to conduct risk assessments and deploy security controls while offering $2.5 million in grants to strengthen defenses against rising cyberthreats targeting critical infrastructure.

Loading more headlines...