Security news aggregator

Latest coverage for Regulation

Regulation covers the laws and rules that shape data protection, breach reporting, cyber risk management, and accountability for organizations.

2 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Regulation is the set of laws, rules, and formal requirements that govern how organizations collect, use, store, transfer, and secure information. In cybersecurity, its scope may depend on the data involved, the organization’s sector, and the jurisdictions in which it operates. Requirements can address privacy, access control, risk assessment, retention, encryption, audit records, third-party oversight, and notification of certain security incidents.

For practitioners, regulation turns security obligations into evidence-based operational work: identifying regulated data, mapping it to systems and suppliers, testing safeguards, and preserving records that demonstrate compliance. It also affects vulnerability management and incident response, because organizations may need documented remediation priorities, investigation procedures, and legally defined notifications. Meeting a regulatory requirement does not guarantee that systems are secure; controls must still reflect current threats and the organization’s actual attack surface. Noncompliance can create legal, financial, and operational exposure, particularly when weak governance obscures who is responsible for protecting data.

Showing 2 most recent headlines Filtered view

Forrester's McKay and van der Hout on How Regulations Are Driving Cyber ResilienceSecurity leaders worldwide are elevating resilience in cyber strategies, where Europe emerges as a frontrunner globally in protecting critical infrastructure. Driven by regulation such as NIS2 and DORA, its cybersecurity posture reflects strong resilience planning amid increasing disruptions.

Bank Info Security 1 year, 1 month ago

Why AI Needs Stronger Laws, Not Just Smarter Tech

Andrea Isoni of AI Technologies on Certifications, Deepfakes and ISO 42001AI misuse - from deepfakes to cyber incidents - continues to outpace regulation. Andrea Isoni, chief AI officer at AI Technologies discusses why stronger cyber laws, certification frameworks like ISO 42001 and risk-based prioritization are necessary to manage AI risks safely and compliantly.