It’s time to ‘Have Your Say’ on the future of cybersecurity regulations in the European Union. The draft implementing regulation for the NIS2 Directive is now open for public feedback through the ‘Have Your Say’ portal until July 25, 2024. This consultation period allows stakeholders to contribute to refining the regulation, with all feedback shaping the final regulations.

Over the last decade, cybersecurity has emerged as a critical concern for financial institutions. With cyberattacks increasing in frequency and sophistication, it has become imperative for institutions in the financial sector to safeguard sensitive data and implement robust data protection measures. The Dodd-Frank Wall Street Reform and Consumer Protection Act, commonly known as the Dodd-Frank Act, plays a crucial role in regulating the American financial services industry.

“Safeguarding personal health information (PHI) is governed under the Health Insurance Portability and Accountability Act (HIPAA).” Protecting identifiable health data is the responsibility of everyone who comes into contact with it, including covered entities. Healthcare providers, health plan companies, school districts not covered under FERPA, universities, employers, and federal, state, and local government agencies are mandated to protect PHI data from any security risk.

India's National Cyber Security Policy 2013 is a comprehensive framework designed to fortify the nation's cyber infrastructure and safeguard its digital frontiers. The policy aims to address the complexities of cyber threats and enhance cyberspace's security and resilience through various key components and targeted strategies.

Regulatory compliance is a common and critical part of today’s rapidly evolving financial services landscape. One new regulation that EU financial institutions must adhere to is the Digital Operational Resilience Act (DORA), enacted to enhance the operational resilience of digital financial services. The BCI Supply Chain Resilience Report 2023 highlighted that 45.7% of organizations experienced supply chain disruptions with their closest suppliers, which is more than double the pre-pandemic levels.

The Sarbanes-Oxley Act (SOX), enacted by the United States Congress in 2002, is a landmark piece of legislation that aims to improve transparency, accountability, and integrity in financial reporting and corporate governance. The act was a response to high-profile corporate scandals, such as those involving Enron, WorldCom, and Tyco International, which shook investor confidence and underscored the need for regulatory reforms to prevent corporate fraud and protect investor interests.

The Digital Operational Resilience Act(DORA), introduced by the European Union, will come into effect in the financial sector from January 2025. Its purpose is to establish a comprehensive regulatory framework to assist financial institutions in effectively addressing and managing cybersecurity threats. DORA will have a significant impact not only on the financial industry but also on its IT service providers.

The need for the Development of Online Reliable Sources (DORA) arises from the increasing concern over the spread of misinformation on the internet. DORA aims to promote fact-checking and address the detrimental effects of fake news in today's society. In recent years, the proliferation of fake news has had a profound negative impact on individuals and communities alike. False information spreads rapidly, causing confusion, division, and mistrust among people.

The response in September 2023 by the Australian government outlined reforms to the existing Privacy Act 1988 from the Office of the Australian Information Commissioner (OAIC). These reforms aim to bring Australian privacy laws up to date with the digital age and give citizens more control over their personal information which may affect your businesses starting in 2024.

The 2020 EU Cybersecurity Strategy, published by the European Commission and the High Representative of the Union for Foreign Affairs and Security Policy, aimed to establish safeguards against security risks arising from increased digital connectivity. As part of the strategy, the strategy included updates to Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the Union (NIS2).