The Turkish government is proposing a controversial new cybersecurity law that could make it a criminal act to report on data breaches. The new legislation proposes penalties for various cybersecurity-related offences. But they key one which has people concerned is this: The problem is, of course, that such a law may discourage the reporting of any potential data leaks.

DoD, GSA, and NASA recently published a proposed amendment to the Federal Acquisition Regulation (FAR): Controlled Unclassified Information (FAR Case 2017-016) or ‘FAR CUI Rule’. It presents critical updates on managing Controlled Unclassified Information (CUI) in federal contracts, aiming to create a uniform approach across government agencies for handling and protecting sensitive information while addressing gaps in current policies.

With the growing cyberattacks threatening business and customer data, Chief Information Security Officers (CISO) are working to implement the NIS2 Directive into their organization to strengthen their digital security. NIS2 is mandatory for all medium-sized and large organizations within vital sectors in the EU.

The Digital Operational Resilience Act (DORA) comes into full effect on January 17, 2025. This deadline marks a monumental shift in how financial institutions and their technology providers prioritize and maintain operational resilience and cybersecurity standards – and sets in stone real business and regulatory consequences to ensure resilience is achieved. And like any sweeping security regulation, organizations must embark on an uphill journey to earn full compliance.

Financial organizations across Europe are actively preparing for the Digital Operational Resilience Act (DORA), taking effect in January 2025. Meeting DORA compliance requirements has become essential for financial institutions as they adjust their operations to match new regulatory standards. The legislation brings substantial changes to information and communication technology (ICT) risk management practices, security protocols, and third-party oversight.

The Digital Operational Resilience Act (DORA) is a disruptive policy that came into effect in January 2025 with the objective to boost the cyber resilience of financial institutions in the European Union. As digital transformation increases, it is crucial to ensure the availability, integrity, and confidentiality of critical IT systems to sustain financial market trustworthiness and stability.

The Digital Operational Resilience Act (DORA) is poised to reshape the European financial landscape, demanding a robust defense against cyber threats and operational disruptions and Trustwave is putting the pedal to the metal to prepare clients with our DORA Readiness Accelerator service. The Trustwave DORA Readiness Accelerator, which joins Trustwave’s CMMC readiness and Microsoft Security accelerators, provides a structured approach to achieving compliance and bolstering operational resilience.

The General Data Protection Regulation (GDPR) is a pivotal framework that governs data protection and privacy for individuals within the European Union (EU). Its implications are far-reaching, affecting organizations worldwide that handle EU citizens' data. Understanding and achieving GDPR compliance is essential to avoid substantial penalties and to maintain trust with customers.

California Governor Gavin Newsom’s recent veto of SB 1047, a proposed AI safety bill, has sparked a hot debate on the balance between innovation and regulation in the artificial intelligence (AI) space. California has over a dozen AI related bills that have been signed although this bill sought to establish rigorous safety testing requirements for large-scale AI models and introduce an emergency "kill switch" for situations where systems might become dangerous.

In an era where data breaches make headlines almost weekly and cybercrime costs businesses billions annually, states across the U.S. are taking decisive action to protect their residents’ sensitive information. From California’s groundbreaking privacy laws to New York’s rigorous cybersecurity requirements for financial institutions, state-level regulations are rapidly evolving to address the complex challenges of digital data protection.