AI Companies Battle Over Europe’s AI Act as Creatives Push Back

By / Blog / , ,

AI companies, led by OpenAI, challenge transparency requirements in Europe's AI Act, particularly around notifying content creators when their works are used as training data. As the August 2 deadline approaches, creatives demand compensation, citing copyright infringement and the use of their works without consent. European rightsholders, including journalist groups, feel inadequately protected and are opting out to prevent unauthorized access, while AI firms argue regulations hinder innovation. France, a key player in both AI development and cultural protection, navigates this complex landscape as it balances technological advancement with artist rights.

https://variety.com/2025/digital/global/ai-companies-battle-europe-ai-act-creatives-push-back-1236302611/

Build Vs Buy Software: How to Make Right Choice in 2025

By / Blog /

Build vs Buy Software Decision Guide 2025: Businesses face the choice of developing custom software in-house or purchasing off-the-shelf solutions, influenced by factors such as cost, scalability, and specific needs. Buying software is quicker and cost-effective, while building offers control and customization. A thorough evaluation of team capabilities, timeline, and current solutions is vital for making an informed decision aligned with long-term goals, considering aspects like data security, ownership rights, and required customization for growth. Ultimately, the choice impacts operational efficiency and competitive advantage.

https://eluminoustechnologies.com/blog/build-vs-buy-software/

CNIL Releases Recommendations on AI and GDPR Compliance

By / Blog / ,

CNIL published recommendations on AI compliance with GDPR, emphasizing transparency and individual rights. Key aspects include providing timely, clear information at data collection, guidelines for handling data subject rights requests, and clarifying which AI models fall under GDPR. Organizations should ensure compliance while developing AI systems, focusing on flexibility in purpose limitation and data minimization, and implementing safeguards for personal data retention. Recommendations aim to balance legal obligations with innovation in AI.

https://natlawreview.com/article/cnil-publishes-recommendations-ai-and-gdp

The CISO Transformation: From Risk Hero to Business Superhero

By / Blog /

CISO roles are evolving from technical risk management to strategic business leadership, necessitating better communication with CEOs and Boards. Traditional CISOs focus on tactical risk elimination but struggle to align with business objectives. In contrast, transformational CISOs embrace a broader business perspective, fostering collaboration and effectively translating cyber risks into business terms. As cybersecurity becomes integral to organizational success, both CISOs and executive leadership must adapt to bridge gaps and enhance collaboration, ultimately positioning cybersecurity as vital for business growth and resilience.

https://www.bbntimes.com/technology/the-ciso-transformation-from-risk-hero-to-business-superhero

Are CISOs Struggling to Get Respect?

By / Blog /

CISOs face challenges in gaining respect and effective support from executive leadership, risking a potential mass exodus. While cybersecurity budgets may exist, lacking commitment to processes can leave CISOs struggling to justify investments and support business objectives. Communication, relationship-building, and creating a culture of security are essential for CISOs to succeed. Engaging with employees and demonstrating security's value can foster support from the entire organization, ultimately leading to stronger governance and security postures.

https://cisoseries.com/are-cisos-struggling-to-get-respect/

Rising Strategic Role of the CISO

By / Blog /

CISO's strategic role is growing due to advocacy, generative AI, and rising cyber threats. Deloitte's survey shows 73% of organizations increased CISO involvement in technology discussions. Factors include board participation in risk management, pandemic-driven resilience, and tech-business fusion. The CISO role has evolved to integrate cyber risk and business operations, emphasizing cybersecurity as a growth asset. This trend drives cyber maturity, with mature organizations expecting better outcomes. CISO's alignment with business strategies enhances revenue and competitiveness.

https://www2.deloitte.com/us/en/insights/topics/strategy/ciso-and-cybersecurity-strategy.html

Cyber Resilience Redefined

By / Blog /

UK Cyber Resilience Act (CRA) aims for stronger board accountability in cybersecurity, paralleling EU's NIS2. The CRA needs clearer guidelines on supply chain security, incident response, and penalties. Analysts urge proactive security strategies amid AI threats. Effective legislation should evolve with threats, incorporate stakeholder insights, and focus on business continuity and recovery post-breach. Final outcomes of the CRA could impact UK's cyber resilience and compliance landscape.

https://cybernews.com/security/c-suite-cybersecurity-breaches/

Powering Shopify’s High-Performance, PCI DSS V4 Compliant Checkout With Sandboxing (2025)

By / Blog /

Shopify’s new checkout system complies with PCI DSS v4, utilizing sandboxing to enhance security and streamline compliance for merchants. Key aspects include isolating untrusted code, maintaining a managed environment for custom scripts, and implementing anti-skimming protections to safeguard sensitive data. The architecture supports performance, security, upgradeability, and compliance without additional merchant effort. PCI DSS v4 introduces stricter requirements, but Shopify handles complexity, allowing merchants to focus on business growth.

https://www.shopify.com/partners/blog/checkout-compliance

Navigating AI Regulation on Both Sides of the Atlantic

By / Blog / , ,

EU and US have differing AI legislation paths: US eases regulations for innovation; EU prioritizes societal risks with the AI Act. Companies face challenges navigating these regulations, which can hinder development. Experts suggest embracing self-regulation for low-risk AI applications and seeking external guidance to manage compliance effectively.

https://www.tietoevry.com/en/blog/2025/02/navigating-ai-regulation-on-both-sides-of-the-atlantic/

EU AI Act Unpacked #22: Key Considerations for Employers as Deployers Vs. Providers Under the EU AI Act

By / Blog / , ,

The EU AI Act defines roles for employers as either deployers or providers of AI systems, impacting their obligations. Deployers use existing AI systems, while providers modify or use systems significantly. Employers must understand compliance requirements, especially for high-risk AI applications, including monitoring, transparency, and data protection. Employers must ensure AI literacy among users, effective February 2025. The classification of deployer versus provider can change based on actions taken with the AI systems, necessitating careful assessment.

https://www.lexology.com/library/detail.aspx?g=11f71f6b-e110-4e8c-bcc4-183c38ec9746

Scroll to Top