regulation – Page 10

How Evolving Regulations Are Redefining CISO Responsibility

By CIO / Blog / trends, regulation, cybersecurity

CISOs face growing personal and criminal liability as cyberattacks targeting vulnerabilities in IoT and OT devices increase. Global regulations now require stricter cyber risk management, transparency, and compliance, with 20% of breaches in 2025 linked to device vulnerabilities. CISOs are expected to provide accurate asset inventories, honest reporting, prompt breach disclosure, and the management of third-party risks. Organizations are updating policies, boosting legal support, and enhancing security oversight to adapt.

https://www.csoonline.com/article/4079450/how-evolving-regulations-are-redefining-ciso-responsibility.html

Europe Wrote the AI Rulebook. Can It Deliver on Its Ambitions?

By CIO / Blog / regulation, EU, AI

Europe's AI Act and Apply AI Strategy aim for values-based AI regulation and innovation, despite pressure from US tech companies to delay enforcement. Effective regulation is crucial for trust, investment security, and consumer protection. Europe’s technological and democratic sovereignty hinges on prioritizing public values over mere market convenience. The goal is a complementary AI Democracy Action plan to enhance governance and reduce dependency on US tech, affirming Europe's commitment to democratic digital sovereignty and fundamental rights.

https://www.techpolicy.press/europe-wrote-the-ai-rulebook-can-it-deliver-on-its-ambitions/

Why Companies Need a Chief Trust Officer Today

By CIO / Blog / CISO, regulation, cybersecurity

CTrO Essential: Centralizes trust across security, IT, and governance. Establishes accountability, reduces friction in deals, and addresses regulatory scrutiny. With increasing AI adoption, CTrOs ensure standards and policies align with accountability measures, enhancing innovation while safeguarding against risks. Trust must be observable and manageable for effective organizational response and stakeholder confidence.

https://www.scworld.com/perspective/why-companies-need-a-chief-trust-officer-today

Italy Enacts First National AI Law in Europe: What Employers and Businesses Need to Know

By CIO / Blog / regulation, EU, AI

Italy has enacted its first national AI law, effective October 10, 2025, complementing the EU AI Act. The law emphasizes principles of transparency, accountability, and human oversight in AI, clarifying that AI must support rather than replace human decisions. It mandates disclosure to employees when AI is used in hiring and performance evaluation, and enforces data protection aligned with GDPR. It allows pseudonymized data for research under safeguards, penalizes AI-generated deepfakes, and restricts data mining for copyright compliance. Implementing decrees are expected within a year, requiring businesses to adapt governance frameworks and ensure compliance.

https://www.fisherphillips.com/en/news-insights/italy-enacts-first-national-ai-law-in-europe.html

Compliance Isn’t an Annual Ritual Anymore

By CIO / Blog / regulation

In 2025, IT compliance is increasingly critical due to new regulations and updates, indicating IT's maturation akin to other regulated industries. The concept of “CompOps” (Compliance Operations) is evolving to ensure continuous compliance rather than annual audits, necessitating more frequent evidence collection. Organizations must adapt by embedding compliance practices within DevOps processes, focusing on collaboration and communication to meet evolving standards efficiently. The future involves integrating compliance into everyday operations, shifting the perception from an annual chore to a continuous effort essential for business function.

https://securityboulevard.com/2025/10/compliance-isnt-an-annual-ritual-anymore/

EU AI Act – Frequently Asked Questions

By CIO / Blog / EU, regulation, AI

EU AI Act is world's first comprehensive AI law promoting innovation and protecting health, safety, and rights. It categorizes AI systems by risk, with compliance phased in by 2027. High-risk systems face stringent obligations; unacceptable risks are prohibited. The Act emphasizes transparency, human oversight, and adapts to technological changes. Support exists for SMEs, ensuring streamlined processes and reduced burdens. AI literacy is critical for compliance. The Act addresses various areas like biometric data and outlines specific prohibitions, ensuring responsible AI use.

https://ai-act-service-desk.ec.europa.eu/en/faq

Interaction of the GDPR and the EU Data Act

By CIO / Blog / EU, GDPR, regulation

Summary: The GDPR and the EU Data Act are laws impacting data sharing and privacy. The GDPR focuses on personal data protection, while the Data Act aims to enhance data accessibility and sharing. Their overlapping scopes create compliance challenges, especially when determining lawful bases for processing personal data within generated data. Cloud service providers and data holders must navigate these complexities to align their practices and documentation with both laws, ensuring accountability and legal compliance.

https://www.taylorwessing.com/en/global-data-hub/2025/eu-digital-laws-and-gdpr/gdh—interaction-of-the-gdpr-and-the-eu-data-act

EU Commission to Unveil Its New Sectoral AI Uptake Strategy

By CIO / Blog / trends, regulation, EU, AI

EU Commission unveils AI strategy on Oct 8, 2025, promoting ‘AI-first' approach in various sectors. Aims include enhancing productivity, supporting SMEs, and establishing partnerships. Key initiatives target healthcare, manufacturing, public sector, and more, with a focus on training and compliance under the AI Act. EU seeks to ensure competitiveness and foster growth in AI-driven industries.

https://euobserver.com/eu-and-the-world/ar178848e4

European Approach to Artificial Intelligence

By CIO / Blog / AI, EU, trends, regulation

EU's official site emphasizes AI strategies focusing on excellence, trust, and safety. Goals include making Europe a world-leading AI hub, encouraging adoption in key sectors, and safeguarding fundamental rights. The AI Continent Action Plan and Apply AI Strategy aim to enhance competitiveness and innovation in AI, especially for SMEs. Legal frameworks like the AI Act ensure safety while the EU invests in AI development to foster a robust, trustworthy ecosystem. Key initiatives, partnerships, and milestones aim to coordinate efforts and improve AI's societal benefits across Europe.

https://digital-strategy.ec.europa.eu/en/policies/european-approach-artificial-intelligence

CIISec: Most Security Professionals Want Stricter Regulations

By CIO / Blog / cybersecurity, regulation

69% of security professionals want stricter cybersecurity laws, per a CIISec survey. Major regulations like the Cyber Security and Resilience Bill make senior management liable for breaches. 91% believe boards should be accountable for incidents. The UK plans to ban ransomware payments for certain sectors and enforce mandatory incident reporting.

https://www.infosecurity-magazine.com/news/ciisec-security-professionals/