Beginning 17 January 2025, the Digital Operational Resilience Act (DORA) will apply to almost all EU financial entities, including banks, insurers and reinsurers, brokers , payment and electronic money institutions,...more
1/20/2025
/ Cryptoassets ,
Cybersecurity ,
Data Security ,
Digital Operational Resilience Act (DORA) ,
EU ,
Financial Institutions ,
Financial Services Industry ,
Information and Communication Technology (ICT) ,
Information Technology ,
Regulatory Requirements ,
Risk Management
On 17 October 2024, the European Commission adopted the first Implementing Regulation under the Network and Information Security 2 Directive (EU) 2022/2555 (NIS2), focusing on digital infrastructures and services. The...more
10/21/2024
/ Cloud Computing ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Centers ,
Data Protection ,
EU ,
European Commission ,
Incident Response Plans ,
Infrastructure ,
Member State ,
New Regulations ,
Online Marketplace ,
Regulatory Requirements ,
Risk Management
The Network and Information Security 2 Directive (EU) 2022/2555 ("NIS2") entered into force on 16 January 2023. NIS2 sets cyber rules for organizations whose services are considered essential or important for maintaining...more
8/5/2024
/ Compliance ,
Cybersecurity ,
Data Protection ,
Data Security ,
EU ,
EU Directive ,
European Commission ,
Member State ,
New Legislation ,
Public Policy ,
Risk Management
NETWORK AND INFORMATION SECURITY 2 DIRECTIVE (NIS2) -
WHO WILL BE IN SCOPE?
Operators of essential and important services across various sectors including energy, transport, banking, health, medical devices, chemicals...more
3/14/2024
/ Artificial Intelligence ,
Cybersecurity ,
Data Management ,
Digital Marketplace ,
Digital Services ,
EU ,
Extraterritoriality Rules ,
FinTech ,
Information Security ,
Information Technology ,
Innovative Technology ,
Network Security ,
Popular
What is a Management Body? Under both DORA and NIS2, a management body can be a body with managerial and/or supervisory functions. The powers and structure of management bodies vary within the EU Member State, and managerial...more
3/8/2024
/ Compliance ,
Cybersecurity ,
Data Breach ,
Due Diligence ,
EU ,
European Commission ,
Financial Services Industry ,
Information Technology ,
Liability ,
Member State ,
Policies and Procedures ,
Risk Mitigation ,
Supply Chain ,
Third-Party Service Provider
The opinion was issued in response to a request by the French Data Protection Authority and provides guidance on the conditions for determining a controller's main establishment where that controller has establishments in...more
2/29/2024
/ Cybersecurity ,
Data Breach ,
Data Protection ,
Data Protection Authority ,
European Data Protection Board (EDPB) ,
France ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Lead Supervisory Authority ,
New Guidance ,
Personal Data ,
Regulatory Requirements