News & Analysis as of

European Union Cybersecurity Risk Management

The European Union is an economic and political partnership comprised of 27 nations within the Eurozone. The EU was established in 1948 to promote stability and cooperation among member states in the aftermath of... more +
The European Union is an economic and political partnership comprised of 27 nations within the Eurozone. The EU was established in 1948 to promote stability and cooperation among member states in the aftermath of WWII. The EU maintains a common currency as well as several intranational institutions, including the European Parliament and the European Commission. less -
Coblentz Patch Duffy & Bass

Navigating the Shifting AI Landscape: What U.S. Businesses Need to Know in 2025

Coblentz Patch Duffy & Bass on

Artificial intelligence is no longer a wild west frontier technology—it’s a regulated one. As AI systems become central to how companies operate, communicate, and compete, legal oversight is catching up. In 2025, AI...more

Katten Muchin Rosenman LLP

ESAs Publish Guide on Oversight of Critical ICT Third-Party Service Providers under DORA

Katten Muchin Rosenman LLP on

The European Supervisory Authorities (ESAs) recently published a comprehensive guide (Guide) on the oversight of critical information and communications technology (ICT) third-party service providers (CTPPs) under the EU...more

White & Case LLP

Cyber-attacks – What Does the Law Require?

White & Case LLP on

As major cyber-attacks continue to cause widespread organisational and economic disruption, and botnets are being discovered which have the capability of comprising entire organisations, many businesses are re-evaluating...more

Thomas Fox - Compliance Evangelist

12 O’Clock High, A Podcast on Business Leadership – Leadership in Cybersecurity and Privacy with Robert Meyers

Thomas Fox - Compliance Evangelist on

12 O’Clock High, an award-winning podcast on business leadership, brings together stories from history, the arts, sports, movies, research, and current events to consider leadership lessons. In this episode, Tom Fox welcomes...more

Skadden, Arps, Slate, Meagher & Flom LLP

NIS2 Update: EU Cyber Authority Sets Out Compliance Expectations, but Implementation Is a Work in Progress

Skadden, Arps, Slate, Meagher & Flom LLP on

- What is new: On 26 June 2025, the EU Agency for Cybersecurity (ENISA) published guidance documents setting out security measures that regulated organisations should have in place to comply with the EU’s critical...more

DLA Piper

EU: ENISA Guidelines on Compliance with NIS 2 Directive Published

DLA Piper on

On June 26, 2025, the European Union Agency for Cybersecurity (ENISA) published two sets of guidelines to help businesses ensure their organizational compliance with the NIS2 Directive....more

Thomas Fox - Compliance Evangelist

AI Today in 5: August 8, 2025, The Don’t Wait Episode

Thomas Fox - Compliance Evangelist on

Welcome to AI Today in 5, the newest addition to the Compliance Podcast Network. Each day, Tom Fox will bring you 5 stories about AI to start your day. Sit back, enjoy a cup of morning coffee, and listen in to the AI Today In...more

McDermott Will & Schulte

Europe’s Cybersecurity Puzzle: NIS2 Progress in 30 Pieces

McDermott Will & Schulte on

As cybersecurity rises to the top of the corporate agenda, businesses face growing pressure to comply with the EU’s evolving regulatory landscape. Whether your company falls directly under EU cybersecurity laws or is...more

A&O Shearman

EU Artificial Intelligence Office publishes the final version of the GPAI Code of Practice

A&O Shearman on

On July 10 2025, the EU Artificial Intelligence Office (the AI Office) issued the final version of the General Purpose AI Code of Practice (GPAI Code). The GPAI Code is a non-binding set of guidelines created by independent...more

Jones Day

EU Standards for Threat-Led Penetration Testing: New Cyber Compliance Imperatives for Financial Institutions

Jones Day on

The EU has introduced Delegated Regulation (EU) 2025/1190, establishing the first harmonized standards for threat-led penetration testing ("TLPT") across the financial sector. The regulation aims to strengthen the cyber...more

HaystackID

Slush 2025 Survey: Startup Struggles Expose Risk, Resilience, and Opportunities for Governance Pros

HaystackID on

The latest Startup Struggle Survey by Slush* reveals that European startup founders are facing a tighter and more uncertain business environment in 2025. Based on insights from 607 early-stage founders, the grassroots report...more

Pillsbury Winthrop Shaw Pittman LLP

DORA Now Fully in Effect: Financial Entities and Their Service Providers Reach Critical Milestone

Pillsbury Winthrop Shaw Pittman LLP on

With DORA in effect and the European Banking Authority’s updated guidelines for non-ICT services under consultation, financial entities must consider their approach to third-party risk management. After DORA became effective...more

Hogan Lovells

ECB Guide on outsourcing cloud services to cloud service providers

Hogan Lovells on

The European Central Bank (ECB) has published its Guide on outsourcing cloud services to cloud service providers (the "Guide") clarifying how banks are expected to comply with obligations under the EU Digital Operational...more

HaystackID

Engineering Cyber Resilience: Lessons from the Tallinn Mechanism

HaystackID on

When the lights stayed on in Kyiv during a wave of missile attacks in early 2024, Ukrainian officials quietly acknowledged a second line of defense that received far less public attention than the nation’s air-defense...more

A&O Shearman

Regulation (EU) 2025/1355 on oversight of systemically important payment systems published in OJ

A&O Shearman on

Regulation (EU) 2025/1355 of the European Central Bank (ECB) adopted on 2 July has been published in the Official Journal of the European Union. This Regulation recasts and replaces Regulation (EU) No 795/2014, updating the...more

Skadden, Arps, Slate, Meagher & Flom LLP

The Last Piece of DORA Falls Into Place: 10 Lessons From the First Six Months

Skadden, Arps, Slate, Meagher & Flom LLP on

- What is new: The EU’s Delegated Regulation on Subcontracting has come into force, completing the legal framework of the Digital Operational Resilience Act (DORA). Attention will now turn to enforcement. - Why it matters:...more

Hogan Lovells

The EU Space Act: A new proposal, towards a European space economy

Hogan Lovells on

In a long-awaited move, the EU Commission has published a proposal for a new EU “Space Bill”. Set to enter into force in 2030, this piece of legislation is aimed at harmonising a fragmented legal environment, in order to...more

Latham & Watkins LLP

Charting the Future: Regulatory Milestones and Opportunities in AI, Online Safety, Cybersecurity, and Data Governance in the EU...

Latham & Watkins LLP on

The technology and digital regulatory environment in the EU and the UK is experiencing significant evolution in 2025 and beyond. These legal developments present both significant opportunities and complex compliance...more

DLA Piper

GPAI Code of Practice – Final Version Published by European Commission

DLA Piper on

The European Commission has published the final version of a general-purpose AI (“GPAI”) Code of Practice. We took a deeper look into it and prepared a short summary to help you understand what the GPAI Code of Practice is,...more

A&O Shearman

EU RTS on subcontracting ICT services supporting critical or important functions under DORA published in OJ

A&O Shearman on

Commission Delegated Regulation (EU) 2025/532 has been published in the Official Journal of the European Union. The Delegated Regulation supplements the Digital Operational Resilience Act (DORA) with regard to regulatory...more

Baker Botts L.L.P.

EU Releases General-Purpose AI Code of Practice

Baker Botts L.L.P. on

On July 10, 2025, the EU published its Code of Practice for General-Purpose AI Models, a comprehensive, though not exhaustive, framework designed to guide Artificial Intelligence ("AI") providers in complying with the...more

A&O Shearman

EBA publishes spring 2025 risk assessment report

A&O Shearman on

The European Banking Authority (EBA) has published its spring 2025 risk assessment report alongside a press release, outlining key developments and emerging risks within the European Union/European Economic Area (EU/EEA). The...more

Skadden, Arps, Slate, Meagher & Flom LLP

The EU’s New Cybersecurity Law for the Space Sector

Skadden, Arps, Slate, Meagher & Flom LLP on

On 25 June 2025, the European Commission announced its proposal for a “Space Act” that would introduce a new regulatory framework for EU space activities. The proposed framework includes cyber-resilience obligations for EU...more

Morrison & Foerster LLP

NIS 2: Strengthening Europe’s Cyber Defenses

Morrison & Foerster LLP on

European cybersecurity risk management and reporting obligations have received a substantial facelift. The Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the EU (“NIS 2”) became effective...more

DLA Piper

Ireland: NIS2 Revamps Ireland’s Cybersecurity Landscape: Old Regulators, New Powers

DLA Piper on

The NIS2 Directive has significantly reshaped the cybersecurity landscape across the EU. Since the implementation deadline in October 2024, EU Member States have been working to incorporate new standards into their national...more

228 Results
 / 
View per page
Page: of 10
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide