The European Commission has published a draft regulation containing further detail on the “technical and methodological” security measures, and cybersecurity incident reporting threshold triggers, under the incoming NIS2 directive (the…
The EU AI Act (the “Act”) has made it through the EU’s legislative process and has passed into law today; it will come into effect on 1 August 2024. Most…
Despite much fanfare, and a process that seems to edge ever nearer to completion, the EU AI Act still has not been formally adopted. The Act still has to undergo…
Back in November 2022, we highlighted the enactment of the EU’s Digital Operational Resilience Act (“DORA”) that will impose far-reaching operational resilience requirements and Board oversight requirements on almost all…
In a new piece for The Drawdown magazine, Robert Maddox and Tristan Lockwood in our London office explore how the EU’s Digital Operational Resilience Act (“DORA”) is likely to be a…
Last year, yet again, saw significant GDPR enforcement actions, important regulatory guidance, and an abundance of European legislative activity touching on cyber, data protection and AI-regulatory issues. Here, we unpack…
As we approach the end of the year, here are the Top 10 Cybersecurity posts on the Debevoise Data Blog in 2022 by page views. If you are not already…
Key takeaways this November include: EU Digital Operation Resilience Act: Financial services firms – including banks, insurers and private equity firms – should start assessing what they will need to…
On 28 November 2022, the European Union finalised the EU Digital Operational Resilience Act (“DORA”). Following a two year implementation period, DORA will impose far-reaching operational resilience requirements and management…