New Cybersecurity Regulations in the EU and Top Trends in 2024

The European Union has recently passed new cybersecurity rules that are set to have a global impact. With several cybersecurity bills making their way through EU lawmaking bodies, the tech industry is bracing for significant changes.

One of the most prominent laws is the EU AI Act, which imposes regulations on all AI systems used in the EU. This includes requirements around risk management, transparency, and reporting, as well as a ban on high-risk AI tools. The law applies to all AI systems deployed in the EU, regardless of the location of the provider.

In addition to the EU AI Act, other cybersecurity legislation to watch out for includes the Network and Information Security 2 Directive (NIS2) and the Digital Operation Resilience Act (DORA). NIS2, which goes into effect in October 2024, introduces new cybersecurity risk management obligations, while DORA, effective in January 2025, establishes obligations for operational resilience. Both laws apply to all entities operating in the EU.

As the EU tightens its cybersecurity regulations, the tech industry is also seeing significant developments in the field. One of the top cybersecurity trends for 2024 is the growth of AI-driven risks. With AI becoming increasingly ubiquitous, organizations need to ensure that AI tools are used securely and ethically. Failure to vet the security of AI platforms could lead to vulnerabilities and potential data breaches.

Governments around the world are also paying close attention to AI-related risks. In the United States, President Biden has issued an executive order on AI, calling for higher standards for AI security. The Cybersecurity and Infrastructure Security Association (CISA) has published guidelines on securing critical infrastructure against AI-related threats, and the Department of Homeland Security (DHS) has established an AI safety board.

In Congress, Senate Majority Leader Chuck Schumer has proposed a $32 billion annual spending plan for AI systems, highlighting the government’s increasing focus on AI security. With governments and regulatory bodies taking a closer look at AI risks, organizations need to prioritize cybersecurity measures to protect against potential threats.