The EU Commission recently held a call for evidence on “simplification” of legislation in the data, cybersecurity, and AI space, ahead of a “Digital Omnibus” Act. These changes look to make the EU’s digital rulebook more innovation-friendly, supporting the Commission’s Competitiveness Compass.
The Commission is due to present its simplification proposals on 19 November. Ahead
The federal government has been shut down for over a month. We previously reported on implications for the Federal Trade Commission’s (FTC) antitrust work here. What does the shutdown mean for the FTC’s consumer protection, privacy, safety, and AI work?
Greenberg Traurig is a sponsor of the 2025 Privacy + Security Forum Fall Academy taking place from November 12 – 14, at George Washington University in Washington, D.C.
On 28 October 2025, China passed amendments to the Cybersecurity Law, marking the first update since its enactment in 2016. These amendments reflect China’s heightened focus on cybersecurity and AI governance and are scheduled to take effect on 1 January 2026.
Key Updates
The amendments primarily focus on the law’s enforcement provisions. Key updates include:
The Threat
Malware usage by adversaries has reportedly declined. Partly due to sophisticated detection methods commonly deployed by medium to large organisations.
Conversely, insider threats (cybersecurity risks originating from within an organisation) are increasing, posing complex and costly challenges for businesses. CrowdStrike’s 2025 Global Threat Report indicates that insider threat operations accounted for 40% of
On October 21, 2025, the New York State Department of Financial Services (“NYDFS”) issued an industry letter (the “Guidance”) highlighting the cybersecurity risks related to Covered Entities’ use of Third-Party Service Providers (“TPSPs”) and providing strategies to address these risks. The Guidance is addressed to all Covered Entities subject to NYDFS’s cybersecurity regulation codified at
On October 21, 2025, the New York Department of Financial Services (NYDFS) issued guidance to help licensees comply with its cybersecurity regulation. The non-exclusive checklists may be of interest to companies not licensed by NYDFS and even those not offering financial services, given NYDFS’ comment that the guidance is intended to “recommend industry best
With Halloween lurking around the corner and as National Cybersecurity Awareness Month comes to a close, the McGuireWoods Data Privacy & Cybersecurity Practice Group reminds you to not wait to be spooked by a cybersecurity incident or haunted by the task of maintaining your cybersecurity program.
Today’s threat landscape is rapidly changing and accelerated evermore
October 29, 2025 — In a significant move toward harmonizing artificial intelligence with data protection principles, the European Data Protection Supervisor (EDPS) has released updated guidelines aimed at ensuring the lawful use of generative AI across EU institutions. These revisions come at a time when AI technologies are rapidly evolving, and regulatory clarity is more