New cybersecurity rules in the EU
Technology legislation passed in the European Union can impact the entire world, and several cybersecurity bills are currently under review by EU legislative bodies.
The best known is undoubtedly the European AI law, which subjects all AI systems to regulations regarding risk management, transparency and reporting, and prohibits AI tools deemed high risk. This law applies to all AI systems used in the EU, regardless of where the deployer or provider is located.
Other EU safety legislation to watch out for is the recently passed law Network and Information Security Directive 2 (NIS2)which comes into force in October 2024, and the Digital Operations Resilience Act (DORA), effective January 2025. NIS2 creates new cybersecurity risk management obligations, while DORA establishes operational resilience obligations. Both apply to all entities operating in the EU.
Top Cybersecurity Trends in 2024
The growth of AI risks
Perhaps the most important cybersecurity development of the last year is the ubiquity of AI.
Alison King, vice president of government affairs at cybersecurity vendor Forescout, says one of the main concerns when it comes to cybersecurity should be ensuring that “AI tools are used securely and ethically.”
Hype around AI may lead organizations to adopt AI technologies before fully verifying their security, perhaps making the mistake of entering sensitive information into tools built on AI platforms. public AIs or failing to anonymize the data used to train a GPT.
“As organizations strive to harness AI responsibly, they must balance innovation with risk mitigation,” says King. “While defenders can benefit from AI capabilities, malicious actors can use these same technologies as a weapon for nefarious purposes.” Experts predict in particular that generative AI could lead to More convincing social engineering attacks.
Failing to verify the security of AI platforms could also void investments in these platforms in the future, as governments have also taken note of the risks and potential of AI. AI-related bills have been proposed in the United States and abroad.
Government attention to AI
In the coming months, “expect governments to focus more on AI systems, walking the line between innovation and security,” advises Eric Skibinski, consultant at FiscalNote. “These governments are excited to take advantage of the new technology, but are also concerned about the risks associated with it. »
At the federal level, Biden issued a decree on AI this encourages, among other things, higher standards in AI safety. In response, the Cybersecurity and Infrastructure Security Association (CISA) published guidelines on secure critical infrastructure against AI-related threatsand the Department of Homeland Security (DHS) created an AI Security Committee.
In Congress, Senate Majority Leader Chuck Schumer (D-NY) recently proposed an annual budget of $32 billion. spending plan for AI systemsand a Senate AI task force released a roadmap for AI-related proposals.
