Impactful Regulations for Cybersecurity
Session
Wednesday, December 04, 2024 14:30—15:30
Location: Sirius
Wednesday, December 04, 2024 14:30—15:30
Location: Sirius
The talk provides an overview of the scope, content and practical implementation of the new EU cyber security regulations. In addition to the NIS 2 Directive, which sets out strict requirements for the cyber security of companies, the talk will also examine the new product-related requirements from the Cyber Resilience Act. The focus will be on the areas of application of the regulations, the obligations and liability risks and their implementation in the supply chain. In addition, the current status of the legislative process and best practices for compliance will be presented from a lawyer's perspective.
In today’s rapidly evolving digital landscape, a robust governance framework is more critical than ever. Yet, too often, policy documents end up as "drawerware" – created but rarely used or understood. In this talk, The Machine-Readable Governance Framework, or How to Shred the Drawerware, we will explore why a well-structured policy framework is essential for organizations, even in an era of automation and AI. While traditional, linear policy documents remain necessary, they are no longer sufficient on their own.
We will discuss the importance of collaboration, transparency, and how technological support can enhance policy management. With a strong taxonomy and readiness for automation, organizations can take their policies to the next level by adopting practices like "policy as code" and leveraging Large Language Models (LLMs). These advanced approaches empower organizations to move beyond static documentation, driving efficiency, clarity, and real-time adaptability in governance. Join us to learn how to transform your governance framework from outdated drawerware to a dynamic, machine-readable set of controls that evolves with your organization’s needs.