Cyber regulations are crucial for the protection of individuals and businesses and aid in risk minimization; failure to comply with these regulations can result in severe consequences such as financial penalties, legal action, reputational damage, and potential breach of sensitive or confidential information. Analysts have identified some key cyber regulations to watch in the coming months.
Tech & Sourcing @ Morgan Lewis
TECHNOLOGY TRANSACTIONS, OUTSOURCING, AND COMMERCIAL CONTRACTS NEWS FOR LAWYERS AND SOURCING PROFESSIONALS
During the Biden administration, there was a push to prioritize and modernize cybersecurity responses, and the National Institute of Standards and Technology (NIST) agreed to work with the technology industry to develop a new cybersecurity framework. Now, those promises have come to fruition as NIST has provided updated industry-leading guidance in the cybersecurity field.
In our March 2024 blog post Study Finds Average Cost of Data Breaches Continued to Rise in 2023, we highlighted the key findings of the Ponemon Institute’s Cost of a Data Breach Report 2023. Each year, the report sets forth a vast dataset analyzing data breaches at hundreds of organizations to spot trends and developments in security risks and best practices. The Ponemon Institute recently published its Cost of a Data Breach Report 2024, showing an increase in data breach costs in many areas of business.
The business process outsourcing (BPO) market is growing at an unprecedented rate as technological advancements transform traditional BPO models to keep up with evolving business needs. As BPO service providers implement and leverage technologies, such as cloud computing, robotics, data analytics, automation, and traditional and generative AI, to streamline processes and improve productivity and quality, digital transformation is becoming a common component—and selling point—for many BPO engagements.
Please join us in our Philadelphia office on Wednesday, April 23, for the 2025 Tech & Sourcing Philadelphia Summit. We are broadening the agenda this year to provide more time for exploring issues that are front of mind for technology and sourcing lawyers, starting with an AI and ethics session, followed by three hours of interactive presentations and workshops by market leaders in the technology, sourcing, and privacy fields.
Partners Ksenia Andreeva and Kristin Hadgis and associate Oliver Bell recently authored an Insight titled The Evolving Framework of Data Governance: A Global Perspective. The article explores and summarizes hot topics in data governance, data privacy laws, and the evolving global landscape, including in the United Kingdom, European Union, United States, and Middle East. As the focus on transparency and cybersecurity increases, and as markets become more globalized, keeping up to date on privacy regulations and rules can be a demanding undertaking.
Please join us for Data Center Bytes, our recently launched webinar series during which Morgan Lewis lawyers will discuss the key legal considerations, industry trends, and regulatory developments shaping data center growth and operations.
On January 14, the UK government published a consultation on new measures to tackle the increasing threat of ransomware attacks. Ransomware is malicious software (malware) that infects a victim’s computer system and prevents the victim from accessing IT systems, significantly impairs their use of ICT systems, and/or facilitates the theft of sensitive data. A ransom is then demanded for restoration of use and/or data and, as we previously noted, the cost of ransomware attacks is increasing nearly 20% year-on-year.
European regulators recently published clarifications on the scope of ICT services under the EU Digital Operational Resilience Act (DORA), prepared by the European Commission, which confirms previous guidance and enables financial entities to take out of scope certain services which form part of regulated financial services.
On January 13, 2025, the United Kingdom’s Prime Minister Sir Keir Starmer announced the UK AI Opportunities Action Plan. The AI Opportunities Action Plan outlines the UK’s intentions to become a world leader in artificial intelligence technology for the benefit of private businesses and their customers as well as for all UK residents via AI-enabled public services.