Tag: Trends and Insights
-
Cyber Essentials tightens in April 2026: MFA and patching can now fail you fast
Read more: Cyber Essentials tightens in April 2026: MFA and patching can now fail you fastFrom April 2026, more organizations will fail Cyber Essentials. Not because the five controls are changing, but because the scheme is becoming far less forgiving of gaps between what you say you do and what is actually happening on systems day to day. Cyber Essentials has always been sold as baseline cyber hygiene. Baseline does…
-
DORA just got a UK handshake: the EU – UK ICT oversight pact is a warning shot for third-party risk
Read more: DORA just got a UK handshake: the EU – UK ICT oversight pact is a warning shot for third-party riskIf your business depends on a small set of shared providers like cloud, identity, payments, or data platforms, your operational resilience risk is no longer just a “your firm” issue. It’s a system wide dependency. Regulators are now shifting supervision to where that risk sits: at the provider level, not just inside each regulated company.…
-
Saudi sports law sets a new benchmark for governance, risk, and compliance in the Middle East
Read more: Saudi sports law sets a new benchmark for governance, risk, and compliance in the Middle EastAcross the Middle East, governance, risk, and compliance are undergoing a quiet but consequential shift. What was once treated as a supporting function is increasingly becoming a core driver of credibility, investment, and long-term resilience. This change is not being led by speeches, slogans or strategy documents. It is showing up in how regulation is…
-
The latest cyber shocks and impact every business leader needs to know
Read more: The latest cyber shocks and impact every business leader needs to knowOver the past year, cyber-attacks have stopped looking like technical failures and started behaving like prolonged business crises. Retailers, airlines, manufacturers, healthcare providers and media organizations have all been headline news for their cyber incidents. In many cases, the initial breach was only the beginning. We witnessed; operations were disrupted, supply chains stalled, customer services faltered and leadership teams were forced into crisis mode long after systems…
-
US AI risk regulation and compliance explained: what the fragmented legal landscape means for businesses
Read more: US AI risk regulation and compliance explained: what the fragmented legal landscape means for businessesFor teams who follow AI policy in the United States, the missing American equivalent to the EU AI Act is easy to misunderstand. Many readers assume this signals hesitation or a light touch approach. From a distance, the US model can appear unclear and even permissive. That view gets the story wrong. Regulation is already here, just…
-
UK to regulate crypto by 2027: What it means for global crypto and fintech firms
Read more: UK to regulate crypto by 2027: What it means for global crypto and fintech firmsThe UK’s decision marks the end of crypto’s regulatory grey zone. At CoreStream GRC, we’re seeing global crypto and fintech teams move from asking if regulation will land, to working out how to prepare for it in a way that does not slow the business down. In this piece our team at CoreStream GRC breaks…