Welcome to ISMG's GDPR Resource Center!

The EU revamped its vaunted data protection and privacy laws with the 2016 passage of the General Data Protection Regulation. GDPR enforcement went into full effect on May 25, 2018, and any organization that stores Europeans’ personal data must comply.

How 72% of Enterprises Are Rewriting Cyber Resilience Playbooks

Information Security Media Group • February 18, 2026

Cyber threats are continuous, unpredictable, and increasingly sophisticated. This session provides actionable insights to help organisations prepare, respond, and recover with confidence—while enabling innovation and growth.

Artificial Intelligence & Machine Learning

EU Privacy Watchdogs Pan Digital Omnibus

API Security

Why Banks Need AI-Driven Segmentation Against Ransomware

Unlocking Data and AI to Digitally Transform Manufacturing

General Data Protection Regulation (GDPR)

Breach Notifications in Europe Rise, While Fines Hold Steady

OnDemand | Strengthening Cyber Resilience: Accelerate Recovery, Reduce Risk, Sustain Continuity

Artificial Intelligence & Machine Learning

Europe's AI Challenge Runs Deeper Than Regulation

General Data Protection Regulation (GDPR)

UK ICO Fines LastPass Over 2022 Data Breach

Latest

API Security

APIs Demand Dynamic Security, Not Static Controls

Michael Novinson • December 8, 2025

API security is evolving fast as AI, new architectures and distributed teams reshape how developers build and secure modern systems, says Postman Head of Security Sam Chehab. Secrets management and AI-driven controls now play a pivotal role in keeping data secure at scale.

Thwarting Cyberthreats in the Power Sector

Tony Morbin • November 19, 2025

Nation-state threats and natural disasters test grid resilience. Salt River Project and Splunk's global energy and utilities advisers explain how layered OT monitoring, strong fundamentals and real-time intelligence help utilities detect intrusions, remove attackers and stay ahead of bad actors.

Fraud Management & Cybercrime

Beyond Fraud Prevention: Rebuilding Trust Through Intelligence

Tom Field • November 10, 2025

Financial institutions now face $6 in total costs for every $1 of fraud loss, according to new research from Q2. Persistent levels of financial risk can slowly erode customer trust over time. As threat actors and fraudsters alike grow in sophistication, banks, credit unions and other financial organizations remain...

Secure AI Tools: From Visibility to Post-Quantum Readiness

Geetha Nandikotkur • October 22, 2025

AI adoption is exploding, but so are risks tied to data security, agentic workflows and shadow AI. Todd Moore, global VP of data security at Thales, says organizations must embed protection from day one and prepare for emerging technologies including quantum computing and identity-blind agents.

Data Privacy

EU Court Preserves EU-US Data Privacy Framework

Akshaya Asokan • September 3, 2025

The European Union General Court on Wednesday dismissed a plea by a French politician to annul the legal framework underpinning commercial data flows across the Atlantic, rejecting claims that a U.S. intelligence agency oversight body is not independent of the federal government.

Ransomware Demands Fall but Endpoint Attacks Escalate

Brian Pereira • August 11, 2025

Ransomware operators are increasingly abandoning encryption-only tactics in favor of stealing and compromising data integrity. Aaron Bugal, field CISO for APJ at Sophos, shares how ransomware groups are moving from pure encryption to stealing sensitive data and exploiting remote endpoints.

Data Privacy

UK Signals It Will Backpedal on Apple Encryption Demand

Akshaya Asokan • July 23, 2025

The U.K. government is reportedly set to reverse course on requiring smartphone giant Apple to give police access to device data stored as backups in the California company's cloud service. "The Home Office is basically going to have to back down," a British official said.

Data Breach Notification

Adversarial Exposure Validation (AEV) – The Missing Link in Your CTEM Program

Seemant Sehgal • July 16, 2025

Traditional security testing tools can’t keep pace with modern threats—or prove which vulnerabilities truly matter. Discover how Adversarial Exposure Validation (AEV) bridges the gap by continuously simulating real-world attacks to reveal exploitable exposures, prioritize risk, and empower smarter security...

General Data Protection Regulation (GDPR)

UK Passes Data Use and Access Regulation Bill

Akshaya Asokan • June 19, 2025

The U.K. government passed the Data Use and Access Bill that will introduce a host of privacy changes intended at making data processing more lenient with a motive to promote economic growth. Whether the EU will continue to find British law adequate is an open question.

Artificial Intelligence & Machine Learning

Meta Begins AI Training Using EU Personal Data

Akshaya Asokan • May 27, 2025

Meta can use the public posts of European Instagram and Facebook users to train its artificial intelligence models starting Tuesday after a German court rejected an injunction against the company. The court said Meta has a "legitimate interest" in processing the data.

Data Privacy

Proposed GDPR Revisions Stokes Privacy Concerns

Akshaya Asokan • May 19, 2025

Privacy rights groups urged the European Commission to retreat from proposals to revise the GDPR. Europe pledged to lessen record-keeping obligations for companies with up to 500 employees so long as the data processing isn't "likely to result in a high risk."

Artificial Intelligence & Machine Learning

Meta Faces More European Legal Hurdles Over AI Data Training

Akshaya Asokan • May 14, 2025

Social media giant Meta is likely to face more legal hurdles over its plans to use the personal data of European Facebook and Instagram users to train artificial intelligence models. Meta paused efforts to train AI with European data in June 2024.