News
Short updates on security, GRC, and AI developments, with enough context to be worth reading.
- Brief
EDPB Sharpens Research Guidance and Speeds Up Anonymisation Work
Summary: EDPB used its April plenary to tighten guidance on scientific-research processing, accelerate anonymisation work, and approve a new certification mechanism tied to …Read brief - Brief
NIST Publishes Hardware Security White Paper on Firmware-Based Monitoring
Summary: NIST published Cybersecurity White Paper 52, “Firmware-Based Monitoring for Bus-Based Computer Systems,” on April 15, 2026. The paper describes how component …Read brief - Brief
FTC Targets Noncompete Agreements in Pest Control Enforcement Action
Summary: The FTC ordered Rollins to stop enforcing noncompete agreements against thousands of workers and paired the action with warning letters to other pest-control companies, …Read brief - Brief
NIST Updates NVD Operations to Address Record CVE Growth
Summary: NIST is changing NVD operations to keep up with record CVE volume, signaling that vulnerability teams should expect continued prioritization pressure around enrichment, …Read brief - Brief
FTC Bars Forever Living From Deceptive Earnings Claims
Summary: The FTC settled with Forever Living and its operators, permanently barring deceptive earnings claims and reinforcing that consumer-protection enforcement still reaches …Read brief - Brief
EDPB Annual Report 2025 Highlights the Board's Enforcement Priorities
Summary: EDPB’s 2025 annual report summarizes the board’s guidance, coordination, and enforcement priorities, giving privacy teams a better read on where European …Read brief - Brief
OpenAI Opens Applications for a Safety Fellowship Focused on Alignment Research
Summary: OpenAI announced the OpenAI Safety Fellowship on April 6, 2026, describing it as a pilot program for external researchers, engineers, and practitioners working on safety …Read brief - Brief
EDPB Publishes One-Stop-Shop Digest on Legitimate Interest
Summary: EDPB published a digest of one-stop-shop decisions on legitimate interest, giving privacy teams a clearer signal on how regulators are testing necessity, balancing, and …Read brief - Brief
EDPB conference on cross-regulatory cooperation: what we learned
Summary: EDPB used its March conference to press for deeper coordination between privacy regulators and adjacent EU authorities, signaling that cross-regulatory enforcement is …Read brief - Brief
NIST Releases CSF 2.0 Quick-Start Guides for ERM and Informative References
Summary: NIST announced two Cybersecurity Framework 2.0 quick-start guide updates on March 23, 2026. The agency released the final SP 1308 guide on connecting CSF 2.0 with …Read brief - Brief
NIST Finalizes Revision 3 of Its DNS Deployment Guide
Summary: NIST published the final version of SP 800-81 Revision 3, “Secure Domain Name System (DNS) Deployment Guide,” on March 19, 2026. The guide covers DNS as a …Read brief - Brief
EDPB and EDPS Back Stronger EU Cybersecurity Rules While Guarding Personal Data
Summary: EDPB and EDPS issued a joint opinion on the Commission’s CSA2 and NIS2 proposals, arguing the EU can streamline cybersecurity obligations without diluting core …Read brief - Brief
NIST Maps the Hard Parts of Monitoring Deployed AI Systems
Summary: NIST published AI 800-4, “Challenges to the Monitoring of Deployed AI Systems,” on March 9, 2026. The report groups monitoring into six categories: …Read brief - Brief
EDPB Sets a 2026-2027 Programme Focused on Compliance and Regulatory Coordination
Summary: The European Data Protection Board adopted its 2026-2027 work programme on February 12, 2026. The programme emphasizes making GDPR compliance easier in practice, …Read brief