• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to secondary sidebar

Alston & Bird Privacy, Cyber & Data Strategy Blog

  • Home
  • Services
  • Events
  • Contacts

Kelly Hagedorn

New EU Regulation Clarifies Cybersecurity Rules for IoT Devices and Other ‘Products with Digital Elements’

December 10, 2025 By Paul Greaves, Wim Nauwelaerts and Kelly Hagedorn

On November 28 2025, the European Commission adopted a regulation implementing the Cyber Resilience Act (‘CRA’) – an EU-wide law which lays down cybersecurity requirements for companies that design and sell ‘products with digital elements’. PDEs can take many forms including IoT devices, hardware components, and certain software. The CRA imposes cybersecurity obligations in connection […]

Filed Under: Privacy & Cyber Regulatory Enforcement Tagged With: Cybersecurity, EU Regulation, European Union (EU)

UK Cybersecurity Legislation Soon to be Introduced

November 21, 2025 By Hanna Hewitt and Kelly Hagedorn

The UK Government has introduced the Cyber Security and Resilience (Network and Information Systems) Bill (the “Bill”) to Parliament, marking the most significant update to the UK’s cyber legislation since 2018. You can access a copy of the Bill here. The Bill aims to strengthen national security and protect critical infrastructure networks in key sectors […]

Filed Under: Board Governance & Cyber Risk Management, Crisis & Data Breach Response, European Privacy & Cybersecurity Tagged With: Cybersecurity, National Security, UK, UK Cybersecurity

UK’s National Cyber Security Centre Releases 2025 Annual Review

October 28, 2025 By Hanna Hewitt and Kelly Hagedorn

The United Kingdom’s National Cyber Security Centre (NCSC) has released its Annual Review for 2025. As in 2024, the report covers the UK’s cyber security position as well as the country’s readiness to deal with those threats. A copy of NCSC’s report is available here. The Annual Review states that “it is time to act”. […]

Filed Under: Board Governance & Cyber Risk Management, European Privacy & Cybersecurity, National Security & Digital Crimes, Ransomware Fusion Center, Uncategorized Tagged With: National Cyber Security Centre, NCSC, UK, UK Cybersecurity

UK Data Protection Regulator Fines Capita ~$18.8 Million Following a Ransomware Attack

October 20, 2025 By Hanna Hewitt and Kelly Hagedorn

On October 15, 2025, the UK’s Information Commissioner’s Office (ICO) fined Capita plc and Capita Pension Solutions Limited (collectively “Capita”) £14 million (~$18.8 million) for failing to implement adequate security measures to protect the personal data of over ~6.6 million individuals following a ransomware attack by Black Basta. The ICO’s penalty notice is available here. […]

Filed Under: Crisis & Data Breach Response, European Privacy & Cybersecurity, Privacy & Cyber Regulatory Enforcement Tagged With: Cybersecurity, Cybersecurity Incidents, Enforcement Action, ICO, UK, UK Cybersecurity, UK GDPR

The EU Data Act Comes Into Force

September 18, 2025 By Hanna Hewitt and Kelly Hagedorn

The EU officially adopted the Data Act in January 2024, and it came into force on September 12, 2025. The Data Act builds on existing laws like the General Data Protection Regulation and the Data Governance Act. Now that the legislation is active, companies that fall under its scope must proactively review its provisions and […]

Filed Under: European Privacy & Cybersecurity, Privacy & Cyber Regulatory Enforcement Tagged With: Cloud Services, Connected Products, Data Act, EU, EU Regulation, Europe, Regulation

  • « Go to Previous Page
  • Page 1
  • Page 2
  • Page 3
  • Page 4
  • Page 5
  • Go to Next Page »

Primary Sidebar

This blog is a service of Alston & Bird’s Privacy, Cyber & Data Strategy team and focuses on key data privacy and data security issues.


Receive email notifications when new posts are added.

Receive email notifications when new posts are added.


RANSOMWARE FUSION CENTER
Click here to request access

THE DIGITAL DOWNLOAD
Click here to see the editions

PRIVACY & CYBER EVENTS
Click here to see upcoming and past events

PRIVACY & CYBER MAILINGS
Click here to sign up


Secondary Sidebar

Categories

Recent Posts

  • No Second Bite at the Apple for Accellion Plaintiffs: Judge Denies Motion to Modify Class Certification Order
  • Connected Vehicles Under the Spotlight: French DPA Issues Landmark Guidance on Vehicle Data Privacy
  • Five Eyes Issues Urgent Call to Action on AI-Driven Cyber Threats
  • DOJ Settles False Claims Act Case with LOGZONE Over Cybersecurity Deficiencies
  • FTC Targets EdTech Data Practices in Final Order Following Major Student Data Breach
Copyright © 2026 · Alston & Bird · All Rights Reserved. Privacy.