On August 27, 2025, the Cybersecurity and Infrastructure Security Agency (CISA), in coordination with the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the United States Department of Defense Cyber Crime Center (DC3) … [Read more] about United States, International Coalition Issue Joint Warning of Increasing PRC Backed Threat Activity
The Cybersecurity and Infrastructure Security Agency (CISA) has extended the deadline for it to issue final rules about mandatory incident reporting for critical infrastructure entities. The original deadline of October 2025 was pushed by six months … [Read more] about CISA Gives Itself an Extension for Cyber Incident Reporting Rules
On August 28, 2025, Colorado Governor Jared Polis signed Senate Bill 25B-004 (Bill) into law, extending the compliance deadline of the Colorado Artificial Intelligence Act (CAIA) from February 1, 2026, to June 30, 2026. The Bill does not alter the … [Read more] about Compliance Deadline for Colorado AI Act Delayed Until June 30, 2026
On September 9, 2025, the California Privacy Protection Agency (CPPA) announced a joint investigation sweep targeting businesses that may be failing to honor consumers’ opt-out requests submitted via Global Privacy Control (GPC) signals, in … [Read more] about Multistate Privacy Investigative Sweep Targeting Website Global Privacy Control (GPC) Noncompliance
Rhode Island has enacted Senate Bill 603 (SB603), effective July 2, 2025, establishing a comprehensive cybersecurity framework for nonbank financial institutions licensed by the state’s Department of Business Regulation (DBR). Although SB603 is … [Read more] about Rhode Island’s New Cybersecurity Law for Nonbank Financial Institutions