What to expect in 2023

The European Union has an unusual IT strategy. While the United States prioritizes global development, Tech The EU is focused on being the leading regulator of the industry.

In 2022, this block introduced two strict new rule sets. The Digital Market Act (DMA), which seeks to increase competition for online services, and the Digital Services Act (DSA), which seeks to protect people from online harm. Analysts expect regulatory action to accelerate next year.

“The only thing we can be sure of is that next year there will be more regulations and stronger enforcement. GRC International Groupis a global provider of IT governance, risk management and compliance solutions.

To assess the details, TNW asked IT experts across the bloc to predict from EU policy in 2023. All laws are expected to change significantly, and certain technologies stand out in the forecast.

Enhanced security

Our experts expect significant progress in cybersecurity regulation. Costas Rossoglou Shopify EMEA and international public policy and government affairs heads emphasized the importance of the Digital Operational Resilience Act (DORA).

Recently adopted regulations aim to harmonize the financial sector’s approach to cybersecurity. To be compliant, organizations review legacy IT systems and may invest in new software, and thus need to invest in new software. This may be costly in the short term, but Rossoglou is optimistic that it will pay off. He hopes his level of security will improve, which will limit attacks, reduce downtime, and save cash.

“It will take years for compliance to become mandatory, but ultimately financial institutions will be put in a stronger position to deal with outages, data breaches, unauthorized access, and data loss. will be,’ he said. “This is very important in the highly sensitive information held by the financial sector.”

“It’s never too early to find out.

Another proposal underway in the EU is the Cyber ​​Resilience Act. The regulation establishes cybersecurity requirements for connected devices and provides consumers with transparency regarding practices, testing, and general functionality.

The bill is currently undergoing a consultation process. Rossoglou recommends that the organization monitor progress over the next year.

“It will likely take a year or two to reach a final decision, after which organizations will have a 24-month transition period to comply,” he said. “But it’s never too early to notice the changes ahead. Regular monitoring for updates can help companies prepare for change in good time.”