The PIPL (Personal Information Protection Law) has emerged as an unprecedented first example of highly protective regulation of personal data, establishing an uncertain framework that reinforces China's control. Despite recent clarifications from China’s authorities, the centralisation of information systems continues…
China may soon ease PIPL cross-border data transfer requirements, but your privacy compliance strategy should focus on the long term. Your company operates in China. You compile personal data relating to your Chinese employees and transfer them to your headquarters…
A 38% increase of cyber-attacks was estimated in 2022[1]. As this figure illustrates, the cyber threat continues to grow, and has become a major concern for businesses worldwide. To counter this growing threat and maintain digital confidence, governments have long…
Introduction Definition of electronic voting Electronic voting is a dematerialised, self-counting voting system in which voters use electronic devices to record their votes. The system can be used remotely via internet voting, or in person where voters can visit polling…
![[INTERVIEW] Operational resilience, how to recover after an attack!](https://www.riskinsight-wavestone.com/wp-content/uploads/2023/01/Image1-800x450.jpg)
Hello Roxane! Thank you for your time! Today, we’re going to talk about the Operational Resilience Maturity Assessment Framework. Could you summarize the tool in one sentence? To sum up, the Operational Resilience Maturity Assessment Framework is a tool that…
The increasing maturity of technologies associated with the use of digital certificates The use of digital certificates on information systems has been around for over 20 years. It is a proven practice based on standardised technologies and regulations governing several…
DORA, in a nutshell The European Union published the Digital Operational Resilience Act, or “DORA”, on December 27th, 2022, and it entered into force on January 16th, 2023. It sets new rules for financial entities and their ICT third-party service providers…
The ISO 27001 and ISO 27002 standards provide a set of requirements and best practices to organize and implement an Information Security Management System (ISMS) within any organization. The success of these standards has been widely observed both in France…
The Network and Information System Security - (UE) 2016/1148 directive, commonly referred to as NIS, was a European directive adopted by the European parliament on July, 6th , 2016. It has been transposed by member states into their national legislations…
With the release of the Digital Operational Resilience Act (DORA), the European Union is taking a strong stand to strengthen the financial sector’s resilience to ICT-related major incidents. With prescriptive requirements on both financial entities and critical ICT services provider, and an aggressive timeline…
