Sonatype kicked off its Summer of Software Regulations & Compliance webinar series this week with a broad look at some of the key regulations on improving cybersecurity. Jen Ellis, one of the hosts of the Distilling Cyber Policy podcast, moderated a discussion with Alex Botting, her co-host and EU Engagement Officer at the Center for Cybersecurity Policy, and Sonatype's Ilkka Turunen.
Their conversation explored how organizations should approach emerging regulations, including the Network and Information Security Directive (NIS2), the Digital Operational Resilience Act (DORA), and the Cyber Resilience Act (CRA), and how these new requirements are likely to impact the industry.
Cybersecurity continues to be a critical concern in software development.
One key takeaway from this discussion: prepare for emerging regulations right now. It will be much easier to get ahead of these regulations now rather than work backward toward compliance after they go into effect.
Key dates for EU cybersecurity requirements
|
The Digital Operational Resilience Act (DORA)
|
The Cyber Resilience Act (CRA)
|
EU's revised Network and Information Systems Directive (NIS2)
|
|
Takes effect on January 17, 2025
|
Expected to go into effect in 2024, with most provisions becoming enforceable in 2027
|
Takes effect on October 17, 2024
|
Legislation puts focus on component visibility and reporting
The panel discussed some of the common traits among the different regulations and a few clear themes are emerging. One of the practical implications for software developers is that organizations will be responsible for a massive amount of verification and scanning in order to prove that it's not introducing compromised products into the market.
This is going to require a significant shift in how most organizations approach software delivery, but it will ultimately result in better, safer systems.
You can catch this event on demand here and register for upcoming compliance topics you want to learn more about.
Summer of software regulations and compliance webinar topics
|
Exploring The Future of Software Compliance - August 1, 2024
|
This session features a comprehensive panel discussion on the latest regulatory changes and their implications for organisations.
|
Watch on-demand
|
|
NIS2 Compliance Demystified: Insights With SAP and Sonatype - August 15, 2024
|
Join Ilkka Turunen, Field CTO at Sonatype, and Helen Oakley, Director of Secure Software Supply Chains & Secure Development at SAP who will guide you through the essentials of NIS2 compliance.
|
Register
|
|
Understanding DORA Compliance: Insights From Surepay and Sonatype - August 29, 2024
|
Join SurePay and Sonatype as we take a deep dive into understanding and achieving DORA compliance.
|
Register
|
|
Understanding The Cyber Resilience Act - September 12, 2024
|
Join experts from ECSO and Sonatype as they discuss the Cyber Resilience Act's key components, its implications for businesses, and effective compliance strategies.
|
Coming soon
|
