Next Move: The latest updates on regulatory and policy developments in tech

Change is a constant so move with confidence by staying up to date

Regulators and policymakers — keen to build new guardrails for a digital society — stand on largely unfamiliar ground. They often take different, sometimes contradictory, approaches because they have different missions and visions. At the global level, regulatory divergences reflect profoundly different value systems. Building trust in technology is complex work.

Through PwC's Next Move series, we can provide context to policy and regulatory developments in technology and tell you how you can get ahead of what might come next.

In the January edition, we cover four developments:

1. EU’s DORA looms large for financial firms, tech vendors

The Digital Operational Resilience Act (DORA), which entered into force on January 16, is designed to protect the EU’s financial sector against severe operational disruption. The regulation will impose far-reaching requirements for operational resilience on financial services firms and their critical service providers. US businesses with ties to the EU financial sector need to understand their potential exposure and take action.

2. Generative AI tools push new boundaries for responsible AI

The democratization of AI is upon us as new generative AI tools like OpenAI’s ChatGPT and DALL-E put the power of AI into the hands of everyday users. While the positive use cases for generative AI are staggering, there’s also potential for misuse and harm. As generative AI becomes increasingly popular and widespread, questions about who is responsible for mitigating the associated risks will become unavoidable. Creators of generative AI models should apply responsible AI principles and practices.

3. Consumer product labels for cyber safety: Prepare to disclose

Consumers, B2B customers and shareholders have no easy way to know if a company is doing all it can to sell us cybersecure devices. The Biden administration has issued an executive order directing the National Institute of Standards and Technology (NIST) to develop guidance for two cyber labeling programs. Assess your readiness for cyber-safety labeling by asking three important questions.

4. Quantum leap in cyber risk spurs readiness push

The Quantum Computing Cybersecurity Preparedness Act, signed into law on December 21, 2022, requires federal agencies to migrate their information technologies to quantum-safe cryptography. Contractors to federal agencies that handle sensitive information should begin now to prepare themselves for this change.


{{contentList.dataService.numberHits}} {{contentList.dataService.numberHits == 1 ? 'result' : 'results'}}

Contact us

Christopher Pullano

Christopher Pullano

US Advisory Principal, Banking and Capital Markets, PwC US

Michael Corey

Michael Corey

Partner, Cybersecurity Privacy & Forensics, PwC US

Joseph Nocera

Joseph Nocera

Cyber, Risk and Regulatory Marketing Lead Partner, PwC US

Matt Gorham

Matt Gorham

Cyber & Privacy Innovation Institute Leader, PwC US

Follow us

Required fields are marked with an asterisk(*)

By submitting your email address, you acknowledge that you have read the Privacy Statement and that you consent to our processing data in accordance with the Privacy Statement (including international transfers). If you change your mind at any time about wishing to receive the information from us, you can send us an email message using the Contact Us page.