AI centralisation, NIS2 supply chains & third-party risk: Europe sets the pace

Welcome to #SypherPrivacyTalks — Your news and article roundup. Bringing you the top privacy & compliance stories of the week.

The executive order that proved Brussels right? Why AI governance requires centralisation

williamfry.com • 6 min read

💡 The EU’s approach has ultimately been validated by the U.S.’s shift towards centralised AI governance, and Europe’s advantage in grounding centralisation in a coherent, democratically legitimised framework has been emphasised… read more

Cybersecurity in the supply chain: what NIS2 changes in Poland

cms.law/en • 5 min read

🛡️ Poland’s implementation of the NIS2 Directive through its amended KSC Act extends cybersecurity compliance to supply chains, establishing vendor risk management and contractual controls as core regulatory obligations for critical sectors… read more

👉 Related: NIS 2 — a new era for the Life Sciences sector | EDPB – EDPS publish Opinion on the Cybersecurity Package

The EBA’s draft Third-Party Risk Guidelines: what financial entities need to know, and how they compare to DORA

perspectives.stephensonharwood.com • 4 min read

🏛️ The European Banking Authority’s draft third-party risk guidelines indicate an expansion into non-ICT services similar to that of DORA, encouraging EU financial entities to adopt a unified, end-to-end approach to third-party risk governance… read more

OpenAI warns of potential security issue, urges Mac users to update these apps

digit.in/news • 2 min read

💥 A suspected supply-chain compromise involving a third-party developer tool has prompted OpenAI to rotate its macOS code-signing certificates and require urgent updates to its desktop apps, underscoring growing systemic risk in software distribution chains… read more

A view from Brussels: A European view from IAPP Global Summit 2026

iapp.org/news • 2 min read

🌍 From a European perspective, discussions at the 2026 IAPP Global Summit reinforced confidence in transatlantic data transfer mechanisms, while also highlighting the ongoing complexity and potential for simplification of the EU’s evolving digital regulatory framework… read more

--

Get connected with us on LinkedIn or by subscribing to our weekly newsletter. We do our best to select the most interesting and relevant content in our field and deliver it to you in a bite-sized format, so you can stay up to date on topics such as Privacy Management & Compliance.