Global Cyber Resilience Regulations
A comprehensive overview of regulatory frameworks and compliance requirements across major jurisdictions worldwide.
European Union
DORA
Digital Operational Resilience Act
EU regulation for financial entities to ensure ICT resilience, incident reporting, and third-party risk management.
EU Cyber Resilience Act
Cyber Resilience Act
Proposal for horizontal cybersecurity requirements for products with digital elements across the EU.
NIS2 Directive
Network and Information Security Directive 2
Expanded scope and obligations for essential and important entities across EU member states.
CER Directive
Critical Entities Resilience Directive
EU directive on resilience of critical entities against various threats including cyber attacks.
UK & Ireland
PRA
Prudential Regulation Authority
BoE framework for operational resilience for UK banks and insurers.
FCA
Financial Conduct Authority
UK financial services regulator with operational resilience requirements.
Bank of England
BoE Operational Resilience
Joint statement on operational resilience for the UK financial sector.
Scottish Government
Cyber Resilience Framework
Scotland's approach to cyber resilience for public sector.
UK Defence
MOD Cyber Security Strategy
Ministry of Defence cyber resilience requirements for defense supply chain.
United States
SEC
Securities and Exchange Commission
Cybersecurity disclosure rules for public companies including material incident reporting.
CIRCIA
Cyber Incident Reporting for Critical Infrastructure Act
Mandatory cyber incident reporting for critical infrastructure owners and operators.
HIPAA
Health Insurance Portability and Accountability Act
Security rule requirements for protected health information in healthcare sector.
GLBA
Gramm-Leach-Bliley Act
Financial services cybersecurity requirements for consumer financial data protection.
Global
BIS CPMI
Bank for International Settlements - Committee on Payments
Guidance on cyber resilience for financial market infrastructures.
World Bank
World Bank Cyber Resilience Framework
Cybersecurity requirements for World Bank client engagements and projects.
Hong Kong MAS
Monetary Authority of Singapore counterpart
HKMA cybersecurity requirements for authorized institutions.
Singapore MAS
Monetary Authority of Singapore
Technology risk management and cyber resilience guidelines for financial institutions.
India SEBI
Securities and Exchange Board of India
Cybersecurity and resilience requirements for Indian securities markets.
Canada OSFI
Office of the Superintendent of Financial Institutions
Cyber security and technology risk management guidelines for federally regulated financial institutions.
Australia
ACSC
Australian Cyber Security Centre
Essential Eight maturity model and cyber security guidance for Australian organizations.
SOCI
Security of Critical Infrastructure Act
Enhanced cyber security obligations for operators of critical infrastructure.
Cyber Incident Review Board
CIRC
Post-incident review capability for significant cyber incidents in Australia.
In-depth Regulatory Analysis
White & Case provides comprehensive legal analysis of global cyber resilience regulations, helping organizations navigate complex compliance requirements.
View White & Case Analysis