{"id":223237,"date":"2026-06-01T01:00:00","date_gmt":"2026-06-01T05:00:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/01\/eu-organizations-buckle-under-rising-compliance-pressure\/"},"modified":"2026-06-01T01:10:11","modified_gmt":"2026-06-01T05:10:11","slug":"eu-organizations-buckle-under-rising-compliance-pressure-2","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/01\/eu-organizations-buckle-under-rising-compliance-pressure-2\/","title":{"rendered":"EU organizations buckle under rising compliance pressure"},"content":{"rendered":"<p><a href=\"https:\/\/www.helpnetsecurity.com\/2026\/06\/01\/antonija-vojnovic-span-cybersecurity-governance-challenges\/\">EU organizations buckle under rising compliance pressure<\/a><\/p>\n<p><a href=\"https:\/\/www.helpnetsecurity.com\/2026\/06\/01\/antonija-vojnovic-span-cybersecurity-governance-challenges\/\">https:\/\/www.helpnetsecurity.com\/2026\/06\/01\/antonija-vojnovic-span-cybersecurity-governance-challenges\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-06-01 01:00:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.helpnetsecurity.com\">www.helpnetsecurity.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points.<br \/>\n        Cybersecurity governance in the EU is shifting under expanding frameworks such as NIS2 and DORA, while AI raises new questions for security teams. What the future brings is hard to predict, and organizations must find a way to cope.<br \/>\nAntonija Vojnovi\u0107, Governance, Risk and Compliance Department Manager at Span, spoke with Help Net Security at the Span Cyber Security Arena conference about how these regulatory frameworks are shaping compliance priorities and day-to-day decision-making.<\/p>\n<p>Compliance overload across organizations<br \/>\nCompanies in the EU are dealing with an increasing volume of regulations, with frameworks overlapping in some areas while differing in others.<br \/>\n\u201cNot everyone can explain what applies to whom and why. For example, GDPR and NIS2 affect different types of data, but they should complement each other,\u201d Vojnovi\u0107 said.<br \/>\nOrganizations are often unsure where to start or how to prioritize compliance efforts.<br \/>\nNIS2 implementation differs among EU member states because it is a directive, which means each country must translate it into national legislation.<br \/>\n\u201cCroatia has legislation in place. Slovenia also has legislation, though not in the same form.\u201d<br \/>\nVojnovi\u0107 says the goal of NIS2 is to improve awareness and align cybersecurity standards at EU level, but not all countries are at the same level of maturity. Different countries and companies need different amounts of time to adapt.<br \/>\nIn Croatia, she notes, organizations are still waiting for the first audits to understand how enforcement will work in practice, what penalties will look like, and whether changes will follow after initial findings.<br \/>\nShe adds that uncertainty remains around implementation and scope, including which organizations will fall under the directive.<br \/>\nParallel regulatory pressure<br \/>\nAsked whether the growing set of regulations will ultimately help, Vojnovi\u0107 says regulations are useful, but too many are being introduced at the same time.<br \/>\nShe points to NIS2, DORA, and the AI Act as examples of frameworks that arrive in parallel, creating pressure for organizations trying to implement them.<br \/>\nShe suggests introducing one regulation first, observing how it works in practice, then building on it with additional measures.<br \/>\nVojnovi\u0107 says the volume of change leaves organizations overwhelmed and unsure how to prioritize requirements.<br \/>\nAccording to a Censuswide survey, 96% of financial services organizations in EMEA say their data resilience is not where it needs to be to meet regulatory expectations under DORA.<br \/>\nAI security and regulatory response<br \/>\nAI frenzy is visible in every corner, and the EU is no exception. AI spending in Europe is forecast to reach $290 billion by 2029, growing at 33.7% annually.<br \/>\nAlong with that growth comes concern about misuse and how difficult it can be to control real-world applications of AI systems. The EU has responded with the AI Act, setting out rules for how AI is developed and used.<br \/>\nThe European Telecommunications Standards Institute (ETSI) has also published EN 304 223, a standard focused on baseline cybersecurity requirements for AI systems in operational use. It treats AI as its own security category, with attention to system-specific risks.<br \/>\nVojnovi\u0107 thinks AI can be regulated, but this depends on how it is used and how it may be misused for malicious purposes. She is not convinced the EU AI Act will bring major change.<br \/>\n\u201cI think awareness may ultimately be more valuable. People should understand that AI tools can use private information for training purposes and that these tools should be used responsibly.\u201d<br \/>\nVojnovi\u0107 adds that AI can be useful, but not in every scenario. It should be used where it adds value, without entering private information or relying on it for everything.<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>EU organizations buckle under rising compliance pressure https:\/\/www.helpnetsecurity.com\/2026\/06\/01\/antonija-vojnovic-span-cybersecurity-governance-challenges\/ Publish Date: 2026-06-01 01:00:00 Source Domain: www.helpnetsecurity.com&#8230;<\/p>\n","protected":false},"author":1,"featured_media":223239,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/img.helpnetsecurity.com\/wp-content\/uploads\/2026\/05\/29133117\/antonija_vojnovic-2-span.webp","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,24],"class_list":["post-223237","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-cybersecurity"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/223237"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=223237"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/223237\/revisions"}],"predecessor-version":[{"id":223241,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/223237\/revisions\/223241"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/223239"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=223237"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=223237"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=223237"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}