On 28 October 2025, China passed amendments to the Cybersecurity Law, marking the first update since its enactment in 2016. These amendments reflect China’s heightened focus on cybersecurity and AI governance and are scheduled to take effect on 1 January 2026.
Key Updates
The amendments primarily focus on the law’s enforcement provisions. Key updates include:
Continue Reading CHINA: Amendments to Cybersecurity Law Effective 1 January 2026
Since the full enforcement of Thailand’s Personal Data Protection Act B.E. 2562 (2019) (“PDPA”) in June 2022, the Personal Data Protection Committee (“PDPC”) has moved decisively from awareness-building to active enforcement. The transition emerged in 2024 when a leading e-commerce company was fined THB 7 million for breaching the law.
In
Continue Reading Thailand: PDPA Crackdown 2025: Are You Next? – Major Fines and Lessons from Thailand’s Latest Enforcement
CrowdStrike’s 2025 Threat Hunting Report offers key insights into the current cyber threat landscape. Drawing on data from July 2024 to June 2025, the report showcases how adversaries are becoming more sophisticated, scalable, and business-like in their operations. These “enterprising adversaries” are not only innovating their tactics but also exploiting emerging technologies such as generative
Continue Reading Key Insights from the CrowdStrike 2025 Threat Hunting Report
On 14 January 2025, the UK Home Office published a consultation paper focusing on legislative proposals to reduce payments to cyber criminals and increasing incident reporting.
The proposals set out in the consultation paper aim to protect UK businesses, citizens, and critical infrastructure from the growing threat of ransomware, by reducing the financial incentives for
Continue Reading UK: Consultation on Ransomware payments
