TechNative: Turning Regulation into Resilience with Pentesting
Sam Kirkman, Director of Services for EMEA, writing in TechNative examines how rising regulatory pressure is reshaping the role of penetration testing, turning compliance requirements into a driver of genuine cyber resilience. Read the preview below or view it online.
+++
In an increasingly hostile cyber landscape, regulatory expectations are also rising.
Frameworks such as the UK’s pending Cyber Security and Resilience Bill and Europe’s Digital Operational Resilience Act (DORA), NIS2, and the General Data Protection Regulation (GDPR) are pushing organisations beyond merely withstanding cyberattacks; they now require ongoing demonstration of diligent security practices.
The cost of a lax approach to compliance is financial. Regulators are unflinching in imposing penalties on non-compliant companies. In 2023, due to unlawful data processing and profiling practices, the French advertising giant Criteo was fined €40 million. The case was not triggered by a dramatic breach but by weak compliance practices and lack of transparency, a reminder that resilience depends as much on proof of controls as on responding to attacks.
You can read the full article here.
Explore More News
Canvas breach puts global education cyber risk in focus
ITBrief interviewed NetSPI's Field CISO, Nabil Hannan, for a May 24, 2026 article about a major data breach in Instructure's Canvas learning management system disrupting final exams at universities.
Microsoft is working on a patch for ‘YellowKey’ attack on BitLocker, offers temporary fix
CSO Online interviewed NetSPI's VP of Research, Karl Fosaaen, for a May 20, 2026 article about how Microsoft is working on a patch for a zero-day vulnerability dubbed "YellowKey" (CVE-2026-45585).
AI-powered Continuous Pentesting
NetSPI® launches AI-powered Continuous Pentesting to help organizations validate and reduce risk through their Human-led, AI-accelerated platform that supports continuous penetration testing and agentic MCP integrations.