News

The Data Chronicles | Cyber developments in the EU and U.K.

16 April 2026

In this episode of The Data Chronicles, host Scott Loughlin is joined by Hogan Lovells partners Dan Whitehead and Dr. Henrik Hanssen to examine how evolving cybersecurity regimes in the E.U. and UK such as NIS2, the Cyber Resilience Act, DORA, and proposed reforms to the EU Cybersecurity Act are reshaping legal and operational expectations for organizations operating across borders.

Together, Scott, Dan, and Dr. Henrik examine how cybersecurity regulation in the EU and U.K. has entered a period of rapid expansion and fragmentation, moving well beyond traditional data protection into a complex framework governing enterprise security, product security, sector specific obligations, and supply chain risk. The discussion explores why global “one size fits all” security programs and reliance on baseline standards like ISO and NIST are no longer sufficient on their own, how post Brexit divergence between the EU and U.K. is creating material compliance challenges, and why cybersecurity has shifted from a best practice exercise to enforceable law – requiring tighter integration between legal, IT, and information security teams to execute compliance at scale.

View the episode here and here.

Authored by Scott Loughlin, Dan Whitehead, and Dr. Henrik Hanssen.