Safeguard
Tag

regulatory

Safeguard articles tagged "regulatory" — guides, analysis, and best practices for software supply chain and application security.

19 articles

Regulatory Compliance

EU CRA Enforcement First Year: What Changed

A senior engineer's review of the first year of EU Cyber Resilience Act enforcement, what regulators actually asked for, what vendors got wrong, and where the bar moves next.

Apr 11, 20267 min read
Regulatory Compliance

EU AI Act High-Risk System Obligations

A senior engineer's breakdown of the EU AI Act high-risk system obligations as they apply in 2026, with a focus on documentation, supply chain, and ongoing monitoring.

Apr 7, 20268 min read
Regulatory Compliance

CISA Secure-By-Design Pledge Update 2026

A senior engineer's view of where the CISA Secure-By-Design pledge stands in 2026, what signatories actually delivered, and what the second wave of expectations looks like.

Apr 3, 20267 min read
Software Supply Chain Security

Telecom Supply Chain Risk Controls in 2026

Practical supply chain controls for telecom operators in 2026, covering RAN software, OSS/BSS stacks, and the regulatory pressure from FCC and ENISA frameworks.

Apr 2, 20266 min read
Regulatory Compliance

CMMC 2.0 Rollout: Where Deadlines Actually Are

A senior engineer's guide to where CMMC 2.0 deadlines actually sit in 2026, what assessors are looking for, and how supply chain controls fit into the certification path.

Mar 29, 20267 min read
Regulatory Compliance

NYDFS 500 Software Supply Chain Implications

A senior engineer's view of how NYDFS Part 500 amendments through 2025 and 2026 reshape software supply chain expectations for regulated financial institutions.

Mar 24, 20267 min read
Regulatory Compliance

India CERT-In Software Supply Chain Update

A senior engineer's view of how CERT-In directives in 2025 and 2026 are reshaping software supply chain expectations for organizations operating in India.

Mar 19, 20267 min read
Regulatory Compliance

SEC Cyber Disclosure Rules: Year Two

A senior engineer's view of the second-year impact of SEC cybersecurity disclosure rules, what filings actually look like, and where supply chain risk fits in.

Mar 14, 20268 min read
Regulatory Compliance

FTC Data Broker Rule And Supply Chain Overlap

A senior engineer's view of how FTC data broker rulemaking through 2025 and 2026 intersects with software supply chain expectations for organizations handling personal data.

Mar 9, 20267 min read
Regulatory Compliance

DORA Financial Sector Supply Chain Controls

A senior engineer's view of how DORA's ICT third-party risk management requirements are reshaping software supply chain controls across European financial services.

Mar 4, 20268 min read
Regulatory Compliance

Australia Essential Eight 2026: Supply Chain

A senior engineer's view of how Australia's Essential Eight evolved through 2025 and 2026 to incorporate software supply chain expectations alongside the original mitigations.

Feb 27, 20268 min read
AI Security

PCI DSS 4.0 Alignment: Griffin AI vs Mythos

PCI DSS 4.0 raised the evidence bar for software security, supplier management, and continuous assurance. Griffin AI meets the new requirements with persisted records. Mythos-class pure-LLM tools leave QSAs asking for artifacts.

Feb 14, 20267 min read
regulatory — Safeguard Blog