If you are eager to access, as promised, our ressources on DORA, it’s right below.

StratOps: In Digital, AI, and Cybersecurity, Let’s Stop Fearing Regulation

On Tuesday, at the AI Summit in Paris, the U.S. Vice President JD Vance urged Europe to regulate tech less. But regulation is not a barrier—it’s an opportunity.

For the past few weeks, a wave of deregulation talk has been spreading from the United States to Europe. The Trump administration had already initiated this trend, and today, even in France, some lawmakers, such as Paul Midy, are echoing these ideas. The libertarian push to “free” tech from regulation seems to be gaining ground, despite calls from international organizations like the OECD and leaders like president Emmanuel Macron for global AI governance.

Regulation is an asset, not a handicap

Let’s be clear: regulation is not only essential, but it also benefits businesses. In the short term, it may seem restrictive for executives, but it protects shareholders value and ensures a more stable and predictable framework to operate business.

Why? Because it helps prevent potentially unethical local practices, limits data leaks, and mitigates cyberattacks—threats that can be just as devastating for a company as they are for society as a whole. It clarifies what it is acceptable and not within an organization. It’s time to stop seeing regulation as a threat and start approaching it as a strategic lever.

Be proactive rather than reactive

Instead of waiting for regulatory authorities to come knocking, take the initiative. Compliance is not a burden—it’s a competitive advantage.

📌 Embrace full NIS2 implementation: The cybersecurity directive has been in effect since October 17, 2024. Authorities like the French National Cybersecurity Agency (ANSSI) will ramp up inspections. Don’t take it lightly.

📌 Act now on DORA: The Digital Operational Resilience Act sets clear rules for financial institutions to strengthen their resilience against cyber threats. If this applies to you, there’s no time to waste—it’s in force since January 17, 2025.

📌 Implement the AI Act as if it were already 2026: Why wait until all provisions take effect on August 2, 2026? AI is already being regulated, and companies that anticipate these rules will gain a competitive edge.

📌 Continue your GDPR compliance efforts: GDPR is an ongoing process, not a one-time checkbox. Avoid fines, protect your data, and strengthen user trust. May 25, 2018, was just the beginning—if you still have work to do, now is the time. Seven years have passed.

📌 Train your IT and cybersecurity experts: Regulations are evolving, and your teams must keep up. Invest in recognized certifications like CISM and CISSP to enhance their expertise and capability to adapt to business processes.

Conclusion: Regulation as a Performance Driver

Instead of resisting regulation, make it a cornerstone of your strategy. Companies that integrate it intelligently reduce risks, strengthen their credibility, and gain a competitive edge. Regulation is not a roadblock—it’s a catalyst for trust and competitiveness. Even in cybersecurity.

🔎 Resources of the Week

• Only for StratOps subscribers: Two new guides to accelerate DORA compliance—Critical and Important Business Functions (BIA) and Business Continuity and Disaster Recovery (IT Rebuild).

• Practical guide on building trust in AI through a cyber-risk based approach from France’s national cybersecurity agency (ANSSI) and its international partners from Canada, Estonia, Finland, Germany, Greece, India, Ireland, Italy, Luxembourg, Malta, Netherlands, Norway, Poland, United Kingdom, Singapore, Slovakia, Slovenia, South Korea. You’ve well noticed: USA, Japan and Australia are not in the list.

BTW, USA and UK did not sign the final declaration of the Paris AI Summit conference.

This week’s take-away:

Don’t let regulators dictate your agenda—be proactive. 🚀

This newsletter is curated, driven and verified by Sylvan Ravinet. Let’s connect on LinkedIn or work together.

Drop a comment or forward this to a colleague who needs to see it.