Analyzing and Categorizing Emerging Cybersecurity Regulations

• dc.contributor.author: Marotta, Angelica
• dc.contributor.author: Madnick, Stuart
• dc.date.issued: 2028-09-08
• dc.identifier.issn: 0360-0300
• dc.identifier.uri: https://hdl.handle.net/1721.1/162660
• dc.description.abstract: As cyber-attacks become more frequent, sophisticated, and impactful, governments worldwide are responding by introducing or proposing new cybersecurity regulations. This paper examines over 170 recent regulations and trends in cybersecurity across various regions, including the United States, Europe, and beyond. It identifies 17 key features in many of these regulations, which we have grouped into 5 categories, analyzes observed patterns, and proposes areas for improvement. This paper's primary objective is to significantly contribute to the cybersecurity compliance domain by helping researchers understand the structure of these regulations and helping organizations to assess and mitigate their cyber risk within an increasingly complex and regulated cybersecurity environment. Our findings provide valuable direction to those trying to navigate the flood of new cybersecurity regulations and the governments enacting new cybersecurity regulations.
• dc.publisher: Association for Computing Machinery
• dc.relation.isversionof: http://dx.doi.org/10.1145/3757318
• dc.source: Association for Computing Machinery
• dc.type: Article
• dc.identifier.citation: Angelica Marotta and Stuart Madnick. 2025. Analyzing and Categorizing Emerging Cybersecurity Regulations. ACM Comput. Surv. 58, 2, Article 51 (January 2026), 36 pages.
• dc.contributor.department: Sloan School of Management
• dc.relation.journal: ACM Computing Surveys
• dc.identifier.mitlicense: PUBLISHER_POLICY
• dc.eprint.version: Final published version
• dc.language.rfc3066: en
• mit.journal.volume: 58
• mit.journal.issue: 2