Data breaches, cybersecurity risks and data governance are no longer issues only for large organisations. At a time of rapidly increasing AI use, these risks are becoming more complex and more frequent. Regardless of size, SMEs are expected to manage data compliance while confidently embracing the opportunities that digitalisation and AI can offer.

On 19 November 2025, the European Commission launched its “Digital Omnibus”, a legislative proposal that seeks to partially de-regulate the EU’s digital rulebook. One key law set to be revised is the General Data Protection Regulation (GDPR), the EU’s landmark data protection framework.

While the proposed changes have been welcomed by industry voices in Europe, vocal opposition has been expressed by privacy activists, meaning that the Commission’s package is set to be heavily contested in the upcoming legislative negotiations.