FEATURE
It requires regulated financial entities and their technology partners, such as data centres, to demonstrate their ability to withstand ICT disruption and report major incidents swiftly.
This points to a broader direction of travel. By 2030, international standards are likely to provide the backbone for simpler cross-border compliance without unnecessary duplication.
ISO standards provide recognized benchmarks for security, continuity and sustainability. They establish a unified control framework that spans multiple regimes through a single, coherent set of control.
In practice, certifications such as ISO / IEC 27001 and ISO / IEC 27701 are frequently requested and often mapped to NIS2 and DORA requirements in the EU and EEA. Meanwhile, NIST’ s updated Cybersecurity Framework reinforces this consistency, giving stakeholders a shared model for risk management as digital operations scale across borders.
For data centres, these frameworks chart a clearer path to evidencing resilience and sustainability at a time when AI, increasing power density and new cooling methods are reshaping operations.
Ultimately, ISO and NIST provide common ground for aligning national rules, supporting the global spread of AI and cloud while keeping within diverse legal boundaries.
Yet, while international convergence is growing, the reality on the ground remains fragmented. GDPR continues to set the baseline across Europe; however, member states often add stricter national provisions, creating complexity for organizations hosting data across borders.
Outside Europe, China’ s Personal Information Protection Law governs outbound transfers through security assessments, standard contracts or certification. The 2024 Cyberspace Administration of China rules exempted some data exports yet maintained strict control for‘ important data’, extending data export security assessment validity to three years.
Japan’ s Act on the Protection of Personal Information allows transfers of data to designated countries or with consent and adequate safeguards. Vietnam’ s Cybersecurity www. intelligentcio. com
INTELLIGENT CIO NORTH AMERICA
37