Issue 47 — Latest in privacy & security

In Today's Edition

• New AI law moratorium aimed at preventing deep fakes approved in Senate
• The U.S. cybersecurity leaders warn of critical data infrastructure exposure
• AI becomes essential in cybersecurity, but beware of AI hallucinations
• Latest jobs in privacy & security
• Next privacy & security events, conferences, and webinars

Latest in AI, Privacy and Security

• Federal lawmakers are escalating efforts to preempt state-level AI regulation. A new provision, led by Sen. Ted Cruz (R-TX), would block states from receiving federal broadband funds if they enforce their own AI laws. The Senate Parliamentarian has approved the measure for inclusion in the upcoming budget vote — a key procedural win that bypasses filibuster rules. But the provision is facing bipartisan resistance, with several Republicans warning it could undermine broadband access and state autonomy. The move highlights a growing federal strategy: shape AI governance not through new regulation, but by restricting funding to limit state interference.
  Read more
• Top U.S. cybersecurity leaders — including former NSA and FBI directors — warned that critical infrastructure remains dangerously exposed due to basic security failures, despite escalating threats from foreign adversaries. At a July 24 panel in New York, experts stressed that outdated defenses, like missing firewalls and poor patching, leave essential services such as power grids and water systems vulnerable. While policymakers focus on advanced technologies like AI, many infrastructure providers still lack foundational protections. The panel urged stronger authentication standards, broader public-private threat sharing, and faster action, especially among smaller utilities and third-party providers.
  Read more
• AI is becoming essential in cybersecurity, particularly in financial services, where it accelerates threat detection and triage. But experts warn of a growing risk: AI hallucinations — when a model confidently outputs incorrect conclusions without recognizing its error. In security ops, this can lead to mislabeling threats, flawed remediation, or poor prioritization. Common failure points include code generation, detection logic, and automated threat validation. The solution? Keep humans in the loop. Experts recommend validating AI outputs, educating analysts to spot “off” results, reducing background noise, and refining interfaces to guide attention. AI can be a powerful ally — but only with oversight.
  Read more

  Regulations / Fines

• On July 23, the White House released America’s AI Action Plan, a sweeping federal strategy to secure U.S. leadership in AI across three pillars: accelerating innovation, building AI infrastructure, and leading in international AI diplomacy and security. The plan calls for deregulation, promotion of open-source models, workforce upskilling, grid modernization, and domestic semiconductor revitalization. It emphasizes removing ideological bias, enhancing cybersecurity, and enabling responsible government AI adoption. Internationally, it outlines AI export controls, countering authoritarian influence, and national security risk evaluations. Implementation will depend on action from federal agencies and continued industry engagement.
  Read more

Feature Focus

The TerraTrue Data Catalog strengthens privacy and security programs by delivering four key benefits:

• Centralizing data knowledge to reduce ambiguity and manual back-and-forth
• Accelerating collaboration by giving legal, security, and engineering teams a shared, real-time view of how data is collected and used
• Unifying context across systems, so privacy reviews are more informed, consistent, and faster
• Mapping sensitive data to business purpose and legal basis—empowering organizations to stay compliant without slowing down innovation.
• Read More

Built directly into the privacy workflow, the Data Catalog turns what was once a static spreadsheet into a dynamic, cross-functional source of truth.

Jobs Corner

• Jobright: Data and AI Governance Associate
• NextEra Energy: AI Governance - Strategic Project Consultant
• Jane Street: Regulatory Risk Management
• Sia: Cybersecurity Consultant
• Catamount Constructions: Cybersecurity & IT Project Coordinator

Upcoming Events

• True Cybersecurity Summit | October 9 | Online
• Innovate Cybersecurity Summit | October 5-7th | Scottsdale, AZ
• IAPP Privacy. Security. Risk. 2025 Conference | 30-31 October | San Diego

Trust meme of the day

Struggling to manage RoPAs without slowing down launches?

See how TerraTrue makes Records of Processing Activities (RoPAs) fast, accurate, and actually useful — without the spreadsheet chaos.

Watch how it works