Thoughtlab’s benchmark study of 1,200 diverse large organizations in 16 countries found that while more than $125.2 billion annually has been spent to shore up this area, the rapidly evolving threat landscape has many companies at significant risk. Weak links are: complexity of supply chain (44%), rapid digital innovation (41%), and inadequate budget plus lack of executive support (28% each).

The EU this week proposed legislation to mandate tech companies aggressively screen for and remove child sexual abuse material (CSAM). However, while that should be welcome news to child privacy advocates, the breadth and scope of what’s proposed had a chilling effect. Concerns are that it would impose extreme obligations on chat and other communication services, including WhatsApp, Signal and Facebook Messenger to broadly scan user messages looking for CSAM or solicitation of children via AI systems. But, privacy advocates feel the general nature of such detection orders that would be issued by individual EU nations, could leave the door open to more generalized surveillance.