The DevSecOps Talks Podcast #87 - EU Compliance 101: AI Act, DORA, NIS2 explained
Dec 8, 2025
Dive into the essentials of EU compliance as the hosts dissect the AI Act, DORA, and NIS2 regulations. Discover how these rules impact both EU and non-EU companies, emphasizing the importance of understanding legal jargon for engineers. Learn about risk-based classifications in AI and the consequences of noncompliance, including hefty fines. The podcast outlines critical timelines for incident reporting and the mandatory obligations under NIS2. Prepare for a future episode that promises practical compliance steps and deeper insights into upcoming regulations!
AI Snips
Chapters
Transcript
Episode notes
Regulations Are Multiplying — Scope Matters
- EU is introducing multiple overlapping tech regulations that engineers must understand to avoid surprises.
- Paulina warns that not every regulation applies to every company, so scope matters.
Verify Applicability Before Acting
- When management names a regulation, check applicability before doing work.
- Avoid unnecessary effort by confirming whether the regulation applies to your product or sector.
Live Translation Blocked In EU Example
- Matthias used the Apple translation feature example to show extra-territorial effects.
- He pointed out features can be unavailable in the EU due to local regulation decisions.