On 14 January 2025, the California Privacy Protection Agency (CPPA) closes the public consultation on proposed regulations on California Consumer Privacy Act (CCPA) updates, cybersecurity audits, risk assessments, automated decision-making technology (ADMT), and insurance companies. The CPPA will assess the comments received to finalise the regulatory text. Businesses meeting defined thresholds will be mandated to conduct annual cybersecurity audits, including evaluations of encryption, multifactor authentication, and vulnerability management protocols.
Original source