Research roadmap

What's coming

Preview upcoming research themes, coverage expansions, and new resources so you can plan how our research fits into your operational workflows.

This roadmap reflects current priorities and adjusts quarterly based on regulatory calendars, reader feedback, and emerging technology developments.

Upcoming coverage

Research themes for the next quarter

These focus areas reflect the regulatory deadlines, technology releases, and operational challenges most relevant to security, infrastructure, and compliance leaders in the coming months.

AI governance & compliance

Expanded coverage of AI regulatory requirements as the EU AI Act enforcement phases continue and US state-level legislation takes effect.

  • EU AI Act GPAI transparency obligations
  • Colorado AI Act implementation guidance
  • Model risk management frameworks
  • AI supply chain security controls

Cybersecurity frameworks

Deep-dive coverage on framework updates and regulatory enforcement affecting security programmes across regulated industries.

  • PCI DSS 4.0 implementation milestones
  • NIST CSF 2.0 adoption guidance
  • NIS2 and DORA compliance checkpoints
  • SEC cyber disclosure requirements

Infrastructure resilience

Coverage of compute supply chain developments, data center operations, and cloud infrastructure changes that affect capacity planning.

  • GPU supply chain and procurement
  • Cloud provider resilience expansions
  • Critical infrastructure protection
  • OT/ICS security guidance

Developer platform updates

Language releases, tooling changes, and platform updates that affect development teams and their security posture.

  • Major language version migrations
  • CI/CD security controls
  • Developer productivity tooling
  • Software supply chain security
Regulatory calendar

Key compliance deadlines we're tracking

We prioritise coverage around these regulatory milestones so you have actionable guidance before enforcement dates arrive.

Near-term deadlines

  • EU AI Act GPAI obligations — Transparency and documentation requirements for general-purpose AI systems.
  • PCI DSS 4.0 final requirements — Remaining future-dated requirements become mandatory.
  • DORA enforcement — Digital Operational Resilience Act requirements for financial entities.
  • Colorado AI Act — State-level AI governance requirements for high-risk systems.

Ongoing monitoring

  • SEC cyber disclosure — Continued Form 8-K and 10-K reporting requirements.
  • NIS2 implementation — Member state transposition and enforcement.
  • US state privacy laws — Expanding state-level data protection requirements.
  • EU Data Act — Cloud switching and data portability requirements.
Resource expansion

New content types and capabilities

Beyond daily briefings, we're expanding the library with resources that help teams implement guidance faster.

Implementation guides

Step-by-step playbooks for complex compliance and security initiatives, with action checklists and control mappings.

Buyer guides

Comparison frameworks for evaluating vendors across SIEM, Zero Trust, identity, and infrastructure categories.

Coverage calendar

Month-by-month implementation timelines linking briefings to regulatory deadlines and technology releases.

Planned offerings

Services in development

Beyond research coverage, we're building services that help teams implement guidance faster and make better technology decisions.

Coming soon

Training materials

Self-paced learning modules covering framework implementation, control mapping, and compliance readiness across major regulatory requirements.

  • Framework deep-dives (NIST CSF, ISO 27001, SOC 2)
  • Compliance readiness assessments
  • Control implementation workshops
  • Audit preparation checklists
Coming soon

Advisory consultations

One-on-one sessions with the research desk to discuss specific challenges, review security programmes, or validate technology decisions.

  • Security program reviews
  • Compliance readiness assessments
  • Technology selection guidance
  • Incident response planning
Coming soon

Implementation playbooks

Step-by-step guides for complex initiatives, with action checklists, control mappings, and evidence templates.

  • Framework adoption guides
  • Migration playbooks
  • Incident response runbooks
  • Vendor assessment templates
Coming soon

Enterprise subscriptions

Team-wide access to research, priority coverage requests, and dedicated support for organisations with complex compliance needs.

  • Multi-seat access
  • Priority coverage requests
  • Custom briefing formats
  • Quarterly strategy calls
Shape the roadmap

Request coverage or share feedback

This roadmap evolves based on reader needs. If there's a topic, framework, or regulatory development you'd like us to cover, let us know—we prioritise requests that help the most teams.

Request coverage Subscribe for updates