TechRadar News

The European Accessibility Act (EAA) took effect on June 28, 2025, introducing new legal requirements for digital accessibility across the European Union (EU).

A 2024 WebAIM study found that 97% of the world’s leading websites do not currently meet compliance standards. The EAA applies to companies providing digital products and services in the EU, regardless of where they are based. This means businesses in the US, Asia and elsewhere will also need to ensure compliance.

Many companies are unprepared because accessibility is not seen as a priority. According to a recent Storyblok report, 18.5% of surveyed companies were completely unaware of the EAA, and 16% had not yet started making necessary changes. Even among those that have knowledge of the EAA, only a quarter feel fully prepared.

A lack of resources, technical complexity and low awareness at the leadership level contribute to the slow pace of progress. Accessibility is also often treated as a compliance issue rather than an integral part of digital strategy, which leads to delays in implementation.

Failure to comply

Failing to comply with the EAA comes with financial and operational risks. Fines range from €5,000 to €20,000 per violation, with additional penalties for ongoing non-compliance. Businesses that do not meet the requirements may also face reputational damage, loss of customers and restrictions on selling products or services in the EU.

Putting aside the legal implications, it’s worth remembering that accessibility affects a significant portion of the population, with more than 135 million people in the EU living with some form of disability. Companies that do not address accessibility risk excluding a substantial number of potential customers.

Businesses do not need to overhaul their entire IT infrastructure overnight, but they do need to start making changes. Conducting an accessibility audit is a good first step. Websites and digital products should be tested against Web Content Accessibility Guidelines (WCAG) 2.2 standards.

While automated tools like Lighthouse and Axe can help flag common issues, manual testing is also necessary. Involving users who rely on assistive technologies provides valuable insight into usability challenges.

Improving accessibility

A headless content management system (CMS) can also make accessibility improvements easier. Separating content from design allows businesses to implement accessibility features consistently across different platforms without needing to redo everything from scratch. Companies should also prioritize smaller, manageable updates such as adding alternative text to images, improving color contrast and ensuring keyboard navigation works correctly while planning more extensive updates in the long term.

Employee training is critical. Accessibility needs to be embedded into company culture and everyday business processes. Regular training ensures that developers, designers and content creators understand best practices and apply them in their work. Compliance teams should also keep up with regulatory updates, as accessibility requirements will continue to develop.

Beyond compliance

Beyond compliance, accessibility offers a business advantage. Research from Storyblok shows that 69% of companies recognize accessibility as a way to improve customer experience and engagement. Digital products designed with accessibility in mind tend to be more user-friendly for everyone, not just those with disabilities. Investing in accessibility now can also prepare businesses for future technological developments, such as voice search and AI-driven user interfaces, which will benefit from inclusive design.

A common misconception is that improving accessibility means starting from scratch. In reality, small changes can have a big impact. Adding captions to videos, ensuring text descriptions for all non-text content and enabling text resizing without loss of functionality are straightforward but effective adjustments. Keyboard accessibility is another critical aspect, as many users rely on keyboards or alternative input devices to navigate digital interfaces.

Businesses that prioritize accessibility often see direct commercial gains. For example, retailers that optimize their websites for accessibility have reported increased conversions, as customers with disabilities, often an underserved market, find it easier to complete transactions. Financial institutions that improve accessibility features in online banking have seen an increase in customer retention and trust. The demand for inclusive digital experiences is growing and organizations that act now can establish themselves as leaders in this space.

Increasing scrutiny

Regulatory bodies are also increasing scrutiny on compliance. In some countries, lawsuits related to web accessibility have surged, with high-profile cases leading to costly settlements. Large companies have faced legal action for failing to provide accessible digital experiences and these cases are expected to become more common as awareness grows. For multinational businesses, aligning with accessibility standards is not just about meeting the minimum EU requirements but also establishing best practices that will serve them globally.

There is no time to waste. The transition period before enforcement is running out and businesses that wait until the last-minute risk rushed implementations that may still fall short of compliance. Accessibility should be viewed as an ongoing process rather than a one-time fix. Regular audits, user testing and engagement with accessibility experts can help companies stay on track and adapt to future regulations.

Technology also continues to develop and businesses that embed web accessibility into their digital strategies will be better positioned for emerging innovations. AI-driven accessibility tools, voice interfaces and adaptive design techniques are transforming how users interact with digital content. Organizations that invest in accessibility now will be better prepared for these shifts making digital services easier to use across a wider range of users and devices.

Investing in accessibility

Organizations that take a structured approach - starting with audits, implementing incremental improvements and investing in accessibility training will be in a stronger position to comply with regulations and serve a wider audience.

Accessibility should be treated like any other core compliance risk: it needs clear ownership, regular reporting, and cross-functional collaboration. Working closely with developers, designers, and legal teams will help surface issues early and prevent gaps in future projects. Waiting until next year is likely to mean rushed fixes and greater exposure. Building the right internal processes now will reduce that risk and make ongoing compliance more manageable.

Compliance professionals must act decisively. The EAA is a fundamental shift in how digital services must be designed and delivered. Failing to act in time could expose organizations to legal scrutiny, increased litigation risks and potential exclusion from key markets. Regulators will not view accessibility failures as minor oversights but as breaches of consumer rights.

Key Takeaways

Compliance teams should take a proactive approach, conducting thorough risk assessments to identify where their digital services fall short. Establishing internal policies and governance frameworks will be critical, ensuring accessibility is embedded into all future development work. Training employees, integrating accessibility checks into procurement processes and working closely with IT and legal teams will help organizations maintain compliance beyond the 2025 deadline.

Meeting accessibility standards requires sustained effort. Ongoing updates, oversight and accountability are essential to remain compliant over time. Businesses that prioritize it now will meet regulatory demands but, more importantly, position themselves as leaders in ethical and responsible digital practices.

Key Takeaways:

1.Businesses operating in the EU must comply, regardless of where they are based.

2.A lack of awareness, technical challenges, and limited resources are common barriers.

3.Non-compliance carries financial penalties and reputational risks. It can also limit market access within the EU.

4.Practical steps, such as accessibility audits, CMS updates and staff training, can help businesses meet requirements.

5.Improving accessibility benefits all users and makes digital platforms more user-friendly. It is a long-term investment, not just a compliance issue.

We list the best web design software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro

Security operations are under pressure from all sides. Threats are faster, attack surfaces are expanding, and demands on people and tools continue to grow. At the center of it all, one constant holds: Security Information and Event Management (SIEM) remains a cornerstone of the modern SOC. According to a recent 2025 Security Operations Insights Report, nine in ten security and IT leaders still consider SIEM essential to safeguarding their organizations.

This underscores a core truth: SIEM isn’t outdated. It’s indispensable. But like any critical system, it must adapt to meet today’s realities and tomorrow’s risks.

The future of SIEM isn’t about ripping and replacing the industry itself. It’s about reimagining how it can better serve security teams, moving from static log aggregation and reactive alerts to intelligent automation, real-time insight, and proactive defense. The shift is already underway with AI as the catalyst. It’s changing not only what SIEM platforms can do, but how teams interact with them day to day.

The limitations of traditional SIEM

SIEM emerged in response to the industry demand for centralized visibility and log correlation across digital environments, enabling teams to sift through overwhelming event data and generate alerts in early-generation SOCs. And while first-generation SIEM delivered many improvements to SecOps, it has long struggled with more sophisticated capabilities like real-time analysis and alert accuracy.

Over time, these shortcomings have intensified. Security teams receive thousands of alerts per day across countless services, and nearly half of those alerts remain uninvestigated due to their volume and talent scarcity. Workflows are fragmented, triage is time-consuming, and teams are forced to manually gather context across disparate tools.

These daily pressures are contributing to widespread burnout and fatigue across the cybersecurity workforce, costing U.S. enterprises over $600 million in lost productivity each year. The result is slower detection, delayed response, and greater risk exposure.

This points to a growing disconnect between what SIEM delivers and what organizations need. While the core concept behind SIEM remains essential, most tools today fall short of delivering the speed, scalability and intelligence required to defend today’s digital environments. The Security Operations Insights Report also found that, of the security and IT leaders that view SIEM as relevant, three-fourths are actively considering alternatives.

The case for Intelligent SecOps

The growing strain on security teams has made one thing clear: SIEM platforms have an opportunity to evolve into a service that realistically supports the needs and environments that teams work in today. Intelligent SecOps represents this shift: a model where the core principles of SIEM are preserved, but transformed through AI, automation and cloud-native scale.

According to the same survey, 90% of security leaders see AI as an extremely or very important factor in their decision to adopt a new security solution. These leaders are looking for tools that not only collect data, but help them act on it – faster, smarter, and with greater context.

1. Smarter Triage: Less Noise, More Signal

AI models help reduce false positives by continuously learning from threat intelligence, analyst feedback and environmental patterns. By enriching and prioritizing alerts, these systems elevate the most actionable signals, helping teams focus on the threats that truly matter.

2. Automated Investigations and Contextual Enrichment

Modern SIEM platforms powered by AI offer more than detection. Rather, they automate early-stage investigations by enriching alerts with context, mapping related events and visualizing likely attack paths. Assistive tools like AI copilots can surface key insights instantly, reducing manual work and accelerating decision-making.

3. Proactive Threat Detection with Behavioral Analytics

AI tools enable behavior-based detection that goes beyond static rules or known indicators. By identifying deviations from normal patterns across users, endpoints and applications, these systems surface stealthy or evolving threats. Integrated frameworks like MITRE ATT&CK help contextualize behaviors and link them to known adversary tactics.

4. Accelerated Response Through Automation

With enriched alerts and intelligent correlation, teams can move faster from detection to containment. AI-powered workflows and playbooks enable automated responses, such as isolating hosts or disabling credentials, reducing the window of exposure and freeing analysts to focus on strategic analysis.

5. Cross-Environment Correlation and Real-Time Normalization

As digital environments stretch across cloud, on-prem and SaaS, AI helps normalize and correlate telemetry in real-time, surfacing threats that span infrastructure boundaries. This eliminates blind spots and supports unified investigation across an increasingly complex attack surface.

SIEM as a strategic partner

As threats grow more dynamic and resources remain constrained, the tools security teams rely on must become more than just dashboards. They must become intelligent partners. The evolution toward Intelligent SecOps is not just a technology upgrade. It’s a shift in how teams work, how they scale and how they think about risk. It reflects a broader change in mindset, away from reactive firefighting and toward resilient, intelligence-led operations.

The SOCs of tomorrow will not be defined by how many alerts they generate, but by how intelligently and efficiently they respond. AI-powered SIEM is at the heart of that move towards Intelligent SecOps, bringing clarity to chaos and action to insight.

We've listed the best Robotic Process Automation (RPA) software.

This article was produced as part of TechRadarPro's Expert Insights channel where we feature the best and brightest minds in the technology industry today. The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/news/submit-your-story-to-techradar-pro