Compliance

Understanding CISA's proposed cyber incident reporting rules

CISA’s massive rulemaking will create the first US cyber incident and ransomware payment reporting mechanism that promises to radically overhaul the workloads of most cybersecurity professionals.

By Cynthia Brumfield

Apr 17, 202410 mins

RegulationRansomwareCyberattacks

By Michael Nadeau

Apr 04, 202421 mins

ComplianceData and Information SecurityPrivacy

How the EU AI Act regulates artificial intelligence: What it means for cybersecurity

By Andrada Fiscutean

Dec 13, 202312 mins

RegulationGenerative AICompliance

The SEC action against SolarWinds highlights how tough it can get for CISOs

By Susan Bradley

Dec 12, 20236 mins

CSO and CISORegulationCyberattacks

Articles

Accenture takes an industrialized approach to safeguarding its cloud controls

Security was once a hindrance for Accenture developers. But since centralizing the company's compliance controls, the process has never been simpler.

By Aimee Chanthadavong

Dec 11, 2023 8 mins

Application SecurityCloud SecurityCompliance

How a digital design firm navigated its SOC 2 audit

L+R's pursuit of SOC 2 certification was complicated by hardware inadequacies and its early adoption of AI, but a successful audit has provided security and business benefits.

By Alex Levin

Nov 28, 2023 11 mins

CertificationsCompliance

Rise of the cyber CPA: What it means for CISOs

New accountant certification rules starting January 2024 could deliver many new cybersecurity-trained accountants. Is this good or bad news for CISOs?

By Evan Schuman

Nov 27, 2023 7 mins

CSO and CISOCompliance

Ransomware gang files SEC complaint against company that refused to negotiate

New US Securities and Exchange Commission rules require reporting of breaches that are material, giving cyber extortionists a new tactic to coerce payments.

By Lucian Constantin

Nov 17, 2023 4 mins

RansomwareComplianceCybercrime

How US SEC legal actions put CISOs at risk and what to do about it

CISOs could find themselves in a painful Catch-22 situation when the US Securities and Exchange Commission’s new cybersecurity rules are enacted in December.

By Evan Schuman

Nov 16, 2023 8 mins

CSO and CISOComplianceRisk Management

Generative AI could erode customer trust, half of business leaders say

Businesses leaders admit their company needs to improve security and compliance measures as demands of customers, investors, and suppliers increase.

By Michael Hill

Nov 08, 2023 4 mins

CSO and CISOGenerative AICompliance

US launches “Shields Ready” campaign to secure critical infrastructure

Shields Ready initiative outlines strategies for preparing critical infrastructure organizations for potential disruption and building more resilience into systems, facilities, and processes.

By Michael Hill

Nov 08, 2023 3 mins

GovernmentComplianceCritical Infrastructure

AuditBoard adds new AI and analytics capabilities for compliance and risk ma

With the new AI algorithms, organizations will be able to streamline audit workflows and automate various risk management and compliance programs.

By Shweta Sharma

Oct 18, 2023 3 mins

Generative AIComplianceRisk Management

Vanta bakes generative AI into core security and compliance product

New generative AI capabilities are coming to security and compliance vendor Vanta’s main platform, adding a layer of automation to compliance tasks.

By Jon Gold

Oct 10, 2023 3 mins

Generative AIComplianceRisk Management

Cybersecurity experts raise concerns over EU Cyber Resilience Act’s vulnerability disclosure requirements

Open letter claims current provisions will create new threats that undermine the security of digital products and individuals.

By Michael Hill

Oct 03, 2023 4 mins

RegulationComplianceVulnerabilities

Online Safety Bill passes final parliament debate, set to become UK law

Despite widespread criticism and scrutiny, the UK government is within touching distance of delivering its controversial new internet safety rules.

By Michael Hill

Sep 20, 2023 3 mins

EncryptionCompliancePrivacy

Verizon's $4 million settlement with the US DOJ signals stepped-up action by the Justice Department's Civil Cyber-Fraud initiative.

By Cynthia Brumfield

Sep 18, 2023 7 mins

RegulationComplianceSecurity Practices

View all

Explore a topic

Show me more

Fake Pegasus spyware source code floods dark web

By Gyana Swain

May 23, 20244 mins

Hacker GroupsMalware

Critical flaw found in Fluent Bit cloud services monitoring component

By John Leyden

May 23, 20244 mins

Cloud SecurityVulnerabilities

Hijack of monitoring devices highlights cyber threat to solar power infrastructure

By Cynthia Brumfield

May 23, 20249 mins

Energy IndustryUtilities IndustryCritical Infrastructure

CSO Executive Sessions India with Pradipta Kumar Patro, Global CISO and Head IT Platform, KEC International

May 22, 202426 mins

CSO and CISO

CSO Executive Sessions: The personality of cybersecurity leaders

Apr 29, 202419 mins

CSO and CISO

CSO Executive Sessions: Geopolitical tensions in the South China Sea – why the private sector should care

Apr 02, 202416 mins

CSO and CISO

CSO Executive Sessions India with Pradipta Kumar Patro, Global CISO and Head IT Platform, KEC International

May 22, 202426 mins

CSO and CISO

CSO Executive Sessions: The personality of cybersecurity leaders

Apr 29, 202419 mins

CSO and CISO

CSO Executive Sessions: Geopolitical tensions in the South China Sea – why the private sector should care

Apr 01, 202416 mins

CSO and CISO

Understanding CISA's proposed cyber incident reporting rules

General Data Protection Regulation (GDPR): What you need to know to stay compliant

Why governance, risk, and compliance must be integrated with cybersecurity

BigID adds access governance targeted at sensitive data and privileges

Cyber Trust Mark concept gains momentum with smart device and IoT manufacturers

US DOD's CMMC 2.0 rules lift burdens on MSPs, manufacturers

New risk management framework helps with SEC mandate compliance

How the EU AI Act regulates artificial intelligence: What it means for cybersecurity

The SEC action against SolarWinds highlights how tough it can get for CISOs

Articles

Accenture takes an industrialized approach to safeguarding its cloud controls

How a digital design firm navigated its SOC 2 audit

Rise of the cyber CPA: What it means for CISOs

Ransomware gang files SEC complaint against company that refused to negotiate

How US SEC legal actions put CISOs at risk and what to do about it

Generative AI could erode customer trust, half of business leaders say

US launches “Shields Ready” campaign to secure critical infrastructure

AuditBoard adds new AI and analytics capabilities for compliance and risk ma

Vanta bakes generative AI into core security and compliance product

Cybersecurity experts raise concerns over EU Cyber Resilience Act’s vulnerability disclosure requirements

Online Safety Bill passes final parliament debate, set to become UK law

Cyber-related False Claims actions are on the uptick

Resources

Delivering High-Quality Financial Services Applications at Scale

Banking and financial trends. Keys to producing high-quality financial apps—fast.

AI governance: a provider’s guide

Video on demand

Aligning security, compliance and privacy across inventory tracking

Explore a topic

Show me more

Fake Pegasus spyware source code floods dark web

Critical flaw found in Fluent Bit cloud services monitoring component

Hijack of monitoring devices highlights cyber threat to solar power infrastructure

CSO Executive Sessions India with Pradipta Kumar Patro, Global CISO and Head IT Platform, KEC International

CSO Executive Sessions: The personality of cybersecurity leaders

CSO Executive Sessions: Geopolitical tensions in the South China Sea – why the private sector should care

CSO Executive Sessions India with Pradipta Kumar Patro, Global CISO and Head IT Platform, KEC International

CSO Executive Sessions: The personality of cybersecurity leaders

CSO Executive Sessions: Geopolitical tensions in the South China Sea – why the private sector should care