Tag: compliance
-
6 key takeaways from RSA Conference 2026
Tags: ai, api, attack, ceo, cio, ciso, compliance, conference, control, cyber, cybersecurity, data, framework, google, governance, government, identity, infrastructure, injection, intelligence, jobs, LLM, office, RedTeam, regulation, risk, saas, service, technology, threat, tool, trainingSecuring the AI stack: Yes, but the threat surface has grown: The first technical priority I offered for CISOs in my conference preview was securing the AI stack, RAG workflows, LLM data pipelines, vector databases, and model APIs, on the basis that prompt injection, training data poisoning, and model inversion attacks were no longer theoretical.The…
-
Von formaler Compliance zu echter Cybersicherheit im Finanzsektor
Warum DORA auch eine Architekturfrage ist und was das für Banken und Versicherungen bedeutet. Die Anforderungen an die digitale Widerstandsfähigkeit von Banken und Versicherungen steigen. Mit dem Digital Operational Resilience Act (DORA) hat die Europäische Union einen verbindlichen Rahmen geschaffen, um IT-Risiken, Cyberangriffe und Abhängigkeiten von Drittdienstleistern zu adressieren. Doch regulatorische Konformität schafft… First…
-
How can you be certain your AI is compliant?
How Does Non-Human Identity Management Enhance AI Compliance? When it comes to ensuring compliance in artificial intelligence systems, how do organizations manage the thousands of machine interactions that occur daily? This question is at the heart of discussions around AI compliance and underscores the importance of non-human identity (NHI) management. With the rise of AI……
-
Kernel Observability for Data Movement
Kernel-level visibility reveals hidden data movement in breaches, exposing gaps in modern security tools and improving detection, compliance, and system behavior tracking. First seen on hackread.com Jump to article: hackread.com/kernel-observability-for-data-movement/
-
Popular AI gateway startup LiteLLM ditches controversial startup Delve
LiteLLM had obtained two security compliance certifications via Delve and fell victim to some horrific credential-stealing malware last week. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/30/popular-ai-gateway-startup-litellm-ditches-controversial-startup-delve/
-
New CCPA Rules Turn Your Privacy Policy into a Liability
California’s revised CCPA rules took effect on January 1, 2026, and they expose a gap that most compliance teams have been ignoring. After you’ve updated… First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/new-ccpa-rules-turn-your-privacy-policy-into-a-liability/
-
Why Kubernetes controllers are the perfect backdoor
Tags: access, api, automation, backdoor, compliance, container, control, kubernetes, malicious, mitre, service, threatFigure 1: Anatomy of a controller-based attack. The malicious webhook intercepts legitimate pod creation requests and injects a backdoor sidecar before the object is persisted to etcd. Niranjan Kumar Sharma As illustrated in Figure 1, this webhook acts as a controller. Every time a legitimate pod is created (e.g., a payment service), the API server sends…
-
Datensouveränität Jedes dritte Unternehmen war 2025 von einem Vorfall betroffen
Unternehmen geben Millionen für ihre Datensouveränitätsbemühungen aus und doch klafft eine Souveränitätslücke. Der aktuelle »2026 Data Security and Compliance Risk: Data Sovereignty Report« von Kiteworks deckt eine auffällige Diskrepanz auf dem Weg zur Datensouveränität auf [1]. Die Umfrage zeigt, dass Unternehmen die Vorschriften zur Datensouveränität zwar besser denn je kennen, jedoch auch jedes dritte… First…
-
Die Einhaltung von NIS2 wird nicht an der Technik scheitern, sondern an den Menschen
NIS2 erhöht die Erwartungen an die Cybersicherheit in ganz Europa und stellt das menschliche Verhalten in den Mittelpunkt der Compliance Experten für Human Risk Management fordern Unternehmen auf ihre Belegschaft auf NIS2 vorbereiten. NIS2 hat die Messlatte für die Cybersicherheit in ganz Europa höher gelegt, und das aus gutem Grund. Die Bedrohungen sind hartnäckiger,… First…
-
Can NHIs relieve compliance burdens?
How Can Non-Human Identities Ease the Pressure of Compliance? Have you ever wondered how organizations can ensure robust cybersecurity while reducing compliance headaches? The answer lies in managing Non-Human Identities (NHIs), which present a strategic avenue to bolster security and streamline compliance processes across various sectors. Understanding the Role of NHIs in Cybersecurity Non-Human Identities……
-
70 Prozent der Unternehmen genehmigen KI-Projekte trotz Sicherheitsbedenken
Jeder sechste Entscheider in Deutschland stuft Besorgnis als »extrem« ein und wurde dennoch zugunsten von Wettbewerbsdruck und internen Forderungen übergangen. TrendAI, ein Geschäftsbereich von Trend Micro und Anbieter von KI-Sicherheit, veröffentlicht neue Forschungsergebnisse, die zeigen, dass Unternehmen weltweit den Einsatz von künstlicher Intelligenz vorantreiben, obwohl bekannte Sicherheits- und Compliance-Risiken bestehen [1]. Eine neue… First seen…
-
8 steps CISOs can take to empower their teams
Once when we were rolling out a well-known EDR tool, I knew the settings weren’t tight enough, nor were the received updates applied fast enough. So I asked two people to own this, come up with suggestions for tightening the screws, and guarantee a successful rollout on multiple OSes in parallel. The phased approach took…
-
How are NHIs supported in regulatory compliance?
Can Effective Non-Human Identity Management Elevate Your Compliance Strategy? The management of Non-Human Identities (NHIs) has become a crucial aspect of regulatory compliance. NHIs, often referred to as machine identities, play an integral role in securing digital infrastructures. They are composed of an encrypted password, token, or key (the “Secret”) and the permissions granted by……
-
What the UK Cyber Security Resilience Bill Means for Security Practitioners
Tags: cloud, compliance, cyber, data, detection, finance, framework, incident response, msp, network, nis-2, regulation, resilience, risk, saas, service, supply-chainThe UK Cyber Security & Resilience Bill is progressing through Parliament Royal Assent expected later in 2026. The UK’s Cyber Security and Resilience Bill is working its way through Parliament, and if you haven’t started paying serious attention yet, now is the time. Introduced to the House of Commons in November 2025, the Bill represents…
-
Delve did the security compliance on LiteLLM, an AI project hit by malware
LiteLLM offers an AI open source project used by millions that was infected by credential harvesting malware. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/25/delve-did-the-security-compliance-on-litellm-an-ai-project-hit-by-malware/
-
Den Fortschritt im Blick, Cyberangreifer im Windschatten: Wie Unternehmen Governance, Risk & Compliance (GRC) mit KI harmonisieren
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/governance-risk-compliance-grc-ki
-
6 key trends reshaping the IAM market
Tags: access, ai, attack, authentication, ciso, compliance, corporate, cyber, cybersecurity, data, dora, finance, framework, governance, government, Hardware, iam, identity, mfa, mobile, network, nis-2, passkey, password, PCI, phone, regulation, saas, service, startup, strategy, technologyPasswordless authentication on the rise: Passwords have long been the weakest link in most security architectures.Many mobile phones and laptops already use biometrics for authentication, and the user experience is typically far better than typing a long and complex password into an interface.The growing uptake of passwordless authentication (FIDO2/passkeys, biometrics) is redefining the scope of…
-
6 key trends reshaping the IAM market
Tags: access, ai, attack, authentication, ciso, compliance, corporate, cyber, cybersecurity, data, dora, finance, framework, governance, government, Hardware, iam, identity, mfa, mobile, network, nis-2, passkey, password, PCI, phone, regulation, saas, service, startup, strategy, technologyPasswordless authentication on the rise: Passwords have long been the weakest link in most security architectures.Many mobile phones and laptops already use biometrics for authentication, and the user experience is typically far better than typing a long and complex password into an interface.The growing uptake of passwordless authentication (FIDO2/passkeys, biometrics) is redefining the scope of…
-
6 key trends reshaping the IAM market
Tags: access, ai, attack, authentication, ciso, compliance, corporate, cyber, cybersecurity, data, dora, finance, framework, governance, government, Hardware, iam, identity, mfa, mobile, network, nis-2, passkey, password, PCI, phone, regulation, saas, service, startup, strategy, technologyPasswordless authentication on the rise: Passwords have long been the weakest link in most security architectures.Many mobile phones and laptops already use biometrics for authentication, and the user experience is typically far better than typing a long and complex password into an interface.The growing uptake of passwordless authentication (FIDO2/passkeys, biometrics) is redefining the scope of…
-
6 key trends reshaping the IAM market
Tags: access, ai, attack, authentication, ciso, compliance, corporate, cyber, cybersecurity, data, dora, finance, framework, governance, government, Hardware, iam, identity, mfa, mobile, network, nis-2, passkey, password, PCI, phone, regulation, saas, service, startup, strategy, technologyPasswordless authentication on the rise: Passwords have long been the weakest link in most security architectures.Many mobile phones and laptops already use biometrics for authentication, and the user experience is typically far better than typing a long and complex password into an interface.The growing uptake of passwordless authentication (FIDO2/passkeys, biometrics) is redefining the scope of…
-
Hyperproof Launches AI Guided Experiences for Compliance Operations at RSAC 2026
Hyperproof announced AI Guided Experiences at RSA Conference 2026, its latest push to use AI to reduce the manual effort at the core of compliance operations. The new capabilities move beyond search and summarization, which the company introduced in September 2025, into workflow execution inside the Hyperproof platform. AI Guided Experiences combine intelligent agents with..…
-
EU AI Act Compliance Guide for CISOs GRC Leaders – Kovrr
Articles related to cyber risk quantification, cyber risk management, and cyber resilience. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/eu-ai-act-compliance-guide-for-cisos-grc-leaders-kovrr/
-
News: AI-native Security Assurance leads the GRC Transformation
Enterprise CISOs are being asked to do more than ever. Their role is now two-fold: protector of the business and enabler of its growth. They need to reduce risk across a vast and changing digital environment, protect the business, satisfy customers, and meet compliance requirements. What’s more, they want to showcase the positive impacts of…The…
-
Insight Partners scrubs investment post about Delve amid ‘fake compliance’ allegations
After a whistleblower alleged that the startup fabricated audit evidence, its prominent Series A investor removed an article detailing why it led the deal. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/23/insight-partners-scrubs-investment-post-amid-fake-compliance-allegations/
-
Insight Partners scrubs Delve investment post amid ‘fake compliance’ allegations
After a whistleblower alleged that the startup fabricated audit evidence, its prominent Series A investor removed an article detailing why it led the deal. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/23/delve-halts-demos-insight-partners-scrubs-investment-post-amid-fake-compliance-allegations/
-
Delve halts demos, Insight Partners scrubs investment post amid ‘fake compliance’ allegations
After a whistleblower alleged that the startup fabricated audit evidence, its prominent Series A investor removed an article detailing why it led the deal. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/23/delve-halts-demos-insight-partners-scrubs-investment-post-amid-fake-compliance-allegations/
-
Tonic Textual + Haystack: Privacy-safe data for RAG pipelines
Tonic Textual integrates with Haystack to enable PII-safe document processing for RAG pipelines, improving compliance, retrieval quality, and safe use of unstructured data. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/tonic-textual-haystack-privacy-safe-data-for-rag-pipelines/
-
What “Most Innovative Breach Readiness Solution” Actually Means
A transmission from the team”¦ Guys, the AttackersAre Already Inside.Are You Ready? Breach readiness is not a posture you claim. It is an architecture you prove, measured in seconds, not compliance checkboxes. In an era defined by digital acceleration and AI-enabled innovation, simply aiming for prevention is no longer sufficient. Enterprises must embrace a new……
-
Irish government launches CNI resilience plan
Ireland’s National Strategy on the Resilience of Critical Entities sets out a pathway to improved cyber resilience for the nation’s critical infrastructure, and establishes compliance with an EU directive First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366640673/Irish-government-launches-CNI-resilience-plan