Tag: compliance
-
Why Traditional Zero-Trust Breaks Down with Agentic Identities
As AI agents become the new digital workforce, traditional zero-trust models fall short. Enterprises face an Access-Trust Gap that demands new runtime governance. Agentic Identity and Security Platforms (AISP) provide dynamic controls to secure autonomous agents, prevent over-permissioning, and ensure compliance in an agent-driven future. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/why-traditional-zero-trust-breaks-down-with-agentic-identities/
-
The Biggest Technology Risk to Organizations is Failing to Plan for Cybersecurity Chaos
Budget cuts at CISA highlight the urgent need for businesses to strengthen internal cybersecurity strategies. From mapping hybrid networks to embedding a security-first culture, organizations must proactively close the gap between chaos and control to stay resilient against evolving threats and compliance challenges. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/the-biggest-technology-risk-to-organizations-is-failing-to-plan-for-cybersecurity-chaos/
-
7 Anzeichen für akuten MSSP-Bedarf
Tags: best-practice, ceo, ciso, compliance, cyber, cybersecurity, data, incident, incident response, intelligence, mssp, service, soc, software, threat, tool, updateManaged Security Service Provider können das Sicherheitsniveau nachhaltig steigern.Ein Managed Security Service Provider (MSSP) bietet seinen Kunden ein umfassendes Spektrum an Sicherheits-Services. Als Drittanbieter kann ein MSSP die Arbeitsbelastung der internen IT-Teams deutlich reduzieren und Zeit freisetzen, um sich mit essenziellen Unternehmensprozessen und strategischen Überlegungen auseinanderzusetzen. Darüber hinaus kann ein MSSP unter anderem auch dazu…
-
How compliance teams can turn AI risk into opportunity
AI is moving faster than regulation, and that creates opportunities and risks for compliance teams. While governments work on new rules, businesses cannot sit back and wait. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/27/matt-hillary-drata-ai-regulatory-compliance/
-
Sicherheitslücken durch Fehlkonfigurationen vermeiden Containerisierung
Container-Technologien haben die IT-Landschaft revolutioniert, doch viele Unternehmen unterschätzen die Sicherheitsrisiken. Besonders im öffentlichen Sektor und Finanzwesen können falsche Konfigurationen zu schwerwiegenden Compliance-Verstößen führen. First seen on ap-verlag.de Jump to article: ap-verlag.de/sicherheitsluecken-durch-fehlkonfigurationen-vermeiden-containerisierung/98427/
-
TDL003 – Breaking Barriers: IPv6 Adoption and DNS Transformation with Tommy Jensen
Tags: access, ai, apple, attack, backup, banking, browser, business, ceo, chrome, ciso, compliance, computer, computing, control, country, credentials, cybersecurity, data, data-breach, ddos, dns, encryption, endpoint, google, government, group, international, Internet, jobs, law, microsoft, mobile, network, phishing, phone, privacy, programming, radius, risk, service, smishing, strategy, switch, technology, threat, update, vpn, windows, zero-trustSummary This episode of the Defender’s Log features special guest Tommy Jensen, an internet technologist specializing in IPv6, Zero Trust, and standards. Jensen’s career path, from an AppleCare contractor to a key figure in advancing internet technologies, is explored. The discussion highlights the critical importance and challenges of migrating to IPv6 and the necessity of…
-
Broadcom Extends Reach and Scope of Cybersecurity Portfolio
Tags: ai, communications, compliance, conference, cybersecurity, framework, intelligence, technology, update, vmware, zero-trustBroadcom today added a slew of cybersecurity updates, including a technology preview of an update to VMware vDefend that secures communications between artificial intelligence (AI) agents, promising to improve overall resiliency and automate compliance workflows. Announced at the VMware Explore 2025 conference, the update to vDefend introduces a zero-trust framework for AI agents. Additionally, Broadcom..…
-
Custom Controls: Beyond NIST SP 800-53
Extend Q-Compliance’s capabilities beyond its out-of-the box offerings! Custom Controls allow organizations meet compliance objectives with unique requirements, procedures and risk profiles. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/custom-controls-beyond-nist-sp-800-53/
-
Beyond GDPR security training: Turning regulation into opportunity
Discover how GDPR compliance can spark real growth and give you a competitive advantage with practical strategies and a strong security culture. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/beyond-gdpr-security-training-turning-regulation-into-opportunity/
-
NIS2 und der Mittelstand: Zwischen Pflicht und Praxis
Tags: ai, ceo, compliance, cybersecurity, cyersecurity, dora, fortinet, germany, governance, healthcare, international, network, nis-2, resilience, risk, risk-analysis, risk-management, service, software, strategy, supply-chain, zero-trustNeue EU-Vorgaben wie DORA und NIS2 setzen Unternehmen unter Zugzwang bieten aber gleichzeitig die Chance, IT-Sicherheit strategisch neu zu denken.Wem das noch nicht Grund genug ist, sich mit der Resilienz und IT-Sicherheit des eigenen Unternehmens zu befassen, hat aus Richtung der Europäischen Union in den letzten Monaten noch einmal etwas Zusatzmotivation erhalten. Während von dem…
-
NIS2 und der Mittelstand: Zwischen Pflicht und Praxis
Tags: ai, ceo, compliance, cybersecurity, cyersecurity, dora, fortinet, germany, governance, healthcare, international, network, nis-2, resilience, risk, risk-analysis, risk-management, service, software, strategy, supply-chain, zero-trustNeue EU-Vorgaben wie DORA und NIS2 setzen Unternehmen unter Zugzwang bieten aber gleichzeitig die Chance, IT-Sicherheit strategisch neu zu denken.Wem das noch nicht Grund genug ist, sich mit der Resilienz und IT-Sicherheit des eigenen Unternehmens zu befassen, hat aus Richtung der Europäischen Union in den letzten Monaten noch einmal etwas Zusatzmotivation erhalten. Während von dem…
-
Zero-Trust-Architektur Mit einem adaptiven Ansatz Sicherheitsvorgaben erfüllen
Die Herausforderungen bei der Implementierung einer Zero-Trust-Architektur (ZTA) sind erheblich. Ein schrittweiser Ansatz zur Realisierung effektiver Zero-Trust-Modelle geht über die reine Compliance hinaus und sorgt für eine kontinuierliche Verbesserung durch fünf Schlüsselphasen. Ziel ist es, ein hochsicheres Netzwerk zu schaffen, das sich automatisch an verändernde Bedingungen und Bedrohungen anpasst. First seen on ap-verlag.de Jump to…
-
5 Key Reasons Why Enterprise Readiness is Essential in Physical Security
Discover why enterprise readiness is crucial for physical security. Learn about device availability, cybersecurity, compliance, cost-efficiency, and future planning. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/5-key-reasons-why-enterprise-readiness-is-essential-in-physical-security/
-
Goaco und Thales vereinfachen digitale Identitätsprüfung – KMU-Sicherheit auf Enterprise Niveau
Tags: complianceGoidentity ist daher bewusst als leichtgewichtiges, revisionssicheres Ökosystem entwickelt worden: schnell, sicher, unkompliziert und mit höchsten Ansprüchen an Compliance und Vertrauen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/goaco-und-thales-vereinfachen-digitale-identitaetspruefung-kmu-sicherheit-auf-enterprise-niveau/a41779/
-
Mit einem adaptiven Ansatz Sicherheitsvorgaben erfüllen
Die Herausforderungen bei der Implementierung einer Zero-Trust-Architektur (ZTA) sind erheblich. Ein schrittweiser Ansatz zur Realisierung effektiver Zero-Trust-Modelle geht über die reine Compliance hinaus und sorgt für eine kontinuierliche Verbesserung durch fünf Schlüsselphasen. Ziel ist es, ein hochsicheres Netzwerk zu schaffen, das sich automatisch an verändernde Bedingungen und Bedrohungen anpasst. First seen on ap-verlag.de Jump to…
-
5 Cloud Security Providers You Might Be Overlooking
Compare top cloud security companies offering tools to protect data, manage access, reduce threats, and ensure compliance First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/products/cloud-security-companies/
-
How Exposure Management Has Helped Tenable Reduce Risk and Align with the Business
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In the second of a two-part blog series, Tenable CSO Robert Huber shares how exposure management has helped him reduce risk and better align with the business. You can read the entire Exposure…
-
Need help with AI safety? Stay ahead of risks with these tools and frameworks
Tags: advisory, ai, best-practice, business, cloud, compliance, conference, control, cybersecurity, finance, framework, governance, government, group, healthcare, intelligence, microsoft, privacy, resilience, risk, service, skills, strategy, technology, toolComprehensive AI readiness lists for organizations to evaluate how prepared they really are for AI.Usage guidelines that align with existing security and governance practices.Strategies for how to tackle AI ethical risks like bias and transparency.AI security instructions for how to use AI safely to strengthen cybersecurity.Attack resilience guidelines for understanding how AI systems can be…
-
How Exposure Management Has Helped Tenable Reduce Risk and Align with the Business
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In the second of a two-part blog series, Tenable CSO Robert Huber shares how exposure management has helped him reduce risk and better align with the business. You can read the entire Exposure…
-
Meet the unsung silent hero of cyber resilience you’ve been ignoring
Tags: ai, blockchain, compliance, computing, cyber, cybersecurity, defense, detection, dora, framework, GDPR, governance, infrastructure, iot, monitoring, network, PCI, regulation, resilience, technology, toolFixing this isn’t complicated. It just needs your focused attention: First, secure your sources. Forget public NTP servers from dubious origins. Instead, choose authenticated and secure protocols, such as NTP or Network Time Security (NTS). These protocols offer encrypted and tamper-resistant synchronization, ensuring that your clocks can’t be easily spoofed.Next, redundancy matters. Don’t rely on…
-
Generative KI absichern und Shadow-AI vermeiden
Die rasante Integration generativer KI in Unternehmensprozesse bringt nicht nur Effizienz, sondern auch neue Sicherheitsrisiken. IT- und Security-Verantwortliche stehen vor der Gretchenfrage: Wie lässt sich die Power von GenAI nutzen, ohne sensible Daten preiszugeben oder Compliance-Vorgaben zu verletzen? Parallel dazu etabliert sich ein Phänomen, das längst aus der IT-Welt bekannt ist: ‘Shadow-IT”. In Bezug auf…
-
Building a Smart Compliance Strategy in Cloud?
Is your Strategy for Cloud Compliance Intelligent Enough? One question prevails: is your compliance strategy smart enough to handle the complexities of the cloud environment? Understanding Non-Human Identities & Secret Management Before delving into strategies for compliance, let’s comprehend the dynamics of Non-Human Identities (NHIs) and secrets management. NHIs are machine identities vital for cybersecurity….…
-
Who needs ISO 27001 compliance and why is it important?
Protecting sensitive information is more than a legal obligation, it’s a competitive advantage. Cyber threats, data breaches, and regulatory penalties are growing risks for organizations of all sizes. This is where ISO 27001 compliance plays a critical role. As a globally recognized standard for information security, ISO 27001 helps businesses implement a structured framework to……
-
Top 10 Frequently Asked Questions on ISO 27018 Compliance
As cloud adoption continues to rise, organizations are increasingly concerned about safeguarding personal data stored and processed by cloud service providers (CSPs). ISO/IEC 27018 is an internationally recognized standard that specifically addresses data protection in cloud environments. It provides guidelines to help CSPs implement effective measures for protecting Personally Identifiable Information (PII). In this blog,……
-
Ensuring security in a borderless world: The 30th anniversary of Schengen system
Tags: access, ai, cloud, compliance, computing, control, country, cyber, cybersecurity, data, dora, encryption, framework, GDPR, infrastructure, mfa, network, nis-2, office, privacy, regulation, resilience, technology, tool, update -
What is the cost of a data breach?
Tags: access, ai, api, attack, automation, breach, business, ciso, compliance, cyber, cyberattack, cybersecurity, data, data-breach, detection, finance, fraud, healthcare, ibm, identity, incident response, india, infrastructure, insurance, intelligence, jobs, law, metric, privacy, programming, ransom, ransomware, regulation, risk, security-incident, service, skills, software, supply-chain, technology, theft, threat, tool, vulnerabilityCanada ($4.84 million) and the UK ($4.14million) remain in the top 10 hardest hit, with ASEAN or Association of Southeast Asian Nations ($3.67 million), Australia ($2.55 million), and India ($2.51 million) among the top 15. Breaches by industry: Healthcare remains the industry hit with the highest costs per breach by far, at $7.42 million despite…
-
Supercharge Splunk Efficiency and ROI with Qmulos
For organizations using Splunk to manage security data, efficiency and return on investment (ROI) are often top of mind. That’s where Qmulos Q-Compliance and Q-BA2 (formerly Q-Audit) come in. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/supercharge-splunk-efficiency-and-roi-with-qmulos/