Tag: corporate
-
US Congress Moves to Revive CISA 2015 After Shutdown
Lawmakers Include Extension of Cyberthreat Sharing Law in Shutdown Resolution. A statute underpinning corporate cybersecurity information sharing may come back into effect along with funding to reopen the U.S. federal government after six weeks of being shutdown. The Cybersecurity Information Sharing Act of 2015 expired the same day Washington shut down on Oct. 1. First…
-
Beyond silos: How DDI-AI integration is redefining cyber resilience
Tags: ai, api, attack, automation, best-practice, breach, business, cctv, cloud, control, corporate, cyber, cybersecurity, data, defense, detection, dns, endpoint, finance, firewall, guide, identity, infrastructure, intelligence, iot, malicious, monitoring, network, penetration-testing, phishing, phone, RedTeam, resilience, risk, service, siem, soar, soc, sql, threat, tool, training, zero-trustDDI as the nervous system of enterprise security: DDI, including DNS, DHCP and IP address management, is the nervous system of the network. It records every connection, every name resolution and every IP allocation, maintaining the only comprehensive, authoritative record of normal network behavior.By itself, DDI data is simply a massive stream of logs. For…
-
Beyond silos: How DDI-AI integration is redefining cyber resilience
Tags: ai, api, attack, automation, best-practice, breach, business, cctv, cloud, control, corporate, cyber, cybersecurity, data, defense, detection, dns, endpoint, finance, firewall, guide, identity, infrastructure, intelligence, iot, malicious, monitoring, network, penetration-testing, phishing, phone, RedTeam, resilience, risk, service, siem, soar, soc, sql, threat, tool, training, zero-trustDDI as the nervous system of enterprise security: DDI, including DNS, DHCP and IP address management, is the nervous system of the network. It records every connection, every name resolution and every IP allocation, maintaining the only comprehensive, authoritative record of normal network behavior.By itself, DDI data is simply a massive stream of logs. For…
-
Data privacy whistleblowers would get expanded protections under California proposal
California’s influential privacy agency sent the state legislature three proposals, including a measure to create anti-retaliation safeguards and financial rewards for insiders who make regulators aware of corporate practices that violate state privacy law. First seen on therecord.media Jump to article: therecord.media/california-data-privacy-agency-whistleblower-protections-proposal
-
Data privacy whistleblowers would get expanded protections under California proposal
California’s influential privacy agency sent the state legislature three proposals, including a measure to create anti-retaliation safeguards and financial rewards for insiders who make regulators aware of corporate practices that violate state privacy law. First seen on therecord.media Jump to article: therecord.media/california-data-privacy-agency-whistleblower-protections-proposal
-
European Commission moves to loosen GDPR for AI and cookie tracking
AI training gets green light: The proposal directly addressed one of the most contentious issues in EU privacy law: whether companies can train AI systems using personal data.The draft stated that AI training, testing, and validation may be conducted under the GDPR’s “legitimate interest” basis, as long as companies implement safeguards such as data minimization,…
-
European Commission moves to loosen GDPR for AI and cookie tracking
AI training gets green light: The proposal directly addressed one of the most contentious issues in EU privacy law: whether companies can train AI systems using personal data.The draft stated that AI training, testing, and validation may be conducted under the GDPR’s “legitimate interest” basis, as long as companies implement safeguards such as data minimization,…
-
European Commission moves to loosen GDPR for AI and cookie tracking
AI training gets green light: The proposal directly addressed one of the most contentious issues in EU privacy law: whether companies can train AI systems using personal data.The draft stated that AI training, testing, and validation may be conducted under the GDPR’s “legitimate interest” basis, as long as companies implement safeguards such as data minimization,…
-
European Commission moves to loosen GDPR for AI and cookie tracking
AI training gets green light: The proposal directly addressed one of the most contentious issues in EU privacy law: whether companies can train AI systems using personal data.The draft stated that AI training, testing, and validation may be conducted under the GDPR’s “legitimate interest” basis, as long as companies implement safeguards such as data minimization,…
-
CISOs must prove the business value of cyber, the right metrics can help
Cybersecurity as a business function: “The challenge has been that security is put in the wrong organizational structure, with the CISO reporting to the CIO or CTO or chief digital officer,” Oberlaender says. “Security is not foremost a technology problem. Maybe ten or twenty percent is technology. But the rest is people, process and the…
-
CISOs must prove the business value of cyber, the right metrics can help
Cybersecurity as a business function: “The challenge has been that security is put in the wrong organizational structure, with the CISO reporting to the CIO or CTO or chief digital officer,” Oberlaender says. “Security is not foremost a technology problem. Maybe ten or twenty percent is technology. But the rest is people, process and the…
-
CISOs must prove the business value of cyber, the right metrics can help
Cybersecurity as a business function: “The challenge has been that security is put in the wrong organizational structure, with the CISO reporting to the CIO or CTO or chief digital officer,” Oberlaender says. “Security is not foremost a technology problem. Maybe ten or twenty percent is technology. But the rest is people, process and the…
-
Online Job Scams Creating News Risks for Corporate Networks
It’s Time for Enterprises to Manage Risks Posed by Compromised Personal Devices Online job scams have evolved beyond consumer fraud and now pose a direct threat to corporate networks. Google warns that scammers are embedding remote access Trojans and info-stealers disguised as interview software or application materials to hack personal devices and ultimately corporate systems.…
-
Business continuity and cybersecurity: Two sides of the same coin
Tags: access, ai, attack, backup, breach, business, cloud, control, corporate, credentials, cyber, cybercrime, cybersecurity, data, data-breach, detection, email, finance, framework, google, incident response, infrastructure, intelligence, Internet, network, nist, ransomware, RedTeam, resilience, risk, sans, service, strategy, tactics, threat, tool, training, veeam, vulnerability, zero-trustWhy traditional business continuity plans fail against modern threats: I’ve implemented change management processes in environments requiring 99.99% uptime and I can tell you that most business continuity plans were designed for a different era. They assume that your backup systems, communication channels and recovery procedures will be available when you need them. Today’s threat…
-
Business continuity and cybersecurity: Two sides of the same coin
Tags: access, ai, attack, backup, breach, business, cloud, control, corporate, credentials, cyber, cybercrime, cybersecurity, data, data-breach, detection, email, finance, framework, google, incident response, infrastructure, intelligence, Internet, network, nist, ransomware, RedTeam, resilience, risk, sans, service, strategy, tactics, threat, tool, training, veeam, vulnerability, zero-trustWhy traditional business continuity plans fail against modern threats: I’ve implemented change management processes in environments requiring 99.99% uptime and I can tell you that most business continuity plans were designed for a different era. They assume that your backup systems, communication channels and recovery procedures will be available when you need them. Today’s threat…
-
Cavalry Werewolf Launches Cyberattack on Government Agencies to Deploy Network Backdoor
In July 2025, Doctor Web’s anti-virus laboratory received a critical alert from a government-owned organization within the Russian Federation. The institution suspected a network compromise after discovering spam emails originating from one of their corporate email addresses. What began as a routine investigation quickly escalated into the discovery of a sophisticated targeted attack orchestrated by…
-
Apache OpenOffice disputes data breach claims by ransomware gang
The Apache Software Foundation disputes claims that its OpenOffice project suffered an Akira ransomware attack, after the threat actors claimed to have stolen 23 GB of corporate documents. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/apache-openoffice-disputes-data-breach-claims-by-ransomware-gang/
-
What does aligning security to the business really mean?
Indicators of alignment: One barometer of security-business alignment in action, Thielemann says, is when security teams engage with the business and use business metrics to determine security’s effectiveness.As an example, she points to the partnership between security and engineering at a manufacturing plant that had devices using software no longer supported by the vendor. The…