Tag: GDPR
-
AI Usage Monitoring: How to See Everything Your Employees Are Doing with AI FireTail Blog
Tags: access, ai, ciso, compliance, control, data, detection, GDPR, guide, login, monitoring, network, regulation, risk, toolApr 29, 2026 – Lina Romero – What is AI usage monitoring? AI usage monitoring is the practice of logging, tracking, and analysing how employees and systems interact with AI tools, both sanctioned and unsanctioned. FireTail provides centralised AI activity logging that gives security teams a real-time view of AI usage across the entire organisation.…
-
Bridging the EU AI Act Compliance Gap FireTail Blog
Tags: ai, breach, cloud, compliance, control, data, GDPR, governance, infrastructure, monitoring, privacy, risk, risk-management, tool, trainingApr 28, 2026 – Lina Romero – What the EU AI Act demandsThe EU AI Act classifies AI according to risk. Unacceptable risk is prohibited outright. High-risk AI systems are heavily regulated. Limited-risk systems face transparency obligations. The majority of obligations fall on providers, though deployers carry meaningful obligations too. If your organisation builds AI, buys…
-
GDPR works, but only where someone enforces it
A new measurement study of web tracking across ten countries offers a reality check for anyone working on privacy compliance. Researchers crawled the same set of globally … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/23/gdpr-enforcement-measurement-study/
-
Beyond the Spreadsheet: Why Manual AI Audits Are an EU AI Act Compliance Liability FireTail Blog
Tags: access, ai, ciso, cloud, compliance, control, data, detection, finance, framework, GDPR, governance, grc, group, incident response, infrastructure, ISO-27001, monitoring, regulation, risk, saas, service, soc, toolApr 16, 2026 – Alan Fagan – When it comes to the EU AI Act, many organisations take a manual approach to auditing, which looks impressive on paper but collapses under regulatory scrutiny. They use policies, surveys, working groups, and a well-formatted risk register. However, a manual approach does not provide the continuous, automated, technical…
-
Article 12 and the Logging Mandate: What the EU AI Act Actually Requires FireTail Blog
Tags: access, ai, breach, ciso, cloud, compliance, control, data, data-breach, finance, GDPR, grc, healthcare, infrastructure, insurance, jobs, metric, monitoring, regulation, risk, saas, service, toolApr 16, 2026 – Lina Romero – When GDPR arrived, the organisations that had mistaken documentation for capability were the ones that struggled the most. They had policies about data retention but no technical controls enforcing those policies. They had breach notification procedures but no systems capable of detecting a breach in time to use…
-
Beyond the Spreadsheet: Why Manual AI Audits Are an EU AI Act Compliance Liability FireTail Blog
Tags: access, ai, ciso, cloud, compliance, control, data, detection, finance, framework, GDPR, governance, grc, group, incident response, infrastructure, ISO-27001, monitoring, regulation, risk, saas, service, soc, toolApr 16, 2026 – Alan Fagan – When it comes to the EU AI Act, many organisations take a manual approach to auditing, which looks impressive on paper but collapses under regulatory scrutiny. They use policies, surveys, working groups, and a well-formatted risk register. However, a manual approach does not provide the continuous, automated, technical…
-
AI Security Risks: How Enterprises Manage LLM, Shadow AI and Agentic Threats FireTail Blog
Tags: access, ai, api, attack, breach, business, ciso, cloud, compliance, conference, control, cybersecurity, data, data-breach, detection, email, endpoint, exploit, finance, framework, gartner, GDPR, governance, guide, infrastructure, injection, LLM, malicious, microsoft, monitoring, network, nvidia, office, regulation, risk, saas, software, threat, tool, training, vulnerabilityApr 08, 2026 – – Quick Facts: Enterprise AI Security Most enterprises are running AI at scale before their security teams have visibility into it. Shadow AI (unsanctioned AI tools spreading department by department) is now the most common entry point for data leakage. Agentic AI introduces a new category of risk: autonomous systems that…
-
Comp AI: The open-source way to get compliant with SOC 2, ISO 27001, HIPAA and GDPR
Getting a startup through a SOC 2 audit has long meant months of manual evidence collection, policy writing, and repeated back-and-forth with auditors. A growing number of … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/07/comp-ai-open-source-compliance-platform/
-
9 ways CISOs can combat AI hallucinations
Tags: access, ai, breach, ciso, compliance, control, corporate, cybersecurity, data, defense, encryption, flaw, framework, GDPR, governance, identity, metric, penetration-testing, regulation, risk, soc, tool, trainingTreat AI outputs as drafts, not finished products: One of the biggest risks is over-trusting AI, according to security experts. Coté says her organization changed its policy so AI-generated content cannot go straight into compliance documentation without a human review.”The moment your team starts treating an AI-generated answer as a finished work product, you have…
-
Synthetic Data and GDPR Compliance
The post <b>Synthetic Data and GDPR Compliance</b> appeared first on Sovy. First seen on securityboulevard.com Jump to article: https://securityboulevard.com/2026/03/synthetic-data-and-gdpr-compliance/
-
Jeremy Snyder talks AI Governance on Security Weekly FireTail Blog
Tags: ai, api, attack, data, GDPR, governance, monitoring, privacy, saas, threat, tool, vulnerabilityMar 19, 2026 – Lina Romero – The speed of AI adoption is unlike any tech shift we’ve seen before. While the transition to SaaS and BYOD took years, AI has integrated into the enterprise in months, often moving faster than security teams can track.”Jeremy joined the Security Weekly team to talk about AI governance…
-
Jeremy Snyder talks AI Governance on Security Weekly FireTail Blog
Tags: ai, api, attack, data, GDPR, governance, monitoring, privacy, saas, threat, tool, vulnerabilityMar 19, 2026 – Lina Romero – The speed of AI adoption is unlike any tech shift we’ve seen before. While the transition to SaaS and BYOD took years, AI has integrated into the enterprise in months, often moving faster than security teams can track.”Jeremy joined the Security Weekly team to talk about AI governance…
-
Jeremy Snyder talks AI Governance on Security Weekly FireTail Blog
Tags: ai, api, attack, data, GDPR, governance, monitoring, privacy, saas, threat, tool, vulnerabilityMar 19, 2026 – Lina Romero – The speed of AI adoption is unlike any tech shift we’ve seen before. While the transition to SaaS and BYOD took years, AI has integrated into the enterprise in months, often moving faster than security teams can track.”Jeremy joined the Security Weekly team to talk about AI governance…
-
What Is Data Mapping and Why It Matters for GDPR
The post <b>What Is Data Mapping and Why It Matters for GDPR</b> appeared first on Sovy. First seen on securityboulevard.com Jump to article: https://securityboulevard.com/2026/03/what-is-data-mapping-and-why-it-matters-for-gdpr/
-
What Is Data Mapping and Why It Matters for GDPR
The post <b>What Is Data Mapping and Why It Matters for GDPR</b> appeared first on Sovy. First seen on securityboulevard.com Jump to article: https://securityboulevard.com/2026/03/what-is-data-mapping-and-why-it-matters-for-gdpr/
-
The True Cost of Cyber Downtime: A UK Board-Level Briefing
Tags: attack, backup, business, cloud, communications, compliance, control, cyber, cyberattack, data, finance, GDPR, governance, healthcare, infrastructure, insurance, monitoring, resilience, saas, service, supply-chain, technologyWritten by Sean Tilley, Senior Sales Director EMEA at 11:11 Systems Cyber downtime carries measurable financial consequences, and those consequences are becoming clearer with each major incident. Research from 11:11 Systems shows that 78% of European organisations report losses of up to $500,000 per hour following a cyber-related outage, while 6% face costs exceeding £1 million per…
-
Heading to RSA Conference 2026? Mark your Calendar and Meet Thales!
Tags: access, ai, application-security, attack, communications, compliance, conference, container, control, cybersecurity, data, defense, firewall, framework, GDPR, google, HIPAA, iam, ibm, injection, LLM, malicious, risk, tool, vulnerabilityHeading to RSA Conference 2026? Mark your Calendar and Meet Thales! madhav Tue, 03/17/2026 – 05:14 The countdown is on. From March 2326, the cybersecurity community will gather once again at the Moscone Center in San Francisco, and Thales will be at the heart of it. Cybersecurity Chad Couser – Director Marketing Communications Thales More…
-
Building Trust in AI SOC Analyst Solutions: A UK and EU CISO Perspective
Tags: access, ai, best-practice, ciso, control, data, endpoint, framework, GDPR, governance, incident response, international, metric, nis-2, privacy, risk, socBy Brett Candon, VP International at Dropzone AI Trust has always been critical in security operations, but in the UK and Europe it carries significant regulatory weight. GDPR, NIS2 and similar related data”‘protection frameworks shape far more than legal risk, they directly influence architectural decisions, supplier selection, and how security data can be accessed, processed…
-
France Fines National Employment Agency Euro5m Over 2024 Data Breach
The French data protection regulator said that France Travail’s response to a 2024 data breach violated GDPR First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/france-finesemployment-agency-5m/
-
Europe’s GDPR cops dished out Euro1.2B in fines last year as data breaches piled up
Regulators logged over 400 personal data breach notifications a day for first time since law came into force First seen on theregister.com Jump to article: www.theregister.com/2026/01/22/europes_gdpr_cops_dished_out/
-
Over 160,000 Companies Notify Regulators of GDPR Breaches
DLA Piper finds 22% increase in breached firms notifying European GDPR regulators First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/160000-companies-regulator-gdpr/
-
Securing the Future: Practical Approaches to Digital Sovereignty in Google Workspace
Tags: access, attack, ciso, cloud, compliance, computing, container, control, data, defense, dora, email, encryption, GDPR, google, Hardware, healthcare, identity, infrastructure, law, malware, network, privacy, regulation, resilience, risk, service, software, strategy, zero-trustSecuring the Future: Practical Approaches to Digital Sovereignty in Google Workspace madhav Thu, 01/22/2026 – 04:35 In today’s rapidly evolving digital landscape, data privacy and sovereignty have become top priorities for organizations worldwide. With the proliferation of cloud services and the tightening of global data protection regulations, security professionals face mounting pressure to ensure their…
-
For cyber risk assessments, frequency is essential
Tags: access, authentication, backup, breach, ciso, cloud, compliance, cyber, cyberattack, cybersecurity, data, data-breach, exploit, framework, GDPR, infrastructure, mitigation, network, password, radius, ransomware, regulation, risk, risk-assessment, risk-management, strategy, tool, vulnerabilityIdentifying vulnerabilities: A cyber risk assessment helps to identify security gaps in a company’s IT infrastructure, networks, and systems. This provides the opportunity to eliminate these vulnerabilities before they can be exploited by cybercriminals.Prioritize risk management measures: Not every system is critical, and not all of a company’s data is equally important. The results of the risk…
-
France fines telcos Euro42M for sub-par security prior to 24M customer breach
Three major GDPR violations, including a lack of basic security controls, lead to hefty dent in profits First seen on theregister.com Jump to article: www.theregister.com/2026/01/14/france_fines_free_free_mobile/