Tag: governance
-
Amaranth-Dragon Zielgerichtete Cyberspionage gegen Behörden in Südostasien
Check Point Software Technologies hat über die Sicherheitsforscher von Check Point Research (CPR) hochgradig zielgerichtete Cyberspionagekampagnen aufgedeckt. Sie richteten sich im Jahr 2025 gegen Regierungs- und Strafverfolgungsbehörden in der ASEAN-Region. Die Aktivitäten werden einem bislang öffentlich nicht dokumentierten Bedrohungsakteur namens ‘Amaranth-Dragon” zugeschrieben, der eng mit dem chinesisch zugeordneten APT-41-Ökosystem verbunden ist. Die wichtigsten Ergebnisse im…
-
Building trust with the board through evidence-based proof
Tags: backup, business, cio, ciso, compliance, control, cyber, cybersecurity, data, finance, governance, incident, insurance, mitigation, regulation, resilience, risk, strategy, tool, updateBuilding a common language to get to “Here’s the proof of cyber resilience”: CISOs can reframe the discussion using data and evidence. Modern cybersecurity tools produce a large volume of data and information on how they operate at any point in time, the status of controls deployed, the validation of configuration and more. There’s an…
-
1.5 million AI agents are at risk of going rogue
The real issue is invisible AI, not rogue AI: Manish Jain, principal research director at Info-Tech Research Group, said that as the “exponential” speed of AI development continues, his firm, based on experiences with CIOs and CDOs, predicts that there will be more AI agents globally by the year 2028 than the number of human…
-
EIC 2026 – Digitale Identitäten im Spannungsfeld zwischen Governance und KI
First seen on security-insider.de Jump to article: www.security-insider.de/eic-2026-berlin-digitale-identitaeten-governance-ki-post-quanten-cryptography-a-9e0254c82e9586fabb43751511f4d842/
-
How Hospitals’ Use of GenAI is Putting Patients at Risk Without Realizing It
Hospitals are adopting Gen AI across EHR workflows, but hallucinations, bias, and weak governance pose real patient safety risks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/how-hospitals-use-of-genai-is-putting-patients-at-risk-without-realizing-it/
-
AI Governance Explained: How to Control Risk, Stay Compliant, and Scale AI Safely in 2026
Author : Karunakar Goud RGDate Published : February, 04, 2026 AI Governance Explained: How to Control Risk, Stay Compliant, and Scale AI Safely in 2026 Artificial intelligence is no longer experimental. By 2026, AI systems are embedded in customer support, security operations, decision-making, and product development. As AI adoption accelerates, AI governance has become a…The…
-
AI is Supercharging Work…and Your Attack Surface
AI boosts productivity, but weak data governance and shadow AI are expanding the enterprise attack surface. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/ai-is-supercharging-work-and-your-attack-surface/
-
AI Governance in Cybersecurity: Building Trust and Resilience in the Age of Intelligent Security
Artificial intelligence is no longer a “nice to have” in cybersecurity it’s embedded everywhere. From detecting suspicious activity to responding to incidents in real time, AI now sits at the heart of modern security operations. But as organizations hand over more responsibility to intelligent systems, a tough question emerges: who’s really in control? This First…
-
Sichere Entwicklung, Bereitstellung und Nutzung von Anwendungen der künstlichen Intelligenz
Zscaler versetzt mit seinen KI-Sicherheitsinnovationen Organisationen in die Lage, die Nutzung von KI zu sichern und gleichzeitig Transparenz, Kontrolle und Governance zu gewährleisten. Da Unternehmen heute generative KI einsetzen und sich auf die Implementierung von agentenbasierter KI vorbereiten, sind sie einem steigenden Risiko von Cyberangriffen und Datenverlusten ausgesetzt, da herkömmliche Sicherheitsmodelle nicht für die Sicherung…
-
Think agentic AI is hard to secure today? Just wait a few months
Cost effective fix: Do nothing: Kodezi’s Khan offers an interesting fix for that foundational problem: Don’t even try. He argues it’s a money pit that will never be fully resolved. Instead, he suggests pouring resources into creating a strict identity strategy for every NHI going forward. “Aim for containment rather than for perfection. You can’t really govern…
-
Why boards must prioritize non-human identity governance
Boards of Directors (BoDs) do three things exceptionally well when cyber is framed correctly. They set risk appetite, they allocate capital, and they demand evidence that the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/03/gitguardian-boards-nhi-governance/
-
Bargeld muss bleiben gemeinsamer Appell von 14 Verbraucherschutz-, Sozial-, Wohlfahrts- und Wirtschaftsverbänden an die Bundesregierung
Tags: governanceFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/bargeld-erhaltung-appell-14-verbraucherschutz-sozial-wohlfahrts-wirtschaftsverbande-bundesregierung
-
Why Your WAF Missed It: The Danger of Double-Encoding and Evasion Techniques in Healthcare Security
Tags: access, ai, api, attack, data, data-breach, detection, exploit, governance, hacker, healthcare, intelligence, malicious, risk, technology, threat, tool, wafThe “Good Enough” Trap If you ask most organizations how they protect their APIs, they point to their WAF (Web Application Firewall). They have the OWASP Top 10 rules enabled. The dashboard is green. They feel safe. But attackers know exactly how your WAF works, and, more importantly, how to trick it. We recently worked…
-
What’s New in Tenable Cloud Security: Multi-cloud Risk Analysis, Attack Surface Assessments, Improved IAM Security and More
Tags: ai, attack, cloud, compliance, data, data-breach, endpoint, gartner, google, governance, iam, identity, infrastructure, Internet, least-privilege, microsoft, mitigation, network, radius, risk, risk-analysis, service, supply-chain, switch, tool, training, vulnerabilityTenable Cloud Security continues to expand the technical depth of our Tenable One exposure management platform. Our latest enhancements include unified multi-cloud exploration, high-fidelity network validation, and expanded entitlement visibility across infrastructure and identity providers. Key takeaways Graph-based multi-cloud exploration: We’ve leveraged our unified data model to provide deep visibility across all cloud environments. You…
-
Top 10 Cyber Risk Management and GRC Companies in the UK and Globally
Cyber risk management and Governance, Risk, and Compliance (GRC) have become central to how organisations protect data, meet regulatory obligations, and maintain operational resilience. As cyber threats grow more sophisticated and regulatory scrutiny increases, organisations must demonstrate not only that risks are identified, but that they are governed, prioritised, and controlled effectively. Cyber risk management…
-
Why non-human identities are your biggest security blind spot in 2026
Tags: access, api, breach, cloud, control, credentials, data-breach, github, google, governance, identity, least-privilege, password, service, threat, toolThe three blind spots I keep finding: After years working in cloud security and identity management, certain patterns show up everywhere I look. Three problems in particular appear in nearly every environment I assess. Secrets where they should never be. I still find API keys hardcoded in source files. Still. In 2026. Last year, GitGuardian…
-
When responsible disclosure becomes unpaid labor
Tags: ai, bug-bounty, ciso, cloud, compliance, control, credentials, cve, cvss, cybersecurity, data, email, exploit, finance, flaw, governance, healthcare, incident response, infrastructure, jobs, open-source, ransom, risk, security-incident, service, software, threat, tool, update, vulnerability, warfaresupposed to function and how it increasingly does in practice. Enter the gray zone of ethical disclosure: The result is a growing gray zone between ethical research and adversarial pressure. Based on years of reporting on disclosure disputes, that gray zone tends to emerge through a small set of recurring failure modes.Silent treatment and severity…
-
Das nächste große Security-Schlachtfeld
Tags: ai, chatgpt, computer, computing, cyber, cybersecurity, cyersecurity, encryption, framework, governance, Hardware, resilience, training, usaWenn Quantum Computing und KI in der Praxis zusammenkommen, bricht ein neues Zeitalter an auch und vor allem in Sachen Cybersecurity.In den letzten Jahren hat künstliche Intelligenz (KI) ihre Tentakel über die globale Technologielandschaft ausgebreitet. Das verdeutlicht unter anderem auch der zunehmende Einsatz von Automatisierung und autonomen Technologien in diversen Branchen und Sektoren. Und während…
-
What future trends will define Agentic AI governance
How Are Non-Human Identities Shaping Cloud Security? What does it take to bridge the gap between security and R&D teams when managing non-human identities in cloud environments? Non-human identities (NHIs) are pivotal in modern cybersecurity frameworks, acting as machine identities that ensure secure interaction between different technological entities. Understanding their role and maintaining effective security……
-
ISMG Editors: Real-Time Vishing Is Breaking MFA
Also: Why AI Agents Are Colliding, What Good Governance Ought to Look Like. In this week’s panel, four ISMG editors discussed real-time vishing attacks that are defeating MFA, the growing problem of AI agents making conflicting decisions inside of enterprises and why the next phase of AI adoption depends on governance, accountability and control. First…
-
Why AI Use in Healthcare Requires Continuous Oversight
Artificial intelligence use in healthcare is only as safe and accurate as the governance and trust frameworks surrounding it, particularly in clinical environments where errors or hallucinations can directly impact patient care, said Dave Bailey, vice president at consultancy Clearwater. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/ai-use-in-healthcare-requires-continuous-oversight-i-5521
-
Tenable Tackles AI Governance, Shadow AI Risks, Data Exposure
The Tenable One AI Exposure add-on discovers unsanctioned AI use in the organization and enforces policy compliance with approved tools. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/tenable-tackles-ai-governance-shadow-ai-risks-data-exposure
-
KI-Governance, Datensouveränität und Dynamic Trust prägen 2026 – Vier Trends machen Cybersicherheit 2026 zum strategischen Faktor
First seen on security-insider.de Jump to article: www.security-insider.de/cybersicherheit-trends-2026-dynamic-trust-a-64d95b93d2d70461c3948e752bf41137/
-
Measuring Agentic AI Posture: A New Metric for CISOs
In cybersecurity, we live by our metrics. We measure Mean Time to Respond (MTTR), Dwell Time, and Patch Cadence. These numbers indicate to the Board how quickly we respond when issues arise. But in the era of Agentic AI, reaction speed is no longer enough. When an AI Agent or an MCP server is compromised,…
-
Roughly half of employees are using unsanctioned AI tools, and enterprise leaders are major culprits
51% have connected AI tools to work systems or apps without the approval or knowledge of IT;63% believe it’s acceptable to use AI when there is no corporate-approved option or IT oversight;60% say speed is worth the security risk;21% think employers will simply “turn a blind eye” as long as they’re getting their work done.And…
-
The Agentic AI Posture Score: A New Metric for CISOs
In cybersecurity, we live by our metrics. We measure Mean Time to Respond (MTTR), Dwell Time, and Patch Cadence. These numbers tell the Board how fast we react when things go wrong. But in the era of Agentic AI, reaction speed is no longer enough. When an AI Agent or an MCP server is compromised,…