Tag: governance

The 2 faces of AI: How emerging models empower and endanger cybersecurity

Jan 8, 2026 8:02 PM

Tags: ai, api, attack, compliance, credentials, cyber, cybersecurity, data, deep-fake, defense, detection, endpoint, espionage, exploit, finance, flaw, framework, GDPR, google, governance, government, group, guide, hacker, HIPAA, incident response, injection, intelligence, LLM, malicious, malware, mandiant, microsoft, network, PCI, penetration-testing, privacy, risk, russia, scam, security-incident, service, social-engineering, strategy, tactics, threat, tool, vulnerability, zero-day

Self-modifying, evasive malware More recently, the researchers at Google Threat Intelligence Group (GTIG) identified a disturbing new trend: malware that uses LLMs during execution to dynamically alter its own behavior and evade detection. This is not pre-generated code, this is code that adapts mid-execution.In June 2025, GTIG identified an experimental malware called PROMPTFLUX, which connects…
The 2 faces of AI: How emerging models empower and endanger cybersecurity

Jan 8, 2026 8:02 PM

Tags: ai, api, attack, compliance, credentials, cyber, cybersecurity, data, deep-fake, defense, detection, endpoint, espionage, exploit, finance, flaw, framework, GDPR, google, governance, government, group, guide, hacker, HIPAA, incident response, injection, intelligence, LLM, malicious, malware, mandiant, microsoft, network, PCI, penetration-testing, privacy, risk, russia, scam, security-incident, service, social-engineering, strategy, tactics, threat, tool, vulnerability, zero-day

Self-modifying, evasive malware More recently, the researchers at Google Threat Intelligence Group (GTIG) identified a disturbing new trend: malware that uses LLMs during execution to dynamically alter its own behavior and evade detection. This is not pre-generated code, this is code that adapts mid-execution.In June 2025, GTIG identified an experimental malware called PROMPTFLUX, which connects…
US announces withdrawal from dozens of international treaties

Jan 8, 2026 3:01 PM

Tags: cyber, governance, international, law

Although the list does not include what are perceived to be the more consequential multilateral bodies shaping global cyber governance and state behaviour in cyberspace, some of the organizations play a role in shaping international law broadly. First seen on therecord.media Jump to article: therecord.media/us-announces-withdrawal-from-dozens-international-orgs
Top cyber threats to your AI systems and infrastructure

Jan 8, 2026 9:01 AM

Tags: ai, api, attack, best-practice, business, chatgpt, ciso, cloud, cyber, cybersecurity, data, defense, detection, exploit, framework, governance, hacker, infrastructure, injection, intelligence, LLM, malicious, mitre, monitoring, open-source, RedTeam, risk, sans, service, skills, software, strategy, supply-chain, tactics, theft, threat, tool, training, unauthorized, usa, vulnerability

Data poisoning Data poisoning is a type of attack in which bad actorsmanipulate, tamper with, and pollute the data used to develop or train AI systems, including machine learning models. By corrupting the data or introducing faulty data, attackers can alter, bias, or otherwise render inaccurate a model’s performance.Imagine an attack that tells a model…
AI Risk Governance Suite for Enterprise Oversight – Kovrr

Jan 7, 2026 9:02 PM

Tags: ai, cyber, governance, risk, risk-management

Articles related to cyber risk quantification, cyber risk management, and cyber resilience. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/ai-risk-governance-suite-for-enterprise-oversight-kovrr/
How to eliminate IT blind spots in the modern, AI-driven enterprise

Jan 7, 2026 5:01 PM

Tags: access, ai, api, attack, automation, awareness, cio, cloud, control, data, detection, endpoint, governance, group, identity, injection, intelligence, metric, monitoring, network, radius, risk, service, technology, tool, training, vulnerability

The more organizations lean on artificial intelligence (AI), spread workloads across different environments, and tie systems together, the harder it becomes for traditional security practices to present a complete picture of what’s going on. The result is a growing number of blind spots hidden misconfigurations, inconsistent controls, and unpredictable behaviors across systems and AI agents…
How to eliminate IT blind spots in the modern, AI-driven enterprise

Jan 7, 2026 5:01 PM

Tags: access, ai, api, attack, automation, awareness, cio, cloud, control, data, detection, endpoint, governance, group, identity, injection, intelligence, metric, monitoring, network, radius, risk, service, technology, tool, training, vulnerability

The more organizations lean on artificial intelligence (AI), spread workloads across different environments, and tie systems together, the harder it becomes for traditional security practices to present a complete picture of what’s going on. The result is a growing number of blind spots hidden misconfigurations, inconsistent controls, and unpredictable behaviors across systems and AI agents…
Personal LLM Accounts Drive Shadow AI Data Leak Risks

Jan 7, 2026 3:01 PM

Tags: ai, data, governance, leak, LLM, risk

Lack of visibility and governance around employees using generative AI is resulting in rise in data security risks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/personal-llm-accounts-drive-shadow/
Ausblick 2026: Agentic AI und KI-basierte Angriffe prägen Cyberresilienz-Strategien

Jan 7, 2026 6:52 AM

Tags: ai, cyberattack, governance, resilience

Mit Blick auf das Jahr 2026 werden Innovationen wie Agentic AI und immer mehr KI-basierte Angriffe Cyberresilienz, Governance und Identitätssicherheit in den Mittelpunkt von Sicherheitsstrategien rücken. Wie können Unternehmen das Spannungsfeld zwischen Innovationsdruck, neuen Bedrohungen und Widerstandsfähigkeit meistern? Wiederherstellung und Resilienz: So lässt sich die Herausforderung durch KI-gesteuerte Angriffe bewältigen Künstliche Intelligenz (KI) beschleunigt… First…
Identity security planning for 2026 is shifting under pressure

Jan 7, 2026 6:52 AM

Tags: governance, identity

Identity security planning is becoming more focused on scale, governance, and operational strain, according to the Identity Security Outlook 2026 report. The ManageEngine … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/07/identity-security-outlook-2026-report/
Cybersecurity hat kein Budget-Problem

Jan 7, 2026 5:52 AM

Tags: breach, business, ciso, compliance, cyberattack, cybersecurity, cyersecurity, governance, jobs, risk, security-incident, strategy

Ein Tag im Leben eines Sicherheitsentscheiders”¦Wenn es um Security-Budgets geht, dreht sich ein Großteil der (Online-)Diskussionen darum, wie man das “Board” für sich gewinnt und Investitionen rechtfertigt. Einige Ansätze basieren auf spezifischen Finanzmodellen und zielen darauf ab, den Return on Investment (ROI) zu rechtfertigen. Andere konzentrieren sich eher darauf, Risiken zu quantifizieren und deren Minderung…
Risky shadow AI use remains widespread

Jan 6, 2026 5:52 PM

Tags: ai, governance

A new report offers fresh evidence for why enterprises should prioritize AI governance policies. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/shadow-ai-security-risks-netskope/808860/
Turning AI Risk Awareness Into Robust AI Governance – Kovrr

Jan 6, 2026 3:52 PM

Tags: ai, awareness, cyber, governance, risk, risk-management

Articles related to cyber risk quantification, cyber risk management, and cyber resilience. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/turning-ai-risk-awareness-into-robust-ai-governance-kovrr/
AI, Quantum, and the New Threat Frontier: What Will Define Cybersecurity in 2026?

Jan 6, 2026 10:52 AM

Tags: access, ai, api, application-security, attack, authentication, automation, business, ciso, cloud, compliance, computer, computing, container, control, crypto, cryptography, cyber, cybersecurity, data, data-breach, defense, detection, encryption, exploit, finance, flaw, framework, governance, government, healthcare, iam, identity, infrastructure, injection, LLM, malicious, metric, monitoring, network, nist, open-source, oracle, regulation, resilience, risk, service, skills, software, strategy, supply-chain, threat, tool, vulnerability, vulnerability-management, waf, zero-day, zero-trust

AI, Quantum, and the New Threat Frontier: What Will Define Cybersecurity in 2026? madhav Tue, 01/06/2026 – 04:44 If we think 2025 has been fast-paced, it’s going to feel like a warm-up for the changes on the horizon in 2026. Every time this year, Thales experts become cybersecurity oracles and predict where the industry is…
The Key Principles of Corporate Governance

Jan 6, 2026 5:52 AM

Tags: control, corporate, governance

What Is Corporate Governance? Corporate governance refers to the system of rules, practices, and processes used to direct and control an organization. It establishes how decisions are made, who has the authority to make them, and how those decisions are reviewed over time. Corporate governance defines the relationship between the board of directors, executive leadership,……
CTO New Year’s Resolutions for a More Secure 2026

Jan 5, 2026 3:52 PM

Tags: ai, cyber, defense, governance, supply-chain

From securing MCPs and supply chain defenses to formal AI and quantum governance, experts share their wish lists for cyber safety in 2026. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/cto-new-year-resolutions-for-a-more-secure-2026
Cybersecurity leaders’ resolutions for 2026

Jan 5, 2026 8:52 AM

Tags: ai, api, attack, automation, breach, business, cio, ciso, cloud, communications, compliance, computing, control, cryptography, cyber, cybersecurity, data, detection, encryption, exploit, fedramp, finance, governance, group, identity, incident response, intelligence, jobs, mitigation, office, resilience, risk, saas, service, skills, soc, social-engineering, strategy, supply-chain, threat, tool, vulnerability, vulnerability-management

2. AI will dominate the agenda: Standard Chartered group CISO Cezary Piekarski expects his agenda to be dominated by AI in two ways: defining both the threat landscape and defensive architecture.”Speed is essential when mitigating attacks so leveraging AI and orchestration tools allows us to quickly automate detection and streamline incident response,” Piekarski says. “This…
Why are IT leaders optimistic about future AI governance

Jan 3, 2026 5:52 AM

Tags: ai, governance, infrastructure, intelligence

Are Machine Identities the Key to Strengthening AI Governance? How do organizations effectively manage the security of their infrastructure while fostering innovation through artificial intelligence? One answer lies in the management of Non-Human Identities (NHIs)”, the machine identities that play a pivotal role in securing AI systems. With IT leaders increasingly optimistic about the potential…
Cybersecurity Snapshot: Predictions for 2026: AI Attack Acceleration, Automated Remediation, Custom-Made AI Security Tools, Machine Identity Threats, and More

Jan 2, 2026 10:52 PM

Tags: access, ai, attack, automation, breach, ciso, cloud, computer, conference, control, cyber, cybersecurity, data, data-breach, defense, detection, exploit, governance, group, identity, intelligence, mitigation, risk, service, threat, tool, zero-day

In this special edition, Tenable leaders forecast key 2026 trends, including: AI will make attacks more plentiful and less costly; machine identities will become the top cloud risk; preemptive cloud and exposure management will dethrone runtime detection; and automated remediation gets the go-ahead. Key takeaways AI will supercharge the speed and volume of traditional cyber…
Why 47-Day TLS and SSL Certificate Renewal Cycles Alarm CIOs

Jan 2, 2026 5:52 PM

Tags: automation, ceo, cio, crypto, governance, resilience, risk

Visibility Gaps Increase the Risk of Certificate-Driven Outages. Moving to 47-day TLS and SSL certificate renewal cycles by 2029 will turn certificate management into an enterprise risk. Automation and crypto-governance are now board-level imperatives. Enterprises can prepare for continuous renewal cycles without losing resilience, says Sectigo CEO Kevin Weiss. First seen on govinfosecurity.com Jump to…
CTO New Year Resolutions for a More Secure 2026

Jan 2, 2026 3:52 PM

Tags: ai, cyber, defense, governance, supply-chain

From securing MCPs and supply chain defenses to formal AI and quantum governance, experts share their wish lists for cyber safety in 2026. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/cto-new-year-resolutions-for-a-more-secure-2026
How SaaS Management Reduces Organizational Risk and Improves GRC Outcomes

Jan 2, 2026 10:52 AM

Tags: business, compliance, governance, grc, risk, risk-management, saas

As enterprises increasingly rely on SaaS applications to run critical business functions, risk management and compliance challenges are becoming more complex and less visible. Traditional governance models were not designed to account for the scale, speed, and decentralization of modern SaaS environments. Addressing this gap requires a closer connection between operational visibility and governance, risk,……
KI im SOC braucht Governance und klare Verantwortlichkeiten – Ohne Governance wird agentenbasierte KI im SOC zum Sicherheitsrisiko

Jan 2, 2026 8:52 AM

Tags: ai, governance, soc

First seen on security-insider.de Jump to article: www.security-insider.de/ki-agenten-soc-governance-a-a3f3d2a5ddad1c320cc2f3d6ad43fc2c/
Wie KI die Cybersicherheit neu gestaltet

Jan 2, 2026 5:52 AM

Tags: ai, ciso, cloud, cyber, cyberattack, cybersecurity, cyersecurity, data, encryption, gartner, governance, group, guide, hacker, incident response, infrastructure, microsoft, phishing, resilience, risk, sans, soc, supply-chain, threat, tool, vulnerability-management

Künstliche Intelligenz und insbesondere Generative KI dringt immer tiefer in die Sicherheitsprozesse vor.Generative KI (GenAI) ist zu einem allgegenwärtigen Werkzeug in Unternehmen geworden. Laut einer Umfrage der Boston Consulting Group nutzen 50 Prozent der Unternehmen die Technologie, um Arbeitsabläufe neu zu gestalten. 77 Prozent der Befragten sind überzeugt, dass KI-Agenten in den nächsten drei bis…
Top 10 Cybersecurity Predictions for 2026

Jan 1, 2026 10:52 AM

Tags: access, ai, api, application-security, attack, authentication, automation, awareness, backdoor, backup, best-practice, blockchain, breach, business, ceo, china, ciso, cloud, communications, compliance, computer, computing, conference, control, corporate, crypto, cryptography, cyber, cyberattack, cybercrime, cybersecurity, data, data-breach, deep-fake, defense, detection, disinformation, email, encryption, espionage, exploit, extortion, finance, fraud, governance, government, group, hacker, hacking, healthcare, identity, incident response, infrastructure, intelligence, Internet, iran, korea, law, linkedin, LLM, malicious, malware, mfa, military, monitoring, msp, mssp, network, nist, north-korea, organized, phishing, privacy, programming, ransom, ransomware, regulation, risk, risk-management, russia, scam, service, skills, soc, social-engineering, software, strategy, supply-chain, tactics, technology, theft, threat, tool, training, ukraine, update, vulnerability, vulnerability-management, warfare, windows, zero-day

Top 10 Cybersecurity Predictions for 2026 The year AI changes cybersecurity forever Cybersecurity predictions are an opportunity to look forward instead of back, to be proactive instead of reactive, and to consider how changes in attackers, technology, and the security industry will impact the sustainability of managing cyber risks. Gaining future insights to the threats, targets,…
2026: Die KI-Revolution geht weiter und wird noch schneller

Jan 1, 2026 6:52 AM

Tags: ai, framework, governance

Im Jahr 2026 wird die KI-Revolution weiter beschleunigen und Unternehmen sowie ganze Branchen grundlegend verändern, wobei resiliente und flexible Infrastrukturen entscheidend für den Erfolg sind. Governance-Frameworks werden immer wichtiger, um Stabilität und Kontrolle im KI-Ökosystem zu gewährleisten, während Datenmanagement als zentrales Rückgrat für Innovationen dient. Agentenbasierte KI-Systeme übernehmen zunehmend operative Aufgaben, optimieren Prozesse in Echtzeit……
Critical vulnerability in IBM API Connect could allow authentication bypass

Jan 1, 2026 5:51 AM

Tags: api, authentication, control, exploit, flaw, governance, ibm, mitigation, monitoring, radius, resilience, service, software, update, vmware, vulnerability

Interim fixes provided: IBM said that the issue was discovered during internal testing, and it has provided interim fixes for each affected version of the software, with individual update details for VMware, OCP/CP4I, and Kubernetes.The only mitigation suggested for the flaw, according to IBM’s security bulletin, is this: “Customers unable to install the interim fix…
Governance und Technik sichern KI-generierten Code – KI-Coding-Tools steigern Produktivität und das Risiko gleichermaßen

Dec 31, 2025 11:52 AM

Tags: ai, governance, risk, tool

First seen on security-insider.de Jump to article: www.security-insider.de/ki-coding-risiko-produktivitaet-a-58baba6d765452f24331dc77086d7ef2/
So geht Post-Incident Review

Dec 31, 2025 5:51 AM

Tags: business, ciso, cyberattack, detection, governance, incident response, law, risk, risk-management, security-incident, strategy, tool, vulnerability

Post-Incident Reviews können dazu beitragen, die richtigen Lehren aus Sicherheitsvorfällen zu ziehen wenn sie richtig aufgesetzt sind.Angenommen, Ihr Unternehmen wird von Cyberkriminellen angegriffen, kommt dabei aber mit einem blauen Auge davon, weil die Attacke zwar spät, aber noch rechtzeitig entdeckt und abgewehrt werden konnte ohne größeren Business Impact. Jetzt einfach wie bisher weiterzumachen und die…
Bundesregierung: Behördendomains als Geheimsache und Schadcodeverteiler

Dec 29, 2025 2:55 PM

Tags: governance

Was passiert, wenn Ministerien und Behörden ihren Namen ändern und frühere Domains verwaisen? Ein Sicherheitsforscher stieß auf unerwartete Ergebnisse. First seen on golem.de Jump to article: www.golem.de/news/bundesregierung-behoerdendomains-als-geheimsache-und-schadcodeverteiler-2512-203655.html