Tag: governance
-
OpenAI Restructures, Nonprofit Foundation Retains Control
Nonprofit Foundation Holds Equity, Oversight Around $130B For-Profit Corporation. The nonprofit OpenAI Foundation now controls a $130 billion for-profit arm after a recapitalization process approved by attorneys general in California and Delaware. The nonprofit retains governance authority and will fund global health and AI risk mitigation programs, backed by regulatory approval. First seen on govinfosecurity.com…
-
Security for AI: A Practical Guide to Enforcing Your AI Acceptable Use Policy
Tags: access, ai, awareness, best-practice, business, chatgpt, compliance, control, corporate, data, data-breach, disinformation, finance, governance, government, guide, intelligence, LLM, malicious, monitoring, openai, privacy, regulation, risk, service, strategy, technology, threat, tool, training, update, vulnerabilityAn AI acceptable use policy can help your organization mitigate the risk of employees accidentally exposing sensitive data to public AI tools. Benchmark your organization’s policy against our best practices and discover how prompt-level visibility from Tenable AI Exposure eases policy enforcement. Key takeaways: An AI acceptable use policy governs the appropriate use of generative…
-
AI Visibility: The Key to Responsible Governance – Kovrr
Articles related to cyber risk quantification, cyber risk management, and cyber resilience. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/ai-visibility-the-key-to-responsible-governance-kovrr/
-
Exclusive: OpenAI’s Atlas browser, and others, can be tricked by manipulated web content
Researchers poke holes in OpenAI’s new browser as standards bodies fear U.S. businesses are “sleepwalking” into an AI governance crisis. First seen on cyberscoop.com Jump to article: cyberscoop.com/openai-atlas-splx-research-cloaking-attacks-browser-agents/
-
How evolving regulations are redefining CISO responsibility
Tags: attack, awareness, breach, ciso, communications, compliance, credentials, cyber, cyberattack, cybersecurity, data, data-breach, governance, identity, incident response, intelligence, iot, nis-2, phone, regulation, resilience, risk, risk-management, sbom, service, software, threat, tool, vulnerabilityIncreasing attacks on IoT and OT device vulnerabilities Cyberattacks are increasingly driven by software vulnerabilities embedded in OT and IoT devices. The 2025 Verizon Data Breach Investigations Report noted that 20% of breaches were vulnerability-based, which is a close second to credential abuse, accounting for 22% of breaches. Year over year, breaches resulting from software…
-
A Major Leap Forward: FireTail Unveils New UI and Expansive AI Model Support to Secure Enable Enterprise AI Adoption FireTail Blog
Tags: access, ai, api, cloud, compliance, control, data, governance, incident response, intelligence, open-source, risk, service, tool, updateOct 28, 2025 – Alan Fagan – In the world of artificial intelligence, speed is the new security challenge. AI adoption is accelerating at an unprecedented rate, bringing transformative capabilities, and new risks, to the enterprise. As organizations race to leverage complex models from various providers, securing these fast-moving, multi-cloud environments is paramount.Today, we are…
-
A Major Leap Forward: FireTail Unveils New UI and Expansive AI Model Support to Secure Enable Enterprise AI Adoption FireTail Blog
Tags: access, ai, api, cloud, compliance, control, data, governance, incident response, intelligence, open-source, risk, service, tool, updateOct 28, 2025 – Alan Fagan – In the world of artificial intelligence, speed is the new security challenge. AI adoption is accelerating at an unprecedented rate, bringing transformative capabilities, and new risks, to the enterprise. As organizations race to leverage complex models from various providers, securing these fast-moving, multi-cloud environments is paramount.Today, we are…
-
Cybersicherheit ist größte Herausforderung für die Finanzbranche
Cyberangriffe stellen viele Banken und Versicherungen vor große Probleme.Systemkritische Branchen wie die Finanzindustrie geraten immer häufiger ins Visier von Cyberkriminellen. Die Anzahl der Cyberangriffe hat sich in diesem Bereich im Vergleich zum Jahr 2021 versechsfacht. Das geht aus einer aktuellen Umfrage des Beratungs- und Softwarehauses PPI hervor, für die hierzulande 50 Banken und 53 Versicherungen…
-
Unterstützung für Dobrindts Pläne zu aktiver Cyberabwehr
Bundesinnenminister Alexander Dobrindt (CSU) will im kommenden Jahr eine Gesetzesänderung zur Cyberabwehr vorstellen.Bundesinnenminister Alexander Dobrindt (CSU) stößt mit Plänen für eine aktive Cyberabwehr auf Zustimmung. Dabei geht es um Attacken auf die Urheber von Cyberangriffen gegen Deutschland, wenn deren Server im Ausland stehen. Grünen-Fraktionsvize Konstantin von Notz sagte dem Handelsblatt, man stehe dem Vorhaben offen gegenüber,…
-
Do CISOs need to rethink service provider risk?
Tags: access, ai, breach, ciso, compliance, control, corporate, cyber, cybersecurity, data, framework, governance, group, guide, incident, incident response, ISO-27001, penetration-testing, risk, risk-assessment, risk-management, service, soc, technology, threat, tool, training, update, vulnerabilityShould risk assessment be about questionnaires or conversation?: David Stockdale, director of cybersecurity at the University of Queensland (UQ), needs services providers to understand the make-up and complexity of a higher education institution.”Because of the size and research intensity of the university, we tend to build a lot in-house. Where we do use service providers,…
-
Unterstützung für Dobrindts Pläne zu aktiver Cyberabwehr
Bundesinnenminister Alexander Dobrindt (CSU) will im kommenden Jahr eine Gesetzesänderung zur Cyberabwehr vorstellen.Bundesinnenminister Alexander Dobrindt (CSU) stößt mit Plänen für eine aktive Cyberabwehr auf Zustimmung. Dabei geht es um Attacken auf die Urheber von Cyberangriffen gegen Deutschland, wenn deren Server im Ausland stehen. Grünen-Fraktionsvize Konstantin von Notz sagte dem Handelsblatt, man stehe dem Vorhaben offen gegenüber,…
-
Do CISOs need to rethink service provider risk?
Tags: access, ai, breach, ciso, compliance, control, corporate, cyber, cybersecurity, data, framework, governance, group, guide, incident, incident response, ISO-27001, penetration-testing, risk, risk-assessment, risk-management, service, soc, technology, threat, tool, training, update, vulnerabilityShould risk assessment be about questionnaires or conversation?: David Stockdale, director of cybersecurity at the University of Queensland (UQ), needs services providers to understand the make-up and complexity of a higher education institution.”Because of the size and research intensity of the university, we tend to build a lot in-house. Where we do use service providers,…
-
Welche Herausforderungen sollten gelöst werden, bevor man KI-Agenten im Unternehmen einführt?
Agentic AI, die nächste Evolutionsstufe der künstlichen Intelligenz, verspricht eine intelligente Automatisierung von Prozessen, indem sie selbstständig plant, entscheidet und handelt. Diese Vielseitigkeit und Selbstständigkeit bringen jedoch auch Herausforderungen mit sich, die Unternehmen vor der Einführung bewältigen müssen. Eine klare Definition von Governance, Rollen und Verantwortlichkeiten ist entscheidend, um unkontrollierte Autonomien zu vermeiden. Sicherheitsrisiken… First…
-
Welche Herausforderungen sollten gelöst werden, bevor man KI-Agenten im Unternehmen einführt?
Agentic AI, die nächste Evolutionsstufe der künstlichen Intelligenz, verspricht eine intelligente Automatisierung von Prozessen, indem sie selbstständig plant, entscheidet und handelt. Diese Vielseitigkeit und Selbstständigkeit bringen jedoch auch Herausforderungen mit sich, die Unternehmen vor der Einführung bewältigen müssen. Eine klare Definition von Governance, Rollen und Verantwortlichkeiten ist entscheidend, um unkontrollierte Autonomien zu vermeiden. Sicherheitsrisiken… First…
-
Introducing audit logs in SonarQube Cloud: Enhancing compliance and security
Introducing the initial release of audit logs for SonarQube Cloud, a new feature designed to provide enhanced governance and support for our Enterprise plan customers. This initial, API-driven release focuses on core authentication and administrative IAM events to help you meet compliance requirements. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/introducing-audit-logs-in-sonarqube-cloud-enhancing-compliance-and-security/
-
How to Take Vulnerability Management to the Next Level and Supercharge Your Career
Tags: access, ai, attack, authentication, awareness, business, ciso, cloud, compliance, cve, cvss, cybersecurity, data, exploit, flaw, framework, governance, identity, metric, mfa, risk, skills, strategy, technology, tool, update, vulnerability, vulnerability-managementAt Tenable, we believe the next generation of great CISOs and security leaders will arise from those vulnerability management professionals who are driving the shift to exposure management today. Key takeaways: Vulnerability management is crucial for the evolution toward a more strategic, business-aligned approach to cybersecurity, that’s why these professionals are best positioned to lead…
-
The 10 biggest issues CISOs and cyber teams face today
Tags: ai, attack, awareness, breach, business, ceo, ciso, computing, crime, cyber, cyberattack, cybersecurity, data, deep-fake, defense, email, encryption, exploit, finance, fraud, governance, group, hacker, international, mitigation, organized, phishing, ransom, risk, scam, service, strategy, supply-chain, technology, threat, tool, training, usa, vulnerability2. Escalating, and accelerating, AI-enabled attacks: A 2025 survey from Boston Consulting Group found that 80% of CISOs worldwide cited AI-powered cyberattacks as their top concern, a 19-point increase from the previous year. A 2025 survey from Darktrace, a security technology firm, found that 78% of CISOs reported a significant impact from AI-driven threats, up…
-
Welche Herausforderungen und Probleme sollten gelöst werden, bevor man KI-Agenten im Unternehmen einführt?
Agentic AI, die nächste Evolutionsstufe der künstlichen Intelligenz, verspricht eine intelligente Automatisierung von Prozessen, indem sie selbstständig plant, entscheidet und handelt. Diese Vielseitigkeit und Selbstständigkeit bringen jedoch auch Herausforderungen mit sich, die Unternehmen vor der Einführung bewältigen müssen. Eine klare Definition von Governance, Rollen und Verantwortlichkeiten ist entscheidend, um unkontrollierte Autonomien zu vermeiden. Sicherheitsrisiken… First…
-
Keine Hackbacks: Bundesregierung plant neue Befugnisse zur Cyberabwehr
Tags: governanceInnenminister Dobrindt will erweiterte Befugnisse für die Cyberabwehr: Künftig sollen Bundesbehörden ausländische Server hacken dürfen. First seen on golem.de Jump to article: www.golem.de/news/keine-hackbacks-bundesregierung-plant-neue-befugnisse-zur-cyberabwehr-2510-201538.html
-
Cybersecurity Snapshot: Top Advice for Detecting and Preventing AI Attacks, and for Securing AI Systems
Tags: access, ai, attack, authentication, awareness, best-practice, breach, business, chatgpt, china, ciso, cloud, computing, container, control, credentials, crime, cve, cyber, cyberattack, cybersecurity, data, defense, detection, email, exploit, extortion, finance, flaw, framework, fraud, google, governance, government, group, guide, hacker, hacking, healthcare, iam, identity, incident response, intelligence, LLM, malicious, malware, mitigation, monitoring, network, open-source, openai, organized, phishing, ransom, risk, risk-management, russia, sans, scam, service, skills, soc, strategy, supply-chain, technology, theft, threat, tool, training, vulnerability, zero-trustAs organizations eagerly adopt AI, cybersecurity teams are racing to protect these new systems. In this special edition of the Cybersecurity Snapshot, we round up some of the best recent guidance on how to fend off AI attacks, and on how to safeguard your AI systems. Key takeaways Developers are getting new playbooks from groups…
-
Financial services tech leaders tackle agentic AI governance
Operating in a risk-averse industry, IT decision-makers are helping their businesses adapt to emerging threats without derailing momentum. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/agentic-ai-governance-risk-mitigation-financial-services-banks/803749/
-
Financial services tech leaders tackle agentic AI governance
Operating in a risk-averse industry, IT decision-makers are helping their businesses adapt to emerging threats without derailing momentum. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/agentic-ai-governance-risk-mitigation-financial-services-banks/803749/
-
Blog: From Review to Rollout: Effective Strategies for Updating Policies and Procedures
Key Takeaways Strong governance depends on current, coherent, and well-implemented policies. They define how decisions are made, risks are managed, and accountability is enforced. Yet, policy management remains one of the least mature governance functions. Modern governance calls for a continuous, system-level approach to policy management that mirrors the way organizations manage other critical processes:……
-
This free IGA tool boosts your identity security
Here are five ways tenfold’s free IGA solution helps you streamline identity governance and access control. First seen on theregister.com Jump to article: www.theregister.com/2025/10/22/this_free_iga_tool/
-
Cyberangriff auf Jaguar ist teuerster in britischer Geschichte
Der Hackerangriff auf den Autobauer Jaguar Land Rover hat die britische Regierung viel Geld gekostet.Der Cyberangriff auf den britischen Autobauer Jaguar Land Rover war nach Einschätzung von Experten der wirtschaftlich schädlichste in der Geschichte des Landes. Die Einbußen durch den wochenlangen erzwungenen Produktionsstopp belaufen sich demnach auf geschätzte 1,9 Milliarden Pfund (knapp 2,2 Milliarden Euro). Die…
-
Cyberangriff auf Jaguar ist teuerster in britischer Geschichte
Der Hackerangriff auf den Autobauer Jaguar Land Rover hat die britische Regierung viel Geld gekostet.Der Cyberangriff auf den britischen Autobauer Jaguar Land Rover war nach Einschätzung von Experten der wirtschaftlich schädlichste in der Geschichte des Landes. Die Einbußen durch den wochenlangen erzwungenen Produktionsstopp belaufen sich demnach auf geschätzte 1,9 Milliarden Pfund (knapp 2,2 Milliarden Euro). Die…
-
Veeam to Buy Securiti AI for $1.7B to Unify Data Protection
Proposed Acquisition Would Create Unified View of AI-Ready Data Environments. Veeam’s proposed acquisition of Securiti AI for $1.725 billion addresses a long-standing disconnect between where data runs and where it’s protected. The move enhances AI governance and posture management while supporting Veeam’s vision for end-to-end data control. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/veeam-to-buy-securiti-ai-for-17b-to-unify-data-protection-a-29774
-
Veeam to Buy Securiti AI for $1.7B to Unify Data Protection
Proposed Acquisition Would Create Unified View of AI-Ready Data Environments. Veeam’s proposed acquisition of Securiti AI for $1.725 billion addresses a long-standing disconnect between where data runs and where it’s protected. The move enhances AI governance and posture management while supporting Veeam’s vision for end-to-end data control. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/veeam-to-buy-securiti-ai-for-17b-to-unify-data-protection-a-29774
-
Veeam Buys Securiti AI for $1.725B to Unify Data Protection
Proposed Acquisition Would Create Unified View of AI-Ready Data Environments. Veeam’s proposed acquisition of Securiti AI for $1.725 billion addresses a long-standing disconnect between where data runs and where it’s protected. The move enhances AI governance and posture management while supporting Veeam’s vision for end-to-end data control. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/veeam-buys-securiti-ai-for-1725b-to-unify-data-protection-a-29774