Tag: governance
-
Cybersecurity management for boards: Metrics that matter
Tags: ai, attack, automation, breach, business, cloud, compliance, control, cyber, cybersecurity, data-breach, deep-fake, detection, dora, finance, firewall, governance, insurance, jobs, metric, mitigation, nis-2, nist, phishing, ransomware, regulation, resilience, risk, scam, soc, threat, trainingWhy does this matter? Resilience aligns with your actual business goals: continuity, trust and long-term value. It reflects your appetite for risk and your ability to adapt. And with regulations like DORA and NIS2 pushing accountability higher up the ladder, your board is on the hook. Financial impact and continuity metrics: You can’t fight cyber…
-
Grüne fordern schnellstmögliche Sicherheitsoffensive
Die Grünen fordern mehr Engagement bei der Abwehr von Sabotage, Spionage und Cyberangriffen.Bei der Abwehr von Sabotage, Spionage und Cyberangriffen kommt die Bundesregierung aus Sicht der Grünen-Fraktion nicht schnell genug voran. Immerhin hätten Bundeskanzler Friedrich Merz (CDU) und Innenminister Alexander Dobrindt (CSU) inzwischen Fortschritte bei der Problembeschreibung gemacht, stellen Fraktionsvize Konstantin von Notz und die…
-
Sicherheitsvorfälle an Flughäfen (August Oktober 2025)
Ein türkische Hackergruppe, die pro-al-Qaida-orientiert und von der türkischen Regierung geduldet wird, hat Passagiersysteme in Nordamerika gehackt. Auf den Zulieferer Colins Aerospace des Flughafens von Dublin gab es einen Cyberangriff, bei dem Daten von Millionen Passagieren abgeflossen sein dürften (hatte … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/10/30/sicherheitsvorfaelle-an-flughaefen-august-oktober-2025/
-
How the City of Toronto embeds security across governance and operations
In this Help Net Security interview, Andree Noel, Deputy CISO at City of Toronto, discusses how the municipality strengthens its cyber defense by embedding security into … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/30/andree-noel-city-of-toronto-municipal-cyber-defense/
-
US-Regierung will Anonymität der Volkszählung aufheben
US-Regierung will Anonymität der Volkszählung aufheben. So könnte man dem gigantischen Datensatz auch die Namen der US-Bürger entnehmen. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/netzpolitik/us-regierung-will-anonymitaet-der-volkszaehlung-aufheben-322320.html
-
AI adoption outpaces corporate governance, security controls
Security and business leaders warn that companies are accelerating their use of agentic AI beyond the ability to maintain proper guardrails.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ai-corporate-governance-security-controls/804087/
-
AI risks pack a punch, but governance provides a buffer
Enterprises strengthen governance and focus on responsible practices as more than 3 in 5 suffer AI risk-related losses of more than $1 million, EY data shows.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/AI-risks-responsible-safeguards-guardrails-EY-data/804102/
-
AI risks pack a punch, but governance provides a buffer
Enterprises strengthen governance and focus on responsible practices as more than 3 in 5 suffer AI risk-related losses of more than $1 million, EY data shows.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/AI-risks-responsible-safeguards-guardrails-EY-data/804102/
-
Anti-DEI-Klausel: Python lehnt 1,5 Mio. Dollar der Trump-Regierung ab
Python hat einen Förderbetrag von über 1,5 Millionen USD abgelehnt. Grund war die Bedingung, Programme zur Gleichberechtigung zu streichen. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/netzpolitik/anti-dei-klausel-python-lehnt-15-mio-dollar-der-trump-regierung-ab-322297.html
-
Anti-DEI-Klausel: Python lehnt 1,5 Mio. Dollar der Trump-Regierung ab
Python hat einen Förderbetrag von über 1,5 Millionen USD abgelehnt. Grund war die Bedingung, Programme zur Gleichberechtigung zu streichen. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/netzpolitik/anti-dei-klausel-python-lehnt-15-mio-dollar-der-trump-regierung-ab-322297.html
-
Survey Surfaces Greater Appreciation for AI Risks
A new Vanta survey of 3,500 IT and business leaders reveals that 72% believe cybersecurity risks have never been higher due to AI. While 79% are using or planning to use AI agents to defend against threats, many admit their understanding lags behind adoption”, highlighting the urgent need for stronger governance, risk, and compliance (GRC)…
-
Survey Surfaces Greater Appreciation for AI Risks
A new Vanta survey of 3,500 IT and business leaders reveals that 72% believe cybersecurity risks have never been higher due to AI. While 79% are using or planning to use AI agents to defend against threats, many admit their understanding lags behind adoption”, highlighting the urgent need for stronger governance, risk, and compliance (GRC)…
-
Discover Practical AI Tactics for GRC, Join the Free Expert Webinar
Artificial Intelligence (AI) is rapidly transforming Governance, Risk, and Compliance (GRC). It’s no longer a future concept”, it’s here, and it’s already reshaping how teams operate.AI’s capabilities are profound: it’s speeding up audits, flagging critical risks faster, and drastically cutting down on time-consuming manual work. This leads to greater efficiency, higher accuracy, and a more…
-
BSI Warns of Looming AI Governance Crisis
The British Standards Institution claims business leaders aren’t focused enough on managing AI risk First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/bsi-warns-of-looming-ai-governance/
-
BSI Warns of Looming AI Governance Crisis
The British Standards Institution claims business leaders aren’t focused enough on managing AI risk First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/bsi-warns-of-looming-ai-governance/
-
OpenAI Restructures, Nonprofit Foundation Retains Control
Nonprofit Foundation Holds Equity, Oversight Around $130B For-Profit Corporation. The nonprofit OpenAI Foundation now controls a $130 billion for-profit arm after a recapitalization process approved by attorneys general in California and Delaware. The nonprofit retains governance authority and will fund global health and AI risk mitigation programs, backed by regulatory approval. First seen on govinfosecurity.com…
-
Security for AI: A Practical Guide to Enforcing Your AI Acceptable Use Policy
Tags: access, ai, awareness, best-practice, business, chatgpt, compliance, control, corporate, data, data-breach, disinformation, finance, governance, government, guide, intelligence, LLM, malicious, monitoring, openai, privacy, regulation, risk, service, strategy, technology, threat, tool, training, update, vulnerabilityAn AI acceptable use policy can help your organization mitigate the risk of employees accidentally exposing sensitive data to public AI tools. Benchmark your organization’s policy against our best practices and discover how prompt-level visibility from Tenable AI Exposure eases policy enforcement. Key takeaways: An AI acceptable use policy governs the appropriate use of generative…
-
AI Visibility: The Key to Responsible Governance – Kovrr
Articles related to cyber risk quantification, cyber risk management, and cyber resilience. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/ai-visibility-the-key-to-responsible-governance-kovrr/
-
Exclusive: OpenAI’s Atlas browser, and others, can be tricked by manipulated web content
Researchers poke holes in OpenAI’s new browser as standards bodies fear U.S. businesses are “sleepwalking” into an AI governance crisis. First seen on cyberscoop.com Jump to article: cyberscoop.com/openai-atlas-splx-research-cloaking-attacks-browser-agents/
-
How evolving regulations are redefining CISO responsibility
Tags: attack, awareness, breach, ciso, communications, compliance, credentials, cyber, cyberattack, cybersecurity, data, data-breach, governance, identity, incident response, intelligence, iot, nis-2, phone, regulation, resilience, risk, risk-management, sbom, service, software, threat, tool, vulnerabilityIncreasing attacks on IoT and OT device vulnerabilities Cyberattacks are increasingly driven by software vulnerabilities embedded in OT and IoT devices. The 2025 Verizon Data Breach Investigations Report noted that 20% of breaches were vulnerability-based, which is a close second to credential abuse, accounting for 22% of breaches. Year over year, breaches resulting from software…
-
A Major Leap Forward: FireTail Unveils New UI and Expansive AI Model Support to Secure Enable Enterprise AI Adoption FireTail Blog
Tags: access, ai, api, cloud, compliance, control, data, governance, incident response, intelligence, open-source, risk, service, tool, updateOct 28, 2025 – Alan Fagan – In the world of artificial intelligence, speed is the new security challenge. AI adoption is accelerating at an unprecedented rate, bringing transformative capabilities, and new risks, to the enterprise. As organizations race to leverage complex models from various providers, securing these fast-moving, multi-cloud environments is paramount.Today, we are…
-
A Major Leap Forward: FireTail Unveils New UI and Expansive AI Model Support to Secure Enable Enterprise AI Adoption FireTail Blog
Tags: access, ai, api, cloud, compliance, control, data, governance, incident response, intelligence, open-source, risk, service, tool, updateOct 28, 2025 – Alan Fagan – In the world of artificial intelligence, speed is the new security challenge. AI adoption is accelerating at an unprecedented rate, bringing transformative capabilities, and new risks, to the enterprise. As organizations race to leverage complex models from various providers, securing these fast-moving, multi-cloud environments is paramount.Today, we are…
-
Cybersicherheit ist größte Herausforderung für die Finanzbranche
Cyberangriffe stellen viele Banken und Versicherungen vor große Probleme.Systemkritische Branchen wie die Finanzindustrie geraten immer häufiger ins Visier von Cyberkriminellen. Die Anzahl der Cyberangriffe hat sich in diesem Bereich im Vergleich zum Jahr 2021 versechsfacht. Das geht aus einer aktuellen Umfrage des Beratungs- und Softwarehauses PPI hervor, für die hierzulande 50 Banken und 53 Versicherungen…
-
Do CISOs need to rethink service provider risk?
Tags: access, ai, breach, ciso, compliance, control, corporate, cyber, cybersecurity, data, framework, governance, group, guide, incident, incident response, ISO-27001, penetration-testing, risk, risk-assessment, risk-management, service, soc, technology, threat, tool, training, update, vulnerabilityShould risk assessment be about questionnaires or conversation?: David Stockdale, director of cybersecurity at the University of Queensland (UQ), needs services providers to understand the make-up and complexity of a higher education institution.”Because of the size and research intensity of the university, we tend to build a lot in-house. Where we do use service providers,…
-
Unterstützung für Dobrindts Pläne zu aktiver Cyberabwehr
Bundesinnenminister Alexander Dobrindt (CSU) will im kommenden Jahr eine Gesetzesänderung zur Cyberabwehr vorstellen.Bundesinnenminister Alexander Dobrindt (CSU) stößt mit Plänen für eine aktive Cyberabwehr auf Zustimmung. Dabei geht es um Attacken auf die Urheber von Cyberangriffen gegen Deutschland, wenn deren Server im Ausland stehen. Grünen-Fraktionsvize Konstantin von Notz sagte dem Handelsblatt, man stehe dem Vorhaben offen gegenüber,…
-
Do CISOs need to rethink service provider risk?
Tags: access, ai, breach, ciso, compliance, control, corporate, cyber, cybersecurity, data, framework, governance, group, guide, incident, incident response, ISO-27001, penetration-testing, risk, risk-assessment, risk-management, service, soc, technology, threat, tool, training, update, vulnerabilityShould risk assessment be about questionnaires or conversation?: David Stockdale, director of cybersecurity at the University of Queensland (UQ), needs services providers to understand the make-up and complexity of a higher education institution.”Because of the size and research intensity of the university, we tend to build a lot in-house. Where we do use service providers,…
-
Unterstützung für Dobrindts Pläne zu aktiver Cyberabwehr
Bundesinnenminister Alexander Dobrindt (CSU) will im kommenden Jahr eine Gesetzesänderung zur Cyberabwehr vorstellen.Bundesinnenminister Alexander Dobrindt (CSU) stößt mit Plänen für eine aktive Cyberabwehr auf Zustimmung. Dabei geht es um Attacken auf die Urheber von Cyberangriffen gegen Deutschland, wenn deren Server im Ausland stehen. Grünen-Fraktionsvize Konstantin von Notz sagte dem Handelsblatt, man stehe dem Vorhaben offen gegenüber,…
-
Welche Herausforderungen sollten gelöst werden, bevor man KI-Agenten im Unternehmen einführt?
Agentic AI, die nächste Evolutionsstufe der künstlichen Intelligenz, verspricht eine intelligente Automatisierung von Prozessen, indem sie selbstständig plant, entscheidet und handelt. Diese Vielseitigkeit und Selbstständigkeit bringen jedoch auch Herausforderungen mit sich, die Unternehmen vor der Einführung bewältigen müssen. Eine klare Definition von Governance, Rollen und Verantwortlichkeiten ist entscheidend, um unkontrollierte Autonomien zu vermeiden. Sicherheitsrisiken… First…
-
Welche Herausforderungen sollten gelöst werden, bevor man KI-Agenten im Unternehmen einführt?
Agentic AI, die nächste Evolutionsstufe der künstlichen Intelligenz, verspricht eine intelligente Automatisierung von Prozessen, indem sie selbstständig plant, entscheidet und handelt. Diese Vielseitigkeit und Selbstständigkeit bringen jedoch auch Herausforderungen mit sich, die Unternehmen vor der Einführung bewältigen müssen. Eine klare Definition von Governance, Rollen und Verantwortlichkeiten ist entscheidend, um unkontrollierte Autonomien zu vermeiden. Sicherheitsrisiken… First…
-
Introducing audit logs in SonarQube Cloud: Enhancing compliance and security
Introducing the initial release of audit logs for SonarQube Cloud, a new feature designed to provide enhanced governance and support for our Enterprise plan customers. This initial, API-driven release focuses on core authentication and administrative IAM events to help you meet compliance requirements. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/introducing-audit-logs-in-sonarqube-cloud-enhancing-compliance-and-security/