Tag: governance
-
Funktionen zum sicheren Auswählen, Verwalten und Skalieren von vertrauenswürdigen KI-Agenten
In dieser Phase der GenAI-Entwicklung entsteht der Wettbewerbsvorteil nicht mehr durch die gemieteten Modelle, sondern durch die Daten, die ein Unternehmen besitzt. Dennoch haben die meisten Unternehmen Schwierigkeiten, diese Daten in produktionsreife Agenten umzusetzen, da ihnen die Qualität, Governance und Flexibilität für eine Skalierung fehlen. Agent-Bricks von Databricks ermöglicht Daten- und KI-Teams aus Unternehmensdaten die…
-
Why CISOs Need to Own AI Enterprise Risk
Vigilance Cyber Security’s Moriah Hara on AI Automation and Responsible AI. Mohira Hara, CISO and AI security, risk and governance consultant at Vigilance Cyber Security, says AI is reshaping financial services by accelerating anti-money laundering efforts, automating SOC functions and driving stronger governance frameworks that make CISOs central to managing AI risk. First seen on…
-
Gaps in AI Governance Put SMBs at Greater Cyber Risk
ISMG Sean D. Mack on Building Smarter Cyber Defenses for AI-Driven Attacks. SMBs are adopting artificial intelligence fast, but without governance or safeguards, they risk data leaks, shadow AI and third-party exposure, said Sean D. Mack of ISMG’s CXO Advisor practice. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/gaps-in-ai-governance-put-smbs-at-greater-cyber-risk-a-29982
-
AI startups leak sensitive credentials on GitHub, exposing models and training data
Tags: ai, api, attack, compliance, credentials, cybersecurity, data, data-breach, framework, github, governance, leak, startup, trainingCompliance and governance: The Wiz findings highlight how exposed API keys can escalate into full-scale compromises across AI ecosystems, according to Sakshi Grover, senior research manager for IDC Asia Pacific Cybersecurity Services. “Stolen credentials can be used to manipulate model behavior or extract training data, undermining trust in deployed systems.”Grover noted that such exposures are…
-
Öffentliche Verwaltung im Visier von Cyberspionen
Tags: access, alphv, bsi, cyberattack, cybercrime, encryption, germany, governance, government, infrastructure, lockbit, microsoft, open-source, phishing, qr, service, vulnerabilityLaut BSI haben es Cyberspione aktuell besonders auf die öffentliche Verwaltung abgesehen.Cyberspione haben es in Deutschland derzeit besonders auf die öffentliche Verwaltung abgesehen. Das geht aus dem aktuellen Lagebericht des Bundesamtes für Sicherheit in der Informationstechnik (BSI) hervor. Eine nennenswerte Anzahl von Geschädigten gab es demnach auch in den Sektoren Verteidigung, Rechtspflege, öffentliche Sicherheit und…
-
Maßnahmen zur Gewährleistung der IT”‘Sicherheit in Kommunen
Der öffentliche Sektor muss Governance, Personal, Technik, Prozesse und Partnerschaften systematisch verbessern, kombiniert mit Sensibilisierung, Monitoring und klarer Verantwortung, um Angriffe zu verhindern, Schäden zu begrenzen und digitale Dienste resilient bereitzustellen. Strategische Governance und Verantwortlichkeiten Zentrale Steuerung für IT”‘Sicherheit etablieren (z. B. IT”‘Sicherheitsbeauftragte, Governance”‘Gremien) zur Koordination zwischen Verwaltung, IT und Recht…. First seen on ap-verlag.de…
-
Maßnahmen zur Gewährleistung der IT”‘Sicherheit in Kommunen
Der öffentliche Sektor muss Governance, Personal, Technik, Prozesse und Partnerschaften systematisch verbessern, kombiniert mit Sensibilisierung, Monitoring und klarer Verantwortung, um Angriffe zu verhindern, Schäden zu begrenzen und digitale Dienste resilient bereitzustellen. Strategische Governance und Verantwortlichkeiten Zentrale Steuerung für IT”‘Sicherheit etablieren (z. B. IT”‘Sicherheitsbeauftragte, Governance”‘Gremien) zur Koordination zwischen Verwaltung, IT und Recht…. First seen on ap-verlag.de…
-
Verantwortungsvoller KI-Einsatz: Code of Conduct Demokratische KI; Governance und Abwägung gefordert
Man darf die Diskussion zu KI nicht Big Tech überlassen, das ist der Ansatz, der die Zivilgesellschaft bewogen hat, ein Zeichen zu setzen. Mehr als 75 Organisationen aus der deutschen Zivilgesellschaft haben den von D64 Zentrum für Digitalen Fortschritt … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/11/verantwortungsvoller-ki-einsatz-code-of-conduct-demokratische-ki-governance-und-abwaegung-gefordert/
-
From Compliance Boxes to Fraud Prevention: GRC Reimagined
Gong’s Tamara Lauterbach on Why Framework Maturity Matters More Than Certification. Frameworks are no longer just about checking compliance boxes; they’re becoming critical tools for governance, resilience and fraud prevention. Tamara Lauterbach, senior GRC specialist at Gong, explains how culture, automation and human insight can enhance framework effectiveness. First seen on govinfosecurity.com Jump to article:…
-
European Commission moves to loosen GDPR for AI and cookie tracking
AI training gets green light: The proposal directly addressed one of the most contentious issues in EU privacy law: whether companies can train AI systems using personal data.The draft stated that AI training, testing, and validation may be conducted under the GDPR’s “legitimate interest” basis, as long as companies implement safeguards such as data minimization,…
-
European Commission moves to loosen GDPR for AI and cookie tracking
AI training gets green light: The proposal directly addressed one of the most contentious issues in EU privacy law: whether companies can train AI systems using personal data.The draft stated that AI training, testing, and validation may be conducted under the GDPR’s “legitimate interest” basis, as long as companies implement safeguards such as data minimization,…
-
European Commission moves to loosen GDPR for AI and cookie tracking
AI training gets green light: The proposal directly addressed one of the most contentious issues in EU privacy law: whether companies can train AI systems using personal data.The draft stated that AI training, testing, and validation may be conducted under the GDPR’s “legitimate interest” basis, as long as companies implement safeguards such as data minimization,…
-
European Commission moves to loosen GDPR for AI and cookie tracking
AI training gets green light: The proposal directly addressed one of the most contentious issues in EU privacy law: whether companies can train AI systems using personal data.The draft stated that AI training, testing, and validation may be conducted under the GDPR’s “legitimate interest” basis, as long as companies implement safeguards such as data minimization,…
-
Warum beim Einsatz von KI-Agenten eine durchdachte Governance unerlässlich ist
In einem Wettbewerbsumfeld, in dem technologische Führung oft über Erfolg oder Rückstand entscheidet, kann eine robuste Governance den entscheidenden Unterschied machen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/warum-beim-einsatz-von-ki-agenten-eine-durchdachte-governance-unerlaesslich-ist/a42654/
-
Einsatz von KI-Agenten: Lückenlose Governance für Unternehmen mittlerweile unerlässlich
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/einsatz-ki-agenten-lueckenlos-governance-unternehmen-unerlaesslich
-
AI Security Agents Get Persona Makeovers
New synthetic security staffers promise to bring artificial intelligence comfortably into the security operations center, but they will require governance to protect security. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/ai-security-agents-get-personas-make-them-more-appealing
-
AI Security Agents Get Personas to Make Them More Appealing
New synthetic security staffers promise to bring artificial intelligence comfortably into the security operations center, but they will require governance to protect security. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/ai-security-agents-get-personas-make-them-more-appealing
-
Why can’t enterprises get a handle on the cloud misconfiguration problem?
Tags: access, ai, authentication, awareness, breach, business, cloud, communications, computing, control, cybersecurity, data, data-breach, encryption, governance, hacker, infrastructure, least-privilege, mfa, monitoring, network, risk, saas, service, technology, tool, training, usa, zero-trustStop. Reassess. Reconfigure: Last year, according to Ayan Roy, EY Americas cybersecurity competency leader, the highest number of breaches were caused by shared cloud repositories. “That’s where we saw the maximum amount of data exfiltration,” he says. “A lot was from shared cloud stores and SaaS applications.” That’s despite the fact that the clients have…
-
Why can’t enterprises get a handle on the cloud misconfiguration problem?
Tags: access, ai, authentication, awareness, breach, business, cloud, communications, computing, control, cybersecurity, data, data-breach, encryption, governance, hacker, infrastructure, least-privilege, mfa, monitoring, network, risk, saas, service, technology, tool, training, usa, zero-trustStop. Reassess. Reconfigure: Last year, according to Ayan Roy, EY Americas cybersecurity competency leader, the highest number of breaches were caused by shared cloud repositories. “That’s where we saw the maximum amount of data exfiltration,” he says. “A lot was from shared cloud stores and SaaS applications.” That’s despite the fact that the clients have…
-
Why can’t enterprises get a handle on the cloud misconfiguration problem?
Tags: access, ai, authentication, awareness, breach, business, cloud, communications, computing, control, cybersecurity, data, data-breach, encryption, governance, hacker, infrastructure, least-privilege, mfa, monitoring, network, risk, saas, service, technology, tool, training, usa, zero-trustStop. Reassess. Reconfigure: Last year, according to Ayan Roy, EY Americas cybersecurity competency leader, the highest number of breaches were caused by shared cloud repositories. “That’s where we saw the maximum amount of data exfiltration,” he says. “A lot was from shared cloud stores and SaaS applications.” That’s despite the fact that the clients have…
-
Why can’t enterprises get a handle on the cloud misconfiguration problem?
Tags: access, ai, authentication, awareness, breach, business, cloud, communications, computing, control, cybersecurity, data, data-breach, encryption, governance, hacker, infrastructure, least-privilege, mfa, monitoring, network, risk, saas, service, technology, tool, training, usa, zero-trustStop. Reassess. Reconfigure: Last year, according to Ayan Roy, EY Americas cybersecurity competency leader, the highest number of breaches were caused by shared cloud repositories. “That’s where we saw the maximum amount of data exfiltration,” he says. “A lot was from shared cloud stores and SaaS applications.” That’s despite the fact that the clients have…
-
Digital health can’t scale if cybersecurity falls behind
Tags: access, ai, attack, breach, cloud, compliance, control, cyber, cyberattack, cybersecurity, data, detection, encryption, endpoint, exploit, framework, GDPR, governance, government, healthcare, HIPAA, identity, infection, intelligence, malicious, network, nist, phishing, privacy, ransomware, regulation, resilience, risk, risk-management, strategy, technology, threat, training, virus, vulnerability, zero-trustThe unique vulnerabilities of AI systems: Traditional security frameworks are not enough for AI. Attacks on algorithms take subtler forms. I often explain to my clients that when you corrupt data, you corrupt intelligence. Data poisoning occurs when malicious data is inserted into the training process, teaching the AI to make wrong decisions later. Imagine…
-
Digital health can’t scale if cybersecurity falls behind
Tags: access, ai, attack, breach, cloud, compliance, control, cyber, cyberattack, cybersecurity, data, detection, encryption, endpoint, exploit, framework, GDPR, governance, government, healthcare, HIPAA, identity, infection, intelligence, malicious, network, nist, phishing, privacy, ransomware, regulation, resilience, risk, risk-management, strategy, technology, threat, training, virus, vulnerability, zero-trustThe unique vulnerabilities of AI systems: Traditional security frameworks are not enough for AI. Attacks on algorithms take subtler forms. I often explain to my clients that when you corrupt data, you corrupt intelligence. Data poisoning occurs when malicious data is inserted into the training process, teaching the AI to make wrong decisions later. Imagine…
-
Digital health can’t scale if cybersecurity falls behind
Tags: access, ai, attack, breach, cloud, compliance, control, cyber, cyberattack, cybersecurity, data, detection, encryption, endpoint, exploit, framework, GDPR, governance, government, healthcare, HIPAA, identity, infection, intelligence, malicious, network, nist, phishing, privacy, ransomware, regulation, resilience, risk, risk-management, strategy, technology, threat, training, virus, vulnerability, zero-trustThe unique vulnerabilities of AI systems: Traditional security frameworks are not enough for AI. Attacks on algorithms take subtler forms. I often explain to my clients that when you corrupt data, you corrupt intelligence. Data poisoning occurs when malicious data is inserted into the training process, teaching the AI to make wrong decisions later. Imagine…