Collecting Cyber-News from over 60 sources

Tag: governance

Multimodal AI, A Whole New Social Engineering Playground for Hackers

Oct 10, 2025 2:23 PM

Tags: ai, automation, ciso, cyber, exploit, governance, hacker, incident response, social-engineering, strategy

Multimodal AI delivers context-rich automation but also multiplies cyber risk. Hidden prompts, poisoned pixels, and cross-modal exploits can corrupt entire pipelines. Discover how attackers manipulate multimodal inputs”, and the governance, testing, and incident response strategies CISOs need to stay ahead. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/multimodal-ai-a-whole-new-social-engineering-playground-for-hackers/
Multimodal AI, A Whole New Social Engineering Playground for Hackers

Oct 10, 2025 2:23 PM

Tags: ai, automation, ciso, cyber, exploit, governance, hacker, incident response, social-engineering, strategy

Multimodal AI delivers context-rich automation but also multiplies cyber risk. Hidden prompts, poisoned pixels, and cross-modal exploits can corrupt entire pipelines. Discover how attackers manipulate multimodal inputs”, and the governance, testing, and incident response strategies CISOs need to stay ahead. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/multimodal-ai-a-whole-new-social-engineering-playground-for-hackers/
Multimodal AI, A Whole New Social Engineering Playground for Hackers

Oct 10, 2025 2:23 PM

Tags: ai, automation, ciso, cyber, exploit, governance, hacker, incident response, social-engineering, strategy

Multimodal AI delivers context-rich automation but also multiplies cyber risk. Hidden prompts, poisoned pixels, and cross-modal exploits can corrupt entire pipelines. Discover how attackers manipulate multimodal inputs”, and the governance, testing, and incident response strategies CISOs need to stay ahead. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/multimodal-ai-a-whole-new-social-engineering-playground-for-hackers/
The CIA triad is dead, stop using a Cold War relic to fight 21st century threats

Oct 10, 2025 10:23 AM

Tags: ai, backup, breach, business, ceo, ciso, compliance, csf, cyber, cybersecurity, data, data-breach, deep-fake, firewall, framework, fraud, GDPR, governance, infrastructure, ISO-27001, nist, privacy, ransomware, regulation, resilience, sbom, software, supply-chain, technology, threat, zero-trust

Ransomware is not just an availability problem. Treating ransomware as a simple “availability” failure misses the point. Being “up” or “down” is irrelevant when your systems are locked and business halted. What matters is resilience: the engineered ability to absorb damage, fail gracefully, and restore from immutable backups. Availability is binary; resilience is survival. Without…
Homeland Security’s reassignment of CISA staff leaves US networks exposed

Oct 9, 2025 2:23 PM

Tags: breach, cisa, data-breach, detection, exploit, flaw, governance, group, identity, intelligence, mfa, network, phishing, update

Wake-up call for enterprises: The current situation acts as a wake-up call for enterprises. CISA may not be able to actively engage in issuing alerts and advisories, given its lack of resources.Organizations, therefore, cannot afford to wait for official confirmation on every new vulnerability. Acting on credible intelligence, within clear governance limits, can prevent a…
Homeland Security’s reassignment of CISA staff leaves US networks exposed

Oct 9, 2025 2:23 PM

Tags: breach, cisa, data-breach, detection, exploit, flaw, governance, group, identity, intelligence, mfa, network, phishing, update

Wake-up call for enterprises: The current situation acts as a wake-up call for enterprises. CISA may not be able to actively engage in issuing alerts and advisories, given its lack of resources.Organizations, therefore, cannot afford to wait for official confirmation on every new vulnerability. Acting on credible intelligence, within clear governance limits, can prevent a…
Homeland Security’s reassignment of CISA staff leaves US networks exposed

Oct 9, 2025 2:23 PM

Tags: breach, cisa, data-breach, detection, exploit, flaw, governance, group, identity, intelligence, mfa, network, phishing, update

Wake-up call for enterprises: The current situation acts as a wake-up call for enterprises. CISA may not be able to actively engage in issuing alerts and advisories, given its lack of resources.Organizations, therefore, cannot afford to wait for official confirmation on every new vulnerability. Acting on credible intelligence, within clear governance limits, can prevent a…
Your cyber risk problem isn’t tech, it’s architecture

Oct 9, 2025 1:23 PM

Tags: ai, attack, awareness, best-practice, business, ciso, cloud, compliance, container, control, csf, cyber, cybersecurity, data, data-breach, defense, finance, framework, GDPR, governance, grc, group, intelligence, Internet, ISO-27001, mitre, nist, PCI, phishing, privacy, ransomware, regulation, risk, risk-assessment, risk-management, software, strategy, threat, training, update, vulnerability

If the company already has a mature risk culture: The implementation of a cybersecurity management project becomes more flexible. Since my goal is to share the mechanics to achieve success in a cybersecurity program, I emphasize below some components of this ‘recipe’ to consider: Understand the dynamics and scope of the business, mapping stakeholders, processes…
Your cyber risk problem isn’t tech, it’s architecture

Oct 9, 2025 1:23 PM

Tags: ai, attack, awareness, best-practice, business, ciso, cloud, compliance, container, control, csf, cyber, cybersecurity, data, data-breach, defense, finance, framework, GDPR, governance, grc, group, intelligence, Internet, ISO-27001, mitre, nist, PCI, phishing, privacy, ransomware, regulation, risk, risk-assessment, risk-management, software, strategy, threat, training, update, vulnerability

If the company already has a mature risk culture: The implementation of a cybersecurity management project becomes more flexible. Since my goal is to share the mechanics to achieve success in a cybersecurity program, I emphasize below some components of this ‘recipe’ to consider: Understand the dynamics and scope of the business, mapping stakeholders, processes…
Datenschutzkonferenz-Entschließung: Datenschutzbeauftragte fordern Nein der Bundesregierung zur Chat-Kontrolle

Oct 9, 2025 7:25 AM

Tags: governance

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/datenschutzkonferenz-entschliessung-datenschutzbeauftragte-forderung-nein-bundesregierung-chat-kontrolle
Keine Mehrheit: EU-Verhandlungen zu Chatkontrolle wieder gescheitert

Oct 9, 2025 7:25 AM

Tags: governance

Mit dem Nein der Bundesregierung gibt es keine Mehrheit für die Chatkontrolle auf EU-Ebene. Die nächste Verhandlungsrunde könnte im Dezember folgen. First seen on golem.de Jump to article: www.golem.de/news/keine-mehrheit-eu-verhandlungen-zu-chatkontrolle-vorerst-gescheitert-2510-200965.html
Wendung bei Chatkontrolle – Deutschland kann sich nicht auf Zustimmung einigen

Oct 8, 2025 10:50 AM

Tags: germany, governance

Überraschende Wende bei der Chatkontrolle: Entgegen bisheriger Annahmen konnte sich die Bundesregierung bei dieser auf keine Linie einigen. First seen on computerbase.de Jump to article: www.computerbase.de/news/netzpolitik/wendung-bei-chatkontrolle-deutschland-kann-sich-nicht-auf-zustimmung-einigen.94592
Wendung bei Chatkontrolle – Deutschland kann sich nicht auf Zustimmung einigen

Oct 8, 2025 10:50 AM

Tags: germany, governance

Überraschende Wende bei der Chatkontrolle: Entgegen bisheriger Annahmen konnte sich die Bundesregierung bei dieser auf keine Linie einigen. First seen on computerbase.de Jump to article: www.computerbase.de/news/netzpolitik/wendung-bei-chatkontrolle-deutschland-kann-sich-nicht-auf-zustimmung-einigen.94592
USENIX 2025: PEPR ’25 Panel: How Privacy Engineers Can Shape The Coming Wave Of AI Governance

Oct 8, 2025 12:35 AM

Tags: ai, conference, governance, privacy

Moderator, Panelists: Moderator – Zachary Kilhoffer, Dynatrace; Panelists: Hoang Bao, Axon; Masooda Bashir, University of Illinois at Urbana-Champaign; Debra Farber, Lumin Digital; Sarah Lewis Cortes, Netflix and NIST; Akhilesh Srivastava, IOPD Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel. Permalink First seen on securityboulevard.com…
Don’t Let Your Cloud Security Catch a Bad Case of Permission Creep

Oct 7, 2025 5:35 PM

Tags: access, attack, breach, cloud, compliance, control, data, exploit, governance, iam, identity, international, Internet, kubernetes, least-privilege, mfa, risk, service, software, technology, threat, tool, vulnerability

Cloud security teams are often blind to one of the biggest threats to cloud environments: a web of over-privileged identities that create pathways for attackers. Learn how to regain control of your cloud identities by automating the enforcement of least privilege across your environment. Key takeaways The gradual accumulation of excessive and unused cloud permissions,…
Don’t Let Your Cloud Security Catch a Bad Case of Permission Creep

Oct 7, 2025 5:35 PM

Tags: access, attack, breach, cloud, compliance, control, data, exploit, governance, iam, identity, international, Internet, kubernetes, least-privilege, mfa, risk, service, software, technology, threat, tool, vulnerability

Cloud security teams are often blind to one of the biggest threats to cloud environments: a web of over-privileged identities that create pathways for attackers. Learn how to regain control of your cloud identities by automating the enforcement of least privilege across your environment. Key takeaways The gradual accumulation of excessive and unused cloud permissions,…
Droht Deutschlands Zustimmung zur Chatkontrolle, die Verschlüsselung digitaler Kommunikation zu gefährden?

Oct 7, 2025 2:35 PM

Tags: encryption, germany, governance, government

Seit 1999 hat die deutsche Regierung konsequent anerkannt, dass Verschlüsselung zentral für die wirtschaftliche, digitale und innere Sicherheit Deutschlands und der EU ist. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/droht-deutschlands-zustimmung-zur-chatkontrolle-die-verschluesselung-digitaler-kommunikation-zu-gefaehrden/a42272/
Is the CISO chair becoming a revolving door?

Oct 7, 2025 10:35 AM

Tags: ai, automation, breach, business, ciso, cloud, control, cybersecurity, framework, governance, jobs, risk, skills, threat

Is the stress worth the sacrifice?: For others in the CISO role, including Fullpath CISO Shahar Geiger Maor, the issue is less about boredom and more about the constant strain. “At any time there may be a breach. You live under the assumption that something is going to go wrong, and it’s very stressful,” he…
DevOps Days Philadelphia 2025: Security As A Control Loop, Resilience, Runtime Risks, And How AI Is Changing It

Oct 6, 2025 7:35 PM

Tags: ai, control, governance, resilience, risk

DevOpsDays Philadelphia 2025 showed how AI governance, secrets security, runtime traces, and ablative resilience work together to reduce operational risk. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/devops-days-philadelphia-2025-security-as-a-control-loop-resilience-runtime-risks-and-how-ai-is-changing-it/
IT leaders need to prepare for GenAI legal issues

Oct 6, 2025 4:35 PM

Tags: ai, compliance, gartner, governance

GenAI is being embedded into enterprise software. This has implications for governance and regulatory compliance First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366632394/Gartner-IT-leaders-need-to-prepare-for-GenAI-legal-issues
Back-up fehlt: Feuer zerstört ungesicherte Cloud der koreanischen Regierung

Oct 6, 2025 10:35 AM

Tags: cloud, governance, government

750.000 Beamte haben ihre Dateien in dem zerstörten Cloud-System abgelegt. Das war aber nicht an ein Back-up angeschlossen – ein fataler Fehler. First seen on golem.de Jump to article: www.golem.de/news/back-up-fehlt-feuer-zerstoert-ungesicherte-cloud-der-koreanischen-regierung-2510-200813.html
CISOs rethink the security organization for the AI era

Oct 6, 2025 9:35 AM

Tags: ai, attack, business, ciso, control, data, detection, framework, governance, guide, iam, jobs, phishing, resilience, risk, strategy, technology, tool, update

Jill Knesek, CISO, BlackLine BlackLineEchoing Oleksak, Knesek says she feels strongly about utilizing traditional security and having the right controls in place. Getting foundational security right will get you a long way, she says.’Then, as you learn about more sophisticated attacks “¦ we’ll have to pivot our tooling and capabilities to those risks.” For now,…
CISOs rethink the security organization for the AI era

Oct 6, 2025 9:35 AM

Tags: ai, attack, business, ciso, control, data, detection, framework, governance, guide, iam, jobs, phishing, resilience, risk, strategy, technology, tool, update

Jill Knesek, CISO, BlackLine BlackLineEchoing Oleksak, Knesek says she feels strongly about utilizing traditional security and having the right controls in place. Getting foundational security right will get you a long way, she says.’Then, as you learn about more sophisticated attacks “¦ we’ll have to pivot our tooling and capabilities to those risks.” For now,…
Modernisierungsagenda der Bundesregierung: DsiN begrüßt wichtiges Signal und fordert Taten

Oct 6, 2025 12:35 AM

Tags: governance

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/modernisierungsagenda-bundesregierung-dsin-begruessung-wichtigkeit-signal-forderung-taten
Italy’s AI Law Comes Into Force

Oct 5, 2025 10:35 AM

Tags: ai, governance, intelligence, law

On October 10, 2025, Italy will become the first EU member state to bring a national artificial intelligence law into force, moving ahead of the bloc’s landmark EU AI Act. Law No. 132 of 2025, published in the Gazzetta Ufficiale in late September, positions Italy at the center of Europe’s evolving AI governance landscape. The……
Italy’s AI Law Comes Into Force

Oct 5, 2025 10:35 AM

Tags: ai, governance, intelligence, law

On October 10, 2025, Italy will become the first EU member state to bring a national artificial intelligence law into force, moving ahead of the bloc’s landmark EU AI Act. Law No. 132 of 2025, published in the Gazzetta Ufficiale in late September, positions Italy at the center of Europe’s evolving AI governance landscape. The……
Descope Gets $35M for AI Agent Identity Controls, Governance

Oct 3, 2025 12:41 AM

Tags: ai, ciso, control, framework, governance, identity, tool

Identity Security Vendor to Expand AI Governance Tools Including MCP Server Defense. Descope raised $35 million to expand its agentic identity hub and MCP authorization capabilities. As enterprises adopt AI, CISOs demand granular governance, auditing and secure identity frameworks for nonhuman agents. Descope aims to lead this emerging space. First seen on govinfosecurity.com Jump to…
Descope Gets $35M for AI Agent Identity Controls, Governance

Oct 3, 2025 12:41 AM

Tags: ai, ciso, control, framework, governance, identity, tool

Identity Security Vendor to Expand AI Governance Tools Including MCP Server Defense. Descope raised $35 million to expand its agentic identity hub and MCP authorization capabilities. As enterprises adopt AI, CISOs demand granular governance, auditing and secure identity frameworks for nonhuman agents. Descope aims to lead this emerging space. First seen on govinfosecurity.com Jump to…
Strategic Intelligence From the Cybersecurity Front Lines

Oct 2, 2025 9:41 PM

Tags: ai, cybersecurity, governance, intelligence, resilience, threat, tool

The 2025 Cybersecurity Pulse Report: Advanced Threat Research Edition. The Cybersecurity Pulse Report: 2025 Edition delivers the latest frontline intelligence, capturing the critical threats, innovations and governance debates shaping today’s security agenda. Synthesized through ISMG’s AI-powered tools, the report covers resilience, innovation and competition. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/strategic-intelligence-from-cybersecurity-front-lines-a-29618
Netskope CEO: Going Public Fuels AI Security, Partner Growth

Sep 30, 2025 8:09 PM

Tags: ai, awareness, ceo, cloud, governance

Sanjay Beri Touts IPO as Catalyst for Trust, Brand Awareness, Key to Cloud Success. CEO Sanjay Beri says Netskope’s IPO helps it compete with longtime rivals by boosting visibility and access. By combining deep R&D, partner support and AI governance, the firm aims to accelerate adoption of secure cloud and AI capabilities across global customers.…