Tag: governance

From Risk to ROI: How Security Maturity Drives Business Value

Aug 12, 2025 10:12 AM

Tags: access, ai, breach, business, cloud, compliance, control, cyber, cybersecurity, data, detection, encryption, exploit, finance, framework, GDPR, governance, government, healthcare, incident response, infrastructure, insurance, intelligence, monitoring, nist, privacy, ransomware, regulation, resilience, risk, risk-assessment, risk-management, service, software, strategy, threat, tool, unauthorized, vulnerability

From Risk to ROI: How Security Maturity Drives Business Value madhav Tue, 08/12/2025 – 04:30 Cyber threats are like moving targets”, constantly evolving and increasingly pervasive. In a hyper-connected world, no individual, industry, or organization is immune. The threat landscape presents a serious and persistent challenge for governments, businesses, critical infrastructure, and individuals alike. Many…
Credit Karma leader shares AI governance lessons learned

Aug 12, 2025 12:12 AM

Tags: ai, data, fintech, governance, lessons-learned

Start slow and break things — that’s how the head of data and AI at the fintech says enterprises should start building AI governance frameworks. First seen on techtarget.com Jump to article: www.techtarget.com/searchitoperations/news/366628735/Credit-Karma-leader-shares-AI-governance-lessons-learned
CSO hiring on the rise: How to land a top security exec role

Aug 11, 2025 10:12 AM

Tags: access, ai, attack, breach, business, cio, ciso, cloud, compliance, cyber, cybersecurity, data, defense, finance, governance, government, healthcare, identity, incident, incident response, infrastructure, insurance, jobs, military, network, regulation, resilience, risk, saas, service, skills, software, strategy, technology, threat, training

Wide-scale AI adoption shaking up skills sought: In terms of the skills wanted of today’s CSO, Fuller agrees that AI is the game-changer.”Organizations are seeking cybersecurity leaders who combine technical depth, AI fluency, and strong interpersonal skills,” Fuller says. “AI literacy is now a baseline expectation, as CISOs must understand how to defend against AI-driven…
AMD und Nvidia Regierung wird mit 15 Prozent am China-Umsatz beteiligt

Aug 11, 2025 9:12 AM

Tags: ai, china, governance, government, nvidia

AMD und Nvidia dürfen erste AI-Chips nach China schicken. Ein Novum dabei: 15 Prozent der China-Einnahmen gehen wohl direkt an Washington. First seen on computerbase.de Jump to article: www.computerbase.de/news/wirtschaft/amd-und-nvidia-us-regierung-wird-mit-15-prozent-am-china-umsatz-beteiligt.93832
Beyond cryptocurrency: Blockchain 101 for CISOs and why it matters

Aug 8, 2025 2:11 PM

Tags: access, ai, api, attack, blockchain, breach, ciso, compliance, container, control, credentials, crypto, data, framework, gartner, governance, identity, incident response, infrastructure, international, malicious, nist, regulation, risk, saas, sbom, software, supply-chain, technology, threat, tool, unauthorized, vulnerability, zero-trust

Decentralization. Eliminates single points of failure or compromise Immutability. Data written to the chain is nearly impossible to change Verifiability. Stakeholders can independently verify logs or data integrity Transparency + confidentiality. You can audit metadata while encrypting sensitive content According to Gartner, 20% of large enterprises will use blockchain for digital trust initiatives by 2025. That’s not hype, it’s…
Beyond cryptocurrency: Blockchain 101 for CISOs and why it matters

Aug 8, 2025 2:11 PM

Tags: access, ai, api, attack, blockchain, breach, ciso, compliance, container, control, credentials, crypto, data, framework, gartner, governance, identity, incident response, infrastructure, international, malicious, nist, regulation, risk, saas, sbom, software, supply-chain, technology, threat, tool, unauthorized, vulnerability, zero-trust

Decentralization. Eliminates single points of failure or compromise Immutability. Data written to the chain is nearly impossible to change Verifiability. Stakeholders can independently verify logs or data integrity Transparency + confidentiality. You can audit metadata while encrypting sensitive content According to Gartner, 20% of large enterprises will use blockchain for digital trust initiatives by 2025. That’s not hype, it’s…
Beyond cryptocurrency: Blockchain 101 for CISOs and why it matters

Aug 8, 2025 2:11 PM

Tags: access, ai, api, attack, blockchain, breach, ciso, compliance, container, control, credentials, crypto, data, framework, gartner, governance, identity, incident response, infrastructure, international, malicious, nist, regulation, risk, saas, sbom, software, supply-chain, technology, threat, tool, unauthorized, vulnerability, zero-trust

Decentralization. Eliminates single points of failure or compromise Immutability. Data written to the chain is nearly impossible to change Verifiability. Stakeholders can independently verify logs or data integrity Transparency + confidentiality. You can audit metadata while encrypting sensitive content According to Gartner, 20% of large enterprises will use blockchain for digital trust initiatives by 2025. That’s not hype, it’s…
13 Produkt-Highlights der Black Hat USA

Aug 8, 2025 12:12 PM

Tags: access, ai, api, application-security, business, chatgpt, cisco, cloud, compliance, credentials, crowdstrike, cybersecurity, data, detection, google, governance, Hardware, identity, leak, LLM, malware, marketplace, microsoft, monitoring, network, openai, phishing, risk, saas, service, soc, threat, tool, usa, vulnerability, zero-trust

Das Mandalay Bay Convention Center wird zur Black Hat USA zum Cybersecurity-Hub 2025 lag der Fokus dabei insbesondere auf Agentic und Generative AI.Zur Black-Hat-Konferenz haben sich auch 2025 Tausende von Sicherheitsexperten in Las Vegas zusammengefunden, um sich über die neuesten Entwicklungen im Bereich Cybersecurity zu informieren und auszutauschen. Der thematische Fokus lag dabei in erster…
So sparen CISOs, ohne die Sicherheit zu torpedieren

Aug 8, 2025 7:11 AM

Tags: business, ciso, compliance, cyber, cyberattack, cybersecurity, detection, governance, Hardware, iam, intelligence, jobs, risk, risk-management, software, strategy, threat, tool, vulnerability

Geht’s dem Security-Budget an den Kragen, ist der Spielraum für CISOs denkbar gering.Vor etlichen Jahren fand sich David Mahdi, heute CISO Advisor beim IAM-Spezialisten Transmit Security, in einer Situation wieder, vor der wohl jedem Sicherheitsentscheider graut: Die Budgets sollten mitten im Jahr drastisch gekürzt werden ohne die Möglichkeit, irgendetwas aufzuschieben. “Das war damals eine unkontrollierbare…
So sparen CISOs, ohne die Sicherheit zu torpedieren

Aug 8, 2025 7:11 AM

Tags: business, ciso, compliance, cyber, cyberattack, cybersecurity, detection, governance, Hardware, iam, intelligence, jobs, risk, risk-management, software, strategy, threat, tool, vulnerability

Geht’s dem Security-Budget an den Kragen, ist der Spielraum für CISOs denkbar gering.Vor etlichen Jahren fand sich David Mahdi, heute CISO Advisor beim IAM-Spezialisten Transmit Security, in einer Situation wieder, vor der wohl jedem Sicherheitsentscheider graut: Die Budgets sollten mitten im Jahr drastisch gekürzt werden ohne die Möglichkeit, irgendetwas aufzuschieben. “Das war damals eine unkontrollierbare…
Black Hat 2025 Recap: A look at new offerings announced at the show

Aug 8, 2025 5:11 AM

Tags: access, ai, api, application-security, automation, chatgpt, cisco, cloud, compliance, control, crowdstrike, dark-web, data, detection, google, governance, group, identity, intelligence, LLM, malware, microsoft, monitoring, network, openai, password, risk, saas, service, soc, software, threat, tool, vulnerability, zero-trust

Snyk secures AI from inception: Snyk’s new platform capability, Secure at Inception, includes real-time security scanning that begins at the moment of code generation or execution. It offers visibility into generative AI, agentic, and model context protocol (MCP) components in software, and also features a new, experimental scanner for detecting AI-specific MCP vulnerabilities.Secure AI Inception…
We’re a Major Player in the 2025 IDC MarketScape for CNAPP. Here’s Why That Matters for Your Cloud Security.

Aug 7, 2025 7:11 PM

Tags: access, attack, automation, business, ciso, cloud, compliance, control, cyber, cybersecurity, data, data-breach, detection, governance, iam, identity, incident response, infrastructure, metric, radius, risk, strategy, threat, tool, vulnerability, vulnerability-management

“With a strong focus on CNAPP through Tenable Cloud Security and exposure management with Tenable One, Tenable provides visibility and control over hybrid attack surfaces, including on-premises, cloud, and hybrid environments,” according to the report. To successfully tackle your cloud security challenges, you need a partner that understands the landscape and offers you a powerful,…
Project Ire: Microsoft’s autonomous AI agent that can reverse engineer malware

Aug 7, 2025 3:11 PM

Tags: ai, attack, ceo, cloud, compliance, computing, control, cybersecurity, defense, detection, exploit, finance, governance, government, healthcare, infrastructure, LLM, malicious, malware, microsoft, programming, risk, service, siem, soar, soc, software, threat, tool, training

Real-world testing: In real-world tests on 4,000 “hard-target” files that had stumped automated tools, Project Ire flagged 9 malicious files out of 10 files correctly, and a low 4% false positive rate.This makes Project Ire suitable for organizations that operate in high-risk, high-volume, and time-sensitive environments where traditional human-based threat triage is insufficient.Rawat added that…
Überwachung des KI-Markts – Datenschützer mahnt Handeln der Bundesregierung bei KI an

Aug 7, 2025 10:11 AM

Tags: ai, governance

First seen on security-insider.de Jump to article: www.security-insider.de/datenschuetzer-mahnt-handeln-der-bundesregierung-bei-ki-an-a-9f14929fe46f3bae5be823e01debbd32/
Act Now: $100M in FY25 Cyber Grants for SLTTs Available Before August 15

Aug 6, 2025 11:11 PM

Tags: attack, breach, cisa, cloud, compliance, cyber, cyberattack, cybersecurity, data, defense, governance, government, identity, incident response, infrastructure, iot, metric, network, ransomware, resilience, risk, service, technology, threat, tool, training, vulnerability

With over $100 million on the table in FY25 cybersecurity grants, state, local and tribal governments have until August 15, 2025 to apply to secure critical cyber funding to strengthen their defenses. On August 1st, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Emergency Management Agency (FEMA) announced the FY 2025 Notice…
Top use cases for private certificate authorities in public sector organizations

Aug 6, 2025 9:12 PM

Tags: access, authentication, automation, compliance, control, crypto, cybersecurity, governance, identity, service, zero-trust

Public sector organizations face rising cybersecurity, compliance, and operational challenges, especially in complex hybrid environments. Private certificate authorities (CAs) offer enhanced control, automation, and security tailored to internal systems and Zero Trust frameworks. Unlike public CAs, private CAs allow agencies to manage internal identities, devices, and applications while meeting strict regulatory requirements. Key use cases…
Four Areas CISOs Must Assess Before Being AI Ready

Aug 5, 2025 2:28 PM

Tags: ai, ciso, governance, technology

Every CISO must assess their organization’s AI readiness from technology and talent to governance and compliance. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/four-areas-cisos-must-assess-before-being-ai-ready/
So verändert KI Ihre GRC-Strategie

Aug 5, 2025 6:28 AM

Tags: ai, ciso, compliance, cyersecurity, framework, fraud, governance, grc, group, monitoring, nist, risk, risk-management, strategy, tool
Silicon Saxony: Hightech Agenda der Bundesregierung Mikroelektronik-Turbo mit Milliardenpotenzial

Aug 5, 2025 12:28 AM

Tags: governance

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/hightech-agenda-bundesregierung-mikroelektronik-turbo
AppOmni Launches New SaaS and AI Security Packages to Tackle Rising Risks

Aug 4, 2025 9:28 PM

Tags: ai, control, defense, governance, risk, saas, threat

AppOmni secures AI inside SaaS with discovery, threat defense, and full governance control with new product packages. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/appomni-launches-new-saas-and-ai-security-packages-to-tackle-rising-risks/
Ransomware attacks: The evolving extortion threat to US financial institutions

Aug 4, 2025 2:28 PM

Tags: access, ai, antivirus, attack, backup, banking, breach, business, cloud, communications, compliance, control, credentials, crime, crimes, cyber, cybercrime, cybersecurity, dark-web, data, ddos, defense, detection, edr, email, encryption, endpoint, extortion, finance, firewall, governance, group, identity, incident response, infrastructure, insurance, intelligence, international, korea, law, leak, least-privilege, lessons-learned, linkedin, linux, lockbit, login, malicious, mfa, monitoring, network, north-korea, organized, phishing, ransom, ransomware, resilience, risk, rust, service, soc, social-engineering, software, startup, strategy, supply-chain, tactics, theft, threat, tool, training, update, usa, vmware, vulnerability, warfare, windows, zero-trust

Before sunrise on a chilly November morning, I got the kind of call no security leader ever wants. A mid-sized U.S. bank had been hit overnight hard. Customers couldn’t access their accounts, ATMs were non-functional and every screen in the company’s environment glowed with the same ominous message: their systems were encrypted, and data had…
CISA releases Thorium, an open-source, scalable platform for malware analysis

Aug 4, 2025 2:28 PM

Tags: access, ceo, cio, cisa, compliance, container, control, cyber, cybersecurity, data, docker, framework, github, governance, incident response, kubernetes, malware, open-source, privacy, risk, skills, tool

Rethinking malware analysis at scale: Enterprise-grade malware analysis tools and platforms have been widely used in the security community. But many of them require paid licenses, lack orchestration at scale, or are difficult to integrate with enterprise workflows. Experts view Thorium as a significant democratization of advanced malware analysis technology.”It is a big deal as…
IBM Report: Shadow AI and Poor Governance Linked to Costlier Breaches in 2025

Aug 2, 2025 12:28 PM

Tags: ai, breach, governance, ibm, risk

Only 34% of organizations with AI governance audit for misuse, IBM’s 2025 breach report warns. Lack of oversight is raising risks and costs. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-ai-breach-risks-rise-as-governance-lags/
Compliance and AIOps: The Role of GRC in IT Operations

Aug 2, 2025 5:28 AM

Tags: compliance, data, governance, grc, risk

By providing a data-driven, automated, and real-time approach to Governance, Risk, and Compliance, Qmulos adds that extra layer of visibility to the overall correlation of operational events. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/compliance-and-aiops-the-role-of-grc-in-it-operations/
NIS2 verändert die Spielregeln ein Kabinettsbeschluss unter Druck

Aug 1, 2025 2:28 PM

Tags: cyersecurity, governance, kritis, nis-2

Mit dem Kabinettsbeschluss vom 30. Juli hat die Bundesregierung einen überfälligen Schritt getan. Die Umsetzung der europäischen NIS2-Richtlinie kommt damit in die nächste Phase verspätet, aber mit deutlich geschärften Konturen. Der Regierungsentwurf schafft erstmals einen verbindlichen Rahmen für Cybersicherheit in weiten Teilen der Wirtschaft und verankert Mindeststandards, die weit über den bisherigen KRITIS-Kreis hinausreichen. […]…
NIS2: Der Kabinettsbeschluss ist da und lässt einige Fragen offen

Aug 1, 2025 6:28 AM

Tags: cyersecurity, governance, kritis, nis-2

Die Bundesregierung hat endlich geliefert: Der Kabinettsbeschluss zur Umsetzung der NIS2-Richtlinie ist verabschiedet worden. Ulrich Plate, Leiter der Kompetenzgruppe KRITIS bei eco Verband der Internetwirtschaft e.V., begrüßt diesen Schritt: »Damit kehrt das Thema Cybersicherheit endlich auf die politische Bühne zurück überfällig angesichts der sicherheitspolitischen Lage. Die EU-Richtlinie verlangt nicht weniger als eine strukturelle… First seen…
Gesetzentwurf verabschiedet: Strengere Kontrollen für einige IT-Mitarbeiter geplant

Jul 31, 2025 9:28 AM

Tags: governance

Die Bundesregierung will Sicherheitsüberprüfungen für manche Personen in kritischen Bereichen stark ausweiten. First seen on golem.de Jump to article: www.golem.de/news/gesetzentwurf-strengere-kontrollen-fuer-einige-it-mitarbeiter-geplant-2507-198666.html
GenAI als Security-Gamechanger?

Jul 31, 2025 6:28 AM

Tags: ai, ciso, cloud, compliance, cve, cyber, cyberattack, cyersecurity, data, deep-fake, governance, hacker, LLM, mail, malware, mobile, phishing, risk, social-engineering, threat, tool, vulnerability

Für CISOs bietet generative KI nicht nur eine bloße Arbeitserleichterung, sondern zahlreiche neue Möglichkeiten für die Cybersicherheit.Durch den Einsatz von GenAI ergeben sich für CISOs neue Chancen, da bewährte Verteidigungsmethoden immer mehr an ihre Grenzen stoßen. Doch auch Cyberkriminelle haben längst die Möglichkeiten erkannt, damit ihre Angriffe zu verstärken. Dies hat bereits jetzt zu einem…
Kabinettsbeschluss zur NISRichtlinie

Jul 31, 2025 5:28 AM

Tags: cyersecurity, governance, nis-2

Die deutsche Bundesregierung hat zum 30. Juli 2025 den Kabinettsbeschluss zur Umsetzung der NIS”¯2-Richtlinie verabschiedet. Damit rückt das Thema Cybersicherheit wieder auf die politische Agenda mit spürbaren Auswirkungen für Unternehmen in kritischen Sektoren. Um was geht es bei NIS-2? … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/07/31/kabinettsbeschluss-zur-nis-2-richtlinie/
Enterprise Kubernetes Management: What Is It Do You Have It?

Jul 30, 2025 10:28 PM

Tags: automation, cloud, governance, kubernetes