Collecting Cyber-News from over 60 sources

Tag: governance

Cyberangriff auf ‘Washington Post”

Jun 16, 2025 1:54 PM

Tags: access, china, cyber, cyberattack, cyberespionage, governance, government, mail, microsoft, usa

Die “Washington Post” wurde Ziel einer Cyberattacke. Die Microsoft-Accounts mehrerer Journalisten der ‘Washington Post” sind laut einem Bericht des ‘Wall Street Journal” von Cyberkriminellen kompromittiert worden. Die Angreifer hatten demnach auch Zugriff auf dienstliche E-Mails der US-Zeitung. Es wird angenommen, dass es sich dabei um einen gezielten Angriff einer Regierung aus dem Ausland handelt.Zu den…
Why banks’ tech-first approach leaves governance gaps

Jun 16, 2025 8:54 AM

Tags: ciso, cyber, cybersecurity, finance, governance, risk

In this Help Net Security interview, Rich Friedberg, CISO at Live Oak Bank, discusses how banks can better align cybersecurity efforts with broader cyber governance and risk … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/16/rich-friedberg-live-oak-bank-banking-cyber-governance/
Feel the FOMO: Unlocking the Future of GRC Automation

Jun 10, 2025 11:55 AM

Tags: automation, compliance, control, governance, grc, risk

If you’ve been around the governance, risk and compliance (GRC) space for a while, you likely remember the days when GRC workflows involved manually collecting screenshots from several systems, filling out control statuses in spreadsheets and hoping you’re ready for your next audit(s). Those days are gone, or at least, should have, by now… First…
SailPoint adds governance tools for AI agents

Jun 9, 2025 10:54 PM

Tags: ai, governance, tool

First seen on scworld.com Jump to article: www.scworld.com/brief/sailpoint-adds-governance-tools-for-ai-agents
Unmasking the silent saboteur you didn’t know was running the show

Jun 9, 2025 1:54 PM

Tags: 5G, access, ai, api, attack, authentication, backup, blockchain, breach, ciso, cloud, compliance, control, cybersecurity, data, defense, endpoint, firewall, firmware, GDPR, governance, Hardware, incident response, iot, ISO-27001, login, malicious, network, nis-2, PCI, service, siem, supply-chain, threat, zero-trust

Cybersecurity depends on accurate clocks : Your logs are only as valuable as your clocks are accurate. If your servers are out of sync, forget to reconstruct timelines. You’ll spend hours chasing phantom alerts. Event correlation and forensics Your SIEM is only as good as the timestamps it gets. Correlating events across endpoints, firewalls and cloud…
Anthropic appoints a national security expert to its governing trust

Jun 6, 2025 11:54 PM

Tags: governance

Anthropic’s long-term benefit trust is a governance mechanism that Anthropic claims helps it promote safety over profit, and which has the power to elect some of the company’s board of directors. First seen on techcrunch.com Jump to article: techcrunch.com/2025/06/06/anthropic-appoints-a-national-security-expert-to-its-governing-trust/
Microsoft startet neues europäisches Sicherheitsprogramm

Jun 6, 2025 3:55 PM

Tags: ai, china, crime, crimes, cyber, cyberattack, cybercrime, cyberespionage, cyersecurity, deep-fake, governance, government, guide, infrastructure, intelligence, iran, LLM, microsoft, north-korea, open-source, ransomware, resilience, service, social-engineering, supply-chain, threat, ukraine, update, usa, vulnerability

Microsoft will die Cybersicherheit in Europa stärken.Microsoft warnt davor, dass sich Ransomware-Gruppen und staatlich geförderte Akteure aus Russland, China, dem Iran und Nordkorea in Umfang und Raffinesse stetig weiterentwickeln. Europa dürfe daher nicht zögern, seine Verteidigungsmechanismen zu stärken. Der Tech-Konzern will deshalb mit einer neuen Initiative bestehende Schutzprogramme erweitern und gezielt auf europäische Bedürfnisse eingehen.Das…
Databricks and Noma Security Partner to Deliver Enterprise-Grade AI Security and Governance at Scale

Jun 5, 2025 10:55 PM

Tags: ai, governance

First seen on scworld.com Jump to article: www.scworld.com/news/databricks-and-noma-security-partner-to-deliver-enterprise-grade-ai-security-and-governance-at-scale
Lumos touts ‘Albus’ as first AI agent for autonomous identity governance

Jun 5, 2025 10:55 PM

Tags: ai, governance, identity

First seen on scworld.com Jump to article: www.scworld.com/news/lumos-touts-albus-as-first-ai-agent-for-autonomous-identity-governance
Cyber Resilience in Zeiten geopolitischer Unsicherheit

Jun 5, 2025 6:54 AM

Tags: cio, ciso, cloud, compliance, cyber, cyberattack, firewall, governance, infrastructure, monitoring, resilience, risk, risk-analysis, siem, update, vulnerability-management

Cyberbedrohungen existieren längst nicht mehr im luftleeren Raum sie entstehen im Spannungsfeld von Geopolitik, regulatorischer Zersplitterung und einer stetig wachsenden digitalen Angriffsfläche.Cybersecurity ist heute ein rechtliches, operatives und geopolitisches Thema. Für CIOs und CISOs ist die Botschaft eindeutig: Resilienz bedeutet nicht mehr nur, zu reagieren, sondern vorbereitet zu sein. Vorbereitung heißt, Systeme und Teams aufzubauen,…
Den Tarifchaos bei US-Zöllen nutzen Cyberkriminelle zunehmend für Online-Betrug

Jun 5, 2025 5:54 AM

Tags: fraud, governance, government, mail, usa

Laut einem kürzlich auf CNBC erschienen Bericht setzen Cyberkriminelle in den USA für Online-Betrug zunehmend auf einen neuen Ansatzpunkt: die hochfluide Zollpolitik der Regierung Trump. Gut getarnt als Einzelhändler, Lieferant oder Regierungsbehörde, versenden sie per E-Mail und SMS Fake-Zahlungsaufforderungen zur Begleichung angeblicher Zolltarife für Lieferungen und Dienstleistungen an Verbraucher und Unternehmen. Als die US-Regierung im…
Minimierung von Schwachstellen in OT-Umgebungen

Jun 5, 2025 1:54 AM

Tags: cyber, cybersecurity, cyersecurity, governance, network, vulnerability

Die OT-Cybersicherheits-Governance-Plattform von TXOne Networks stellt in einzigartiger Weise aussagekräftige Leitlinien bereit, welche CPS-Schwachstellen zur Gewährleistung des Betriebs vorrangig berücksichtigt werden müssen. TXOne Networks, ein führendes Unternehmen im Bereich der Sicherheit für Cyber-Physical Systems (CPS), kündigt eine erweiterte Version seiner an. wird bereits von zahlreichen führenden Industrieunternehmen aus […] First seen on netzpalaver.de Jump to…
Don’t Be a Statistic: Proactive API Security in the Age of AI

Jun 4, 2025 2:55 PM

Tags: access, ai, api, attack, breach, business, cloud, compliance, cybercrime, data, data-breach, defense, email, exploit, finance, governance, infrastructure, Internet, iot, mobile, phone, privacy, risk, security-incident, strategy, threat, tool, unauthorized, update, vulnerability

Your business depends on APIs, which are essential for contemporary digital experiences, encompassing everything from mobile applications and IoT devices to the rapidly evolving AI landscape. With more than 80% of internet traffic now routed through APIs”, a number projected to rise significantly due to AI developments”, their security is crucial. Unfortunately, this vital infrastructure…
6 ways CISOs can leverage data and AI to better secure the enterprise

Jun 4, 2025 10:54 AM

Tags: advisory, ai, antivirus, attack, automation, breach, business, ciso, cloud, compliance, computer, corporate, cyber, cyberattack, cybersecurity, data, detection, firewall, framework, governance, guide, infrastructure, LLM, login, ml, network, programming, risk, risk-analysis, service, siem, soc, software, technology, threat, tool, training

Emphasize the ‘learning’ part of ML: To be truly effective, models need to be retrained with new data to keep up with changing threat vectors and shifting cyber criminal behavior.”Machine learning models get smarter with your help,” Riboldi says. “Make sure to have feedback loops. Letting analysts label events and adjust settings constantly improves their…
#Infosec2025: Startups Focus on Visibility and Governance, not AI

Jun 4, 2025 10:54 AM

Tags: ai, attack, data, governance, startup

Startups at Infosecurity Europe focus on attack surface management and improving security data, even as some new vendors avoid AI-led marketing First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/infosec2025-startups-focus/
Rethinking governance in a decentralized identity world

Jun 4, 2025 6:55 AM

Tags: ciso, data, governance, identity, privacy

Decentralized identity (DID) is gaining traction, and for CISOs, it’s becoming a part of long-term planning around data protection, privacy, and control. As more … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/04/governance-decentralized-identity/
Snowflake Launches Gen2 Compute, Adaptive Warehouses, and AI Governance to Streamline Data Management

Jun 3, 2025 9:55 PM

Tags: ai, data, governance

First seen on scworld.com Jump to article: www.scworld.com/news/snowflake-launches-gen2-compute-adaptive-warehouses-and-ai-governance-to-streamline-data-management
Conquering complexity and risk with data security posture insights

Jun 3, 2025 4:54 PM

Tags: access, ai, attack, automation, best-practice, business, cloud, compliance, control, cyber, cyberattack, data, defense, detection, encryption, exploit, framework, GDPR, governance, infrastructure, intelligence, mitigation, monitoring, PCI, regulation, risk, risk-assessment, risk-management, strategy, technology, theft, threat, tool, unauthorized, vulnerability

Conquering complexity and risk with data security posture insights madhav Tue, 06/03/2025 – 05:35 In today’s competitive landscape it has become an increasingly important for businesses looking for ways to adapt their data security, governance, and risk management practices to the volatile economy by improving efficiency or reducing costs while maintaining structure, consistency, and guidance…
‘In der Security geht es vor allem um Resilienz”

Jun 3, 2025 9:54 AM

Tags: ai, awareness, backup, business, cio, ciso, cyber, cyberattack, cyersecurity, deep-fake, governance, group, ransomware, resilience, social-engineering, strategy, tool, training, vulnerability

Timo Wandhöfer verantwortet als Group CISO beim Metallverarbeiter Klöckner & Co den Bereich Informationssicherheit und Business Continuity Management (BCM). Klöckner & Co SERansomware-Attacken zählen nach wie vor zu den größten Cyberbedrohungen in der Industrie. Wie schützen Sie Ihr Unternehmen vor solchen Angriffen? Und worauf kommt es dabei besonders an?Wandhöfer: Ja, das ist richtig. Auch bei…
Getting the Most Value Out of the OSCP: After the Exam

Jun 2, 2025 10:54 PM

Tags: access, attack, automation, bug-bounty, business, cloud, compliance, conference, control, corporate, credentials, cyber, cybersecurity, data, data-breach, defense, detection, exploit, finance, flaw, framework, google, governance, group, guide, hacker, hacking, incident response, infosec, injection, intelligence, Internet, iran, jobs, kali, linkedin, linux, malicious, malware, microsoft, mobile, network, office, open-source, penetration-testing, powershell, privacy, RedTeam, reverse-engineering, risk, service, skills, soc, social-engineering, sql, strategy, stuxnet, technology, threat, tool, training, update, vulnerability, windows

In the final post of this series, I’ll discuss what to do after your latest exam attempt to get the most value out of your OSCP journey. DISCLAIMER: All opinions expressed in this article are solely my own. I have reviewed the content to ensure compliance with OffSec’s copyright policies and agreements. I have not been…
Regierungsdaten in den Socken: FBI erwischt Spionagefahnder bei der Spionage

Jun 2, 2025 12:54 PM

Tags: governance, government

Ein DIA-Mitarbeiter hat Geheimnisse der US-Regierung in seinen Socken versteckt, um sie einer anderen Regierung zu übergeben. Das FBI hat gespannt zugesehen. First seen on golem.de Jump to article: www.golem.de/news/regierungsdaten-in-den-socken-fbi-erwischt-spionagefahnder-bei-der-spionage-2506-196747.html
CISO 3.0: Leading AI governance and security in the boardroom

Jun 2, 2025 7:55 AM

Tags: ai, ciso, cybersecurity, governance

In this Help Net Security interview, Aaron McCray, Field CISO at CDW, discusses how AI is transforming the CISO role from a tactical cybersecurity guardian into a strategic … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/02/aaron-mccray-cdw-cisos-ai-security/
Cloud migration demands contractual safeguards and clear strategy

May 30, 2025 2:55 PM

Tags: cloud, cyber, data, governance, strategy

Cyber security experts urge organisations to define clear objectives, understand shared security models and implement strong data governance when migrating workloads to the cloud First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366625093/Cloud-migration-demands-contractual-safeguards-and-clear-strategy
Void Blizzard nimmt NATO-Organisationen ins Visier

May 30, 2025 12:55 PM

Tags: access, api, authentication, blizzard, cloud, cyberattack, cyberespionage, edr, fido, framework, governance, government, hacker, intelligence, mail, malware, mfa, microsoft, open-source, passkey, password, phishing, risk, siem, spear-phishing, threat, tool, ukraine

Russische Hacker ändern ihre Taktik von Passwort-Spraying zu Phishing, aber ihre Ziele innerhalb der NATO bleiben gleich.Seit über einem Jahr hat es eine neue Cyberspionage-Gruppe, die mit der russischen Regierung in Verbindung stehen soll, auf Unternehmen aus verschiedenen Branchen innerhalb der NATO abgesehen. Die Gruppe wird von Microsoft Threat Intelligence ‘Void Blizzard” genannt. Die niederländischen…
BalkanID Launches Self-Service IGA Lite with Transparent Pricing for Identity Governance

May 28, 2025 10:55 PM

Tags: governance, identity, service

First seen on scworld.com Jump to article: www.scworld.com/news/balkanid-launches-self-service-iga-lite-with-transparent-pricing-for-identity-governance
Nine Steps to Achieving AI Governance

May 28, 2025 10:55 PM

Tags: ai, governance

First seen on scworld.com Jump to article: www.scworld.com/perspective/nine-steps-to-achieving-ai-governance
How HealthTech Startups Can Build Scalable Data Governance Frameworks from Day One

May 28, 2025 6:54 PM

Tags: data, framework, governance, healthcare, startup

Launching a HealthTech startup without data governance is like building a hospital with no patient records: risky, chaotic, and destined for regulatory headaches. In an…Read More First seen on securityboulevard.com Jump to article: https://securityboulevard.com/2025/05/how-healthtech-startups-can-build-scalable-data-governance-frameworks-from-day-one/
If you use OneDrive to upload files to ChatGPT or Zoom, don’t

May 28, 2025 3:55 PM

Tags: access, api, chatgpt, compliance, corporate, cybersecurity, data, google, governance, least-privilege, microsoft, mitigation, risk, saas, security-incident, service, strategy, threat, tool

Web app vendors aren’t off the hook: This could be bad news for security teams, according to Eric Schwake, director of cybersecurity strategy at Salt Security. “Sensitive secrets required for this access are often stored in an insecure manner by default,” Schwake said. “This situation presents a key API security challenge for security teams, and…
Why data provenance must anchor every CISO’s AI governance strategy

May 28, 2025 7:54 AM

Tags: ai, ciso, data, governance, intelligence, strategy

Across the enterprise, artificial intelligence has crept into core functions not through massive digital transformation programs, but through quiet, incremental … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/28/cisos-ai-governance-strategy/
Die wertvollsten Security-Zertifizierungen

May 28, 2025 6:54 AM

Tags: access, ai, blockchain, china, cisa, cisco, cloud, compliance, control, cyberattack, cybersecurity, data, DSGVO, endpoint, framework, germany, governance, hacker, hacking, identity, incident response, injection, international, jobs, kali, linux, monitoring, network, password, penetration-testing, privacy, resilience, risk, risk-management, sans, security-incident, service, siem, skills, social-engineering, sql, threat, usa, vulnerability, windows

Zertifizierte IT-Sicherheitsprofis sind (unter anderem) gefragter und verdienen besser.(Cybersecurity-)Zertifizierungen können eine aktienähnliche Volatilität entfalten: Ihre Popularität kann steigen oder auch fallen und sie können an Relevanz verlieren, wenn sie nicht mit den aktuellen Branchenentwicklungen Schritt halten. Allerdings sind davon nicht alle Zertifizierungen gleichermaßen betroffen: Sogenannte “Blue Chips” haben sich über den Lauf der Zeit bewährt…