Collecting Cyber-News from over 60 sources

Tag: governance

Quellcode kursiert im Netz: Von US-Regierung genutzter Signal-Klon gehackt

May 5, 2025 11:49 AM

Tags: governance, government, vulnerability

Der Signal-Klon der US-Regierung weist offenbar Schwachstellen auf. Ein Angreifer will vertrauliche Daten vom Server des Anbieters erbeutet haben. First seen on golem.de Jump to article: www.golem.de/news/quellcode-kursiert-im-netz-von-us-regierung-genutzter-signal-klon-gehackt-2505-195905.html
Signal: Nutzt die US-Regierung einen unsicheren Klon der Messenger-App?

May 5, 2025 11:49 AM

Tags: governance, government

First seen on t3n.de Jump to article: t3n.de/news/signal-nutzt-die-us-regierung-einen-unsicheren-klon-der-messenger-app-1685530/
12 most innovative launches at RSA 2025

May 5, 2025 8:49 AM

Tags: ai, attack, awareness, ciso, cloud, communications, compliance, control, cyber, cybersecurity, data, deep-fake, detection, email, endpoint, finance, framework, governance, healthcare, identity, insurance, intelligence, login, malicious, network, nist, open-source, openai, phishing, privacy, RedTeam, resilience, risk, risk-analysis, risk-management, saas, service, siem, social-engineering, tactics, threat, tool, training, update, zero-day, zero-trust

AuditBoard: AI governance solution: AuditBoard announced its AI governance solution, designed to help organizations accelerate AI risk management and promote responsible AI adoption. The solution is designed to streamline AI use case intake, review, and approval processes, establish a centralized repository for approved AI models, and dynamically link AI risks to vendors, assets, and controls…
Restoring Trust in AI Through Governance

May 5, 2025 8:49 AM

Tags: ai, governance, threat

Ulla Coester on Ethical Design and the Role of the EU AI Act. Unclear threats and unpredictable behavior complicate global trust in AI. Building a shared understanding through adaptable governance helps create consistent expectations for responsible development across societies, said Ulla Coester, project director, Fresenius University of Applied Sciences. First seen on govinfosecurity.com Jump to…
Balancing AI Innovation With Security

May 3, 2025 5:50 PM

Tags: ai, data, governance, resilience, risk, software

Accountability Is Key as Enterprises Adopt AI at Scale, Says Saviynt’s Jim Routh. AI governance must balance innovation with security, making it vital that organizations adopt flexible, consensus-driven approach to ensure responsible AI deployment while addressing risks such as data exposure and software resilience, said Jim Routh, chief trust officer at Saviynt. First seen on…
Strategien für eine sichere digitale Zukunft von der RSA

May 2, 2025 5:50 PM

Tags: ai, ciso, conference, cyberattack, cyersecurity, google, governance, government, malware, openai, phishing, resilience, risk, social-engineering, threat, tool, vulnerability

Auf der RSA Conference wurden zentrale Strategien diskutiert, wie Unternehmen KI sicher und wirkungsvoll einsetzen können.Künstliche Intelligenz (KI) wird künftig eine noch größere Rolle für CISOs spielen. Angesichts Herausforderungen wie dem Fachkräftemangel nutzen viele Unternehmen bereits KI in der Cybersicherheit. Deren sicherer und strategischer Einsatz ist jedoch komplex. Die RSA Conference in San Francisco bot…
Microsoft ernennt Deputy-CISO für Europa

May 2, 2025 2:50 PM

Tags: ciso, cybersecurity, cyersecurity, governance, linkedin, microsoft, nis-2, resilience

Microsoft ernennt einen Deputy-CISO für Europa.Die immer lauter werdenden Rufe nach einer digitalen Souveränität Europas angesichts des erratisch agierenden Mannes im Weißen Haus lassen Microsoft um seine Geschäfte bangen. Der jüngste Coup nach der Ankündigung eines Investitionsprogramms in EU-Rechenzentren, frei von US-Zugriffen: Für Europa wird ein Deputy-CISO im Rahmen des Microsoft Cybersecurity Governance Council ernannt.Die…
EUAct Entscheidender Moment für die KI-Governance

May 2, 2025 2:50 PM

Tags: ai, governance

Mit dem EU-AI-Act und dem bevorstehenden General-Purpose-AI (GPAI) Code-of-Practice stehen Unternehmen vor einem entscheidenden Moment in der KI Governance. Diese Verpflichtungen gelten nicht nur für die Entwickler und Anbieter von KI-Modellen, sondern für jedes Unternehmen, das KI unter eigenem Namen einsetzt. Dies schließt diejenigen ein, die große Sprachmodelle von Drittanbietern verwenden. Für IT-Führungsteams ist dies…
Omada kündigt Investition von GRO und Kirk Kapital an, um im Bereich Identity-Governance weiter zu wachsen

May 2, 2025 2:50 PM

Tags: access, ai, governance, identity, software

Omada, ein weltweit führender Anbieter von Identity-Governance and Administration (IGA)-Software, kündigte eine neue Phase seiner Partnerschaft mit dem bestehenden Investor GRO an, der gemeinsam mit Kirk Kapital eine Mehrheitsbeteiligung übernimmt, um Omadas weiteres Wachstum und Innovationen zu unterstützen. Omada bietet eine skalierbare, KI-gesteuerte Identity-Governance-Lösung, die Unternehmen dabei hilft, den Zugriff auf Systeme und Anwendungen sicher…
Messaging: US-Regierung nutzt potenziell unsicheren Signal-Klon

May 2, 2025 10:50 AM

Tags: governance, government

Auf einem Foto ist zu sehen, dass Donald Trumps ehemaliger Sicherheitsberater einen Signal-Klon verwendet, der Nachrichten archivieren kann. First seen on golem.de Jump to article: www.golem.de/news/messaging-us-regierung-nutzt-potenziell-unsicheren-signal-klon-2505-195853.html
Public AI Tools Need Governance to Avoid Data Leakage Risk

May 1, 2025 6:50 PM

Tags: ai, ceo, control, data, governance, risk, tool, unauthorized

Zscaler’s Jay Chaudhry on Visibility and Policy Enforcement to Secure AI Usage. Organizations face significant risks when employees use public AI tools without governance, but security platforms can provide visibility, policy controls and data protection to safeguard sensitive information from unauthorized exposure, said Jay Chaudhry, founder, chairman and CEO, Zscaler. First seen on govinfosecurity.com Jump…
Erfolgreich durch optimierte DataStrategie – Datenverwaltung neu gedacht: wie transformative KI-Resultate gelingen

May 1, 2025 12:50 PM

Tags: ai, data, governance, strategy

First seen on security-insider.de Jump to article: www.security-insider.de/datenverwaltung-neu-gedacht-wie-transformative-ki-resultate-gelingen-a-eb0c071dc32df3e10ecae0ef3fc59521/
The 14 most valuable cybersecurity certifications

May 1, 2025 10:50 AM

Tags: access, ai, application-security, attack, automation, best-practice, blockchain, blueteam, china, cisa, cisco, ciso, cloud, compliance, computer, computing, conference, control, country, credentials, cryptography, cyber, cybersecurity, data, defense, encryption, endpoint, exploit, finance, governance, government, guide, hacker, hacking, incident response, intelligence, Internet, jobs, kali, law, linux, malware, metric, microsoft, monitoring, network, penetration-testing, privacy, reverse-engineering, risk, risk-analysis, risk-management, skills, threat, training, vulnerability, windows

Industry recognition Who’s to say one certification is more respected than another? Such criteria can be very subjective, so we turned to the most direct and unbiased source to cut through the ambiguity: job listings. In addition to education, skills, and qualifications, employers often specify certs they seek in their ideal candidate. These mentions carry…
The Expanding Role of CISOs in Tech and Corporate Governance

Apr 30, 2025 9:50 PM

Tags: business, ciso, corporate, cyber, cybersecurity, governance, risk, threat

Team8’s Liran Grinberg on How CISOs Influence Boardrooms and Enterprise Security. With cyber risk ranked as one of the top threats to business continuity, cybersecurity has now become a core component to business survival. Liran Grinberg, co-founder and managing partner at Team8, said the CISO’s role has transformed into one of the most critical positions…
HCLSoftware and CloudEagle Partner to Streamline Software Governance Across Devices and SaaS

Apr 29, 2025 10:52 PM

Tags: governance, saas, software

First seen on scworld.com Jump to article: www.scworld.com/news/hclsoftware-and-cloudeagle-partner-to-streamline-software-governance-across-devices-and-saas
Compliance Challenges in Cloud Data Governance

Apr 29, 2025 7:51 AM

Tags: access, cloud, compliance, computing, data, governance, organized, privacy

Adopting cloud computing allows organizations of all shapes and sizes to access data and collaborate in the most flexible ways imaginable. While it brings many benefits, it also brings along compliance issues in data governance, particularly when data crosses borders. Ensuring data is safe, private and organized is paramount. The American Data Privacy Puzzle The..…
Cisco AI Defense embeds with ServiceNow SecOps tools

Apr 28, 2025 6:51 PM

Tags: ai, cisco, data, defense, governance, tool

Cisco AI Defense will feed in data and automate AI governance in ServiceNow SecOps products as enterprises seek a platform approach to cybersecurity. First seen on techtarget.com Jump to article: www.techtarget.com/searchitoperations/news/366623232/Cisco-AI-Defense-embeds-with-ServiceNow-SecOps-tools
Compliance And Governance: What Every CISO Needs To Know About Data Protection Regulations

Apr 26, 2025 1:51 PM

Tags: ciso, compliance, cyber, cybersecurity, data, governance, regulation, risk

The cybersecurity landscape has changed dramatically in recent years, largely due to the introduction of comprehensive data protection regulations across the globe. Chief Information Security Officers (CISOs) now find themselves at the intersection of technical security, regulatory compliance, and organizational risk management. Their responsibilities have expanded far beyond traditional security operations, requiring them to interpret…
6 types of risk every organization must manage, and 4 strategies for doing it

Apr 25, 2025 11:50 AM

Tags: ai, attack, backup, best-practice, breach, business, compliance, control, cyber, cybersecurity, data, finance, framework, fraud, GDPR, governance, government, grc, hacker, healthcare, infrastructure, insurance, intelligence, law, mitigation, office, phishing, ransom, ransomware, regulation, risk, risk-assessment, risk-management, service, startup, strategy, technology, threat, training, vulnerability

Cybersecurity risks Threats such as data breaches, phishing attacks, system intrusions, and broader digital vulnerabilities fall under the umbrella of security risks. The definition of cybersecurity risk is constantly evolving, now encompassing threats related to artificial intelligence and AI-driven systems.If you’re trying to mitigate risks in this area, you need to think not just about…
MIWIC25: Jess Matthews, Compliance Governance Officer at Acacium Group

Apr 24, 2025 4:50 PM

Tags: compliance, cyber, governance, group

Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2024’s Top 20 women selected by an esteemed panel of judges. Presented in a Q&A format, the nominee’s answers are…
Erodiert die Security-Reputation der USA?

Apr 24, 2025 10:50 AM

Tags: business, ceo, china, cisa, ciso, cybersecurity, cyersecurity, endpoint, exploit, germany, governance, government, intelligence, iran, kaspersky, north-korea, service, strategy, threat, usa

Trump stiftet Verunsicherung auch wenn’s um Cybersicherheit geht.Nachdem US-Präsident Donald Trump nun auch Cybersicherheitsunternehmen per Executive Order für abweichende politische Positionen abstraft, befürchten nicht wenige Branchenexperten, dass US-Sicherheitsunternehmen künftig ähnlich in Verruf geraten könnten wie ihre russischen und chinesischen Konkurrenten. Die zentralen Fragen sind dabei:Können sich CISOs beziehungsweise ihre Unternehmen künftig noch auf US-amerikanische Bedrohungsinformationen…
Cybersecurity Snapshot: NIST Aligns Its Privacy and Cyber Frameworks, While Researchers Warn About Hallucination Risks from GenAI Code Generators

Apr 18, 2025 6:28 PM

Tags: access, advisory, ai, attack, breach, china, cisa, cisco, ciso, cloud, computer, control, csf, cve, cyber, cyberattack, cybersecurity, data, defense, encryption, espionage, exploit, firmware, framework, governance, government, group, hacker, hacking, healthcare, identity, infrastructure, Internet, LLM, malicious, mfa, mitigation, mitre, network, nist, open-source, password, phishing, privacy, risk, risk-assessment, router, service, software, strategy, supply-chain, technology, threat, tool, update, vulnerability

Check out NIST’s effort to further mesh its privacy and cyber frameworks. Plus, learn why code-writing GenAI tools can put developers at risk of package-confusion attacks. Also, find out what Tenable webinar attendees said about identity security. And get the latest on the MITRE CVE program and on attacks against edge routers. Dive into five…
ISACA and Chartered IIA pen open letter to UK Government urging swift audit reform to build digital resilience

Apr 18, 2025 1:30 AM

Tags: business, corporate, governance, government, resilience

ISACA and the Chartered Institute of Internal Auditors (Chartered IIA), have sent a letter to Rt Hon Jonathan Reynolds MP, Secretary of State for Business and Trade, stressing the urgent need for audit reform legislation to boost digital resilience. The letter underlines strong stakeholder support for the Audit Reform and Corporate Governance Bill promised in…
Cybersicherheit Update – – USA setzen Finanzierung des CVE-Programms doch fort

Apr 17, 2025 6:28 PM

Tags: cve, cyersecurity, data, governance, government, mitre, update, usa

Heute endet die zwischen der US-Regierung und MITRE geschlossene Finanzierung des CVE-Programms, was deutliche Auswirkungen haben könnte. First seen on computerbase.de Jump to article: www.computerbase.de/news/wirtschaft/cybersicherheit-usa-stellen-finanzierung-des-cve-programms-ein.92215
Standard Chartered grounds AI ambitions in data governance

Apr 17, 2025 4:28 PM

Tags: ai, data, finance, governance, group, infrastructure

The bank’s group chief data officer, Mohammed Rahim, outlines how the bank is modernising its data infrastructure and governance practices to support its AI initiatives First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366622934/Standard-Chartered-grounds-AI-ambitions-in-data-governance
The FTC Is Watching: GoDaddy’s Settlement Sends a Clear Message on API Security

Apr 17, 2025 3:28 PM

Tags: access, api, attack, authentication, breach, business, communications, compliance, control, credentials, data, data-breach, detection, encryption, exploit, finance, framework, fraud, governance, government, incident response, law, mfa, monitoring, password, privacy, risk, service, theft, threat, tool, unauthorized, vulnerability, vulnerability-management

In today’s rapidly changing digital environment, APIs play a crucial role in modern business, facilitating smooth connectivity and data sharing. Yet, this interconnected nature brings significant security and privacy risks, as evidenced by the Federal Trade Commission’s (FTC) recent settlement with GoDaddy. This settlement serves as a stark reminder that strong API security is no…
NIST Updates Privacy Framework With AI and Governance Revisions

Apr 17, 2025 3:28 PM

Tags: ai, cybersecurity, framework, governance, guide, nist, privacy, technology, update

The US National Institute of Standards and Technology has updated its Privacy Framework to work cohesively with its Cybersecurity Framework and guide organizations to develop stronger postures to handle privacy risks. First seen on darkreading.com Jump to article: www.darkreading.com/data-privacy/nist-updates-privacy-framework-ai-governance
CVE-Finanzierung weiterhin gesichert

Apr 17, 2025 2:28 PM

Tags: cisa, cve, cyber, cybersecurity, docker, google, governance, government, infrastructure, mitre, open-source, technology, tool, usa, vulnerability

Experten warnten, dass ohne CVE ein Koordinationschaos in der IT-Sicherheit droht. Die CISA scheint sie erhört zu haben.Am 16. April 2025 hatte die Trump-Regierung kurzfristig ein Ende der Finanzierung des weltweit bedeutenden CVE-Programms (Common Vulnerabilities and Exposures), das seit 25 Jahren eine zentrale Rolle in der Cybersicherheitslandschaft spielt, verkündet. Die gemeinnützige Organisation MITRE, die das…
CISOs no closer to containing shadow AI’s skyrocketing data risks

Apr 17, 2025 10:28 AM

Tags: access, ai, authentication, awareness, best-practice, breach, business, ceo, chatgpt, ciso, compliance, computer, control, cybersecurity, data, data-breach, detection, finance, framework, github, google, governance, group, jobs, law, leak, LLM, mitigation, monitoring, privacy, RedTeam, regulation, risk, risk-management, service, software, technology, theft, tool, training, unauthorized, vulnerability

While most organizations (90%) offer sanctioned generative AI apps and even more (98%) offer their users apps that incorporate gen AI features, unauthorized use of AI services is skyrocketing in business, according to a study by Netskope.Most gen AI use in the enterprise (72%) is shadow IT, driven by individuals using personal accounts to access…
Cybersicherheit – USA stellen Finanzierung des CVE-Programms ein

Apr 16, 2025 10:28 AM

Tags: cve, cyersecurity, governance, government, mitre, usa

Heute endet die zwischen der US-Regierung und MITRE geschlossene Finanzierung des CVE-Programms, was deutliche Auswirkungen haben könnte. First seen on computerbase.de Jump to article: www.computerbase.de/news/wirtschaft/cybersicherheit-usa-stellen-finanzierung-des-cve-programms-ein.92215