Tag: governance
-
AI Security Agents Get Personas to Make Them More Appealing
New synthetic security staffers promise to bring artificial intelligence comfortably into the security operations center, but they will require governance to protect security. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/ai-security-agents-get-personas-make-them-more-appealing
-
Why can’t enterprises get a handle on the cloud misconfiguration problem?
Tags: access, ai, authentication, awareness, breach, business, cloud, communications, computing, control, cybersecurity, data, data-breach, encryption, governance, hacker, infrastructure, least-privilege, mfa, monitoring, network, risk, saas, service, technology, tool, training, usa, zero-trustStop. Reassess. Reconfigure: Last year, according to Ayan Roy, EY Americas cybersecurity competency leader, the highest number of breaches were caused by shared cloud repositories. “That’s where we saw the maximum amount of data exfiltration,” he says. “A lot was from shared cloud stores and SaaS applications.” That’s despite the fact that the clients have…
-
Why can’t enterprises get a handle on the cloud misconfiguration problem?
Tags: access, ai, authentication, awareness, breach, business, cloud, communications, computing, control, cybersecurity, data, data-breach, encryption, governance, hacker, infrastructure, least-privilege, mfa, monitoring, network, risk, saas, service, technology, tool, training, usa, zero-trustStop. Reassess. Reconfigure: Last year, according to Ayan Roy, EY Americas cybersecurity competency leader, the highest number of breaches were caused by shared cloud repositories. “That’s where we saw the maximum amount of data exfiltration,” he says. “A lot was from shared cloud stores and SaaS applications.” That’s despite the fact that the clients have…
-
Why can’t enterprises get a handle on the cloud misconfiguration problem?
Tags: access, ai, authentication, awareness, breach, business, cloud, communications, computing, control, cybersecurity, data, data-breach, encryption, governance, hacker, infrastructure, least-privilege, mfa, monitoring, network, risk, saas, service, technology, tool, training, usa, zero-trustStop. Reassess. Reconfigure: Last year, according to Ayan Roy, EY Americas cybersecurity competency leader, the highest number of breaches were caused by shared cloud repositories. “That’s where we saw the maximum amount of data exfiltration,” he says. “A lot was from shared cloud stores and SaaS applications.” That’s despite the fact that the clients have…
-
Why can’t enterprises get a handle on the cloud misconfiguration problem?
Tags: access, ai, authentication, awareness, breach, business, cloud, communications, computing, control, cybersecurity, data, data-breach, encryption, governance, hacker, infrastructure, least-privilege, mfa, monitoring, network, risk, saas, service, technology, tool, training, usa, zero-trustStop. Reassess. Reconfigure: Last year, according to Ayan Roy, EY Americas cybersecurity competency leader, the highest number of breaches were caused by shared cloud repositories. “That’s where we saw the maximum amount of data exfiltration,” he says. “A lot was from shared cloud stores and SaaS applications.” That’s despite the fact that the clients have…
-
Digital health can’t scale if cybersecurity falls behind
Tags: access, ai, attack, breach, cloud, compliance, control, cyber, cyberattack, cybersecurity, data, detection, encryption, endpoint, exploit, framework, GDPR, governance, government, healthcare, HIPAA, identity, infection, intelligence, malicious, network, nist, phishing, privacy, ransomware, regulation, resilience, risk, risk-management, strategy, technology, threat, training, virus, vulnerability, zero-trustThe unique vulnerabilities of AI systems: Traditional security frameworks are not enough for AI. Attacks on algorithms take subtler forms. I often explain to my clients that when you corrupt data, you corrupt intelligence. Data poisoning occurs when malicious data is inserted into the training process, teaching the AI to make wrong decisions later. Imagine…
-
Digital health can’t scale if cybersecurity falls behind
Tags: access, ai, attack, breach, cloud, compliance, control, cyber, cyberattack, cybersecurity, data, detection, encryption, endpoint, exploit, framework, GDPR, governance, government, healthcare, HIPAA, identity, infection, intelligence, malicious, network, nist, phishing, privacy, ransomware, regulation, resilience, risk, risk-management, strategy, technology, threat, training, virus, vulnerability, zero-trustThe unique vulnerabilities of AI systems: Traditional security frameworks are not enough for AI. Attacks on algorithms take subtler forms. I often explain to my clients that when you corrupt data, you corrupt intelligence. Data poisoning occurs when malicious data is inserted into the training process, teaching the AI to make wrong decisions later. Imagine…
-
Digital health can’t scale if cybersecurity falls behind
Tags: access, ai, attack, breach, cloud, compliance, control, cyber, cyberattack, cybersecurity, data, detection, encryption, endpoint, exploit, framework, GDPR, governance, government, healthcare, HIPAA, identity, infection, intelligence, malicious, network, nist, phishing, privacy, ransomware, regulation, resilience, risk, risk-management, strategy, technology, threat, training, virus, vulnerability, zero-trustThe unique vulnerabilities of AI systems: Traditional security frameworks are not enough for AI. Attacks on algorithms take subtler forms. I often explain to my clients that when you corrupt data, you corrupt intelligence. Data poisoning occurs when malicious data is inserted into the training process, teaching the AI to make wrong decisions later. Imagine…
-
SonicWall says state-linked actor behind attacks against cloud backup service
CEO announces security and governance reforms inside the company, including the adoption of secure by design practices. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/sonicwall-state-linked-actor-attacks-cloud-backup/804867/
-
SonicWall says state-linked actor behind attacks against cloud backup service
CEO announces security and governance reforms inside the company, including the adoption of secure by design practices. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/sonicwall-state-linked-actor-attacks-cloud-backup/804867/
-
Zwischen Automatisierung und Verantwortung: KI-Agenten in der Identity Governance
Die Erfolgsformel lautet: risikobasiert priorisieren, sichtbar automatisieren, menschlich verantworten und alles prüfbar dokumentieren. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/zwischen-automatisierung-und-verantwortung-ki-agenten-in-der-identity-governance/a42629/
-
Zwischen Automatisierung und Verantwortung: KI-Agenten in der Identity Governance
Die Erfolgsformel lautet: risikobasiert priorisieren, sichtbar automatisieren, menschlich verantworten und alles prüfbar dokumentieren. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/zwischen-automatisierung-und-verantwortung-ki-agenten-in-der-identity-governance/a42629/
-
Why API Security Will Drive AppSec in 2026 and Beyond
As LLMs, agents and Model Context Protocols (MCPs) reshape software architecture, API sprawl is creating major security blind spots. The 2025 GenAI Application Security Report reveals why continuous API discovery, testing and governance are now critical to protecting AI-driven applications from emerging semantic and prompt-based attacks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/why-api-security-will-drive-appsec-in-2026-and-beyond/
-
Why API Security Will Drive AppSec in 2026 and Beyond
As LLMs, agents and Model Context Protocols (MCPs) reshape software architecture, API sprawl is creating major security blind spots. The 2025 GenAI Application Security Report reveals why continuous API discovery, testing and governance are now critical to protecting AI-driven applications from emerging semantic and prompt-based attacks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/why-api-security-will-drive-appsec-in-2026-and-beyond/
-
Why API Security Will Drive AppSec in 2026 and Beyond
As LLMs, agents and Model Context Protocols (MCPs) reshape software architecture, API sprawl is creating major security blind spots. The 2025 GenAI Application Security Report reveals why continuous API discovery, testing and governance are now critical to protecting AI-driven applications from emerging semantic and prompt-based attacks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/why-api-security-will-drive-appsec-in-2026-and-beyond/
-
The Promise and Perils of Agentic AI: Autonomy at Scale
7 min readExplore the profound shift to agentic AI, its unprecedented automation capabilities, and the critical security and governance challenges it introduces. Learn how to secure autonomous systems. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/the-promise-and-perils-of-agentic-ai-autonomy-at-scale/
-
The Promise and Perils of Agentic AI: Autonomy at Scale
7 min readExplore the profound shift to agentic AI, its unprecedented automation capabilities, and the critical security and governance challenges it introduces. Learn how to secure autonomous systems. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/the-promise-and-perils-of-agentic-ai-autonomy-at-scale/
-
Dutch boardroom cyber security knowledge gap exposed
Cyber security governance professor warns that executives lack the capability to assess cyber threats in implementation approaches First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366633901/Dutch-boardroom-cyber-security-knowledge-gap-exposed
-
Mit der Übernahme des Sicherheitspionier SPLX will Zscaler den KI-Lebenszyklus absichern
Zscaler übernimmt den Pionier von KI-Sicherheit SPLX und baut damit sein Serviceportfolio um die Absicherung von KI-Anwendungen aus. Die Zscaler-Zero-Trust-Exchange-Plattform wird um Shift-Left-KI-Asset-Discovery, automatisiertes Red-Teaming und Governance erweitert, sodass Unternehmen ihre KI-Investitionen von der Entwicklung bis zur Bereitstellung sichern können, ‘Die Übernahme ist ein wichtiger Schritt, um die Rolle von Zscaler als vertrauenswürdigen Partner zu…
-
Kommentar von Franz Kögl, Intrafind – Data Governance: Man kann nur steuern, was man kennt
First seen on security-insider.de Jump to article: www.security-insider.de/effektive-data-governance-und-die-rolle-von-enterprise-search-a-4bfd68271688d238a02aaad9f326d487/
-
Hackerparagraf: BSI-Chefin fordert Straffreiheit für ethische Hacker
Die Reform des Hackerparagrafen ist seit Jahren geplant. Die neue Regierung prüft das Thema noch. First seen on golem.de Jump to article: www.golem.de/news/hackerparagraf-bsi-chefin-fordert-straffreiheit-fuer-ethische-hacker-2511-201852.html
-
Centraleyes AI Framework (CAIF)
What is the CAIF? The Centraleyes AI Framework (CAIF) is a comprehensive compliance and governance tool designed to help organizations meet the diverse and rapidly evolving regulatory requirements surrounding artificial intelligence. It consolidates questions and controls from multiple AI laws and regulatory regimes across the globe including the EU AI Act (Minimal and Limited… First…
-
Louvre-Raubzug offenbart jahrzehntelanges Security-Versagen
Windows-Sicherheitsprobleme haben beim Louvre-Museum scheinbar Tradition.Shutterstock / Phil PasquiniDas Louvre-Museum in Paris wurde im Oktober 2025 bekanntlich von Einbrechern heimgesucht und auf ziemlich dreiste Art und Weise um Juwelen im Wert von circa 88 Millionen Euro erleichtert. Die Diebe nutzten für ihren Raubzug einen Möbelaufzug (made in Germany), um durch ein Fenster im zweiten Stock…
-
Centraleyes AI Framework (CAIF)
What is the CAIF? The Centraleyes AI Framework (CAIF) is a comprehensive compliance and governance tool designed to help organizations meet the diverse and rapidly evolving regulatory requirements surrounding artificial intelligence. It consolidates questions and controls from multiple AI laws and regulatory regimes across the globe including the EU AI Act (Minimal and Limited… First…
-
Louvre-Raubzug offenbart jahrzehntelanges Security-Versagen
Windows-Sicherheitsprobleme haben beim Louvre-Museum scheinbar Tradition.Shutterstock / Phil PasquiniDas Louvre-Museum in Paris wurde im Oktober 2025 bekanntlich von Einbrechern heimgesucht und auf ziemlich dreiste Art und Weise um Juwelen im Wert von circa 88 Millionen Euro erleichtert. Die Diebe nutzten für ihren Raubzug einen Möbelaufzug (made in Germany), um durch ein Fenster im zweiten Stock…
-
10 promising cybersecurity startups CISOs should know about
Tags: access, ai, attack, automation, business, ceo, ciso, cloud, compliance, container, control, cybersecurity, data, deep-fake, defense, detection, endpoint, exploit, finance, gartner, google, governance, government, grc, ibm, identity, linux, malicious, microsoft, military, monitoring, network, open-source, ransomware, RedTeam, risk, saas, software, startup, supply-chain, technology, threat, tool, vulnerability, vulnerability-management, zero-trust2. Chainguard: Category: Software supply chain securityWhy they’re here: Founded in 2021 by Dan Lorenc (formerly at Microsoft and Google), Chainguard offers a Linux-based platform for securely building applications. The company has raised more than $600M and is valued at $3.5B. In fiscal year 2025, Chainguard reached a $40M annual run rate and by the…