Tag: regulation
-
Critics warn America’s ‘move fast’ AI strategy could cost it the global market
As the U.S. promises a light-touch approach to AI regulation, businesses and other stakeholders must work out the rules of the road for themselves. First seen on cyberscoop.com Jump to article: cyberscoop.com/trump-ai-policy-global-adoption-safety-regulation-critics/
-
AI and Regulation Redefine Application Security, New Global Study Finds
Artificial intelligence has overtaken all other forces shaping application security, according to a major new industry study that shows organisations racing to secure AI-generated code while responding to growing regulatory pressure. The 16th edition of the Building Security In Maturity Model (BSIMM), released by Black Duck, analysed real-world software security practices across 111 organisations worldwide,…
-
The Compliance Convergence Challenge: Permission Sprawl and AI Regulations in Hybrid Environments
Permission sprawl is colliding with AI regulations, creating new compliance risks across hybrid and multi-cloud environments. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/the-compliance-convergence-challenge-permission-sprawl-and-ai-regulations-in-hybrid-environments/
-
Building trust with the board through evidence-based proof
Tags: backup, business, cio, ciso, compliance, control, cyber, cybersecurity, data, finance, governance, incident, insurance, mitigation, regulation, resilience, risk, strategy, tool, updateBuilding a common language to get to “Here’s the proof of cyber resilience”: CISOs can reframe the discussion using data and evidence. Modern cybersecurity tools produce a large volume of data and information on how they operate at any point in time, the status of controls deployed, the validation of configuration and more. There’s an…
-
US FDA Reissues Cybersecurity Guidance to Reflect QMSR Transition and ISO 13485 Alignment
The US Food and Drug Administration (FDA) has reissued its final guidance on medical device cybersecurity to reflect the agency’s transition from the Quality System Regulation (QSR) to the Quality System Management Regulation (QMSR). The updated FDA cybersecurity guidance was published on 4 February, just two days after the QMSR officially took effect. The revision…
-
Building a Zero-Trust Framework for Cloud Banking
Zero-trust architecture helps banks secure cloud environments, meet regulations, and scale innovation through identity-first security. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/building-a-zero-trust-framework-for-cloud-banking/
-
How Secure by Design helps developers build secure software
Security isn’t just a feature, it’s a foundation. As cyber threats grow more sophisticated and regulations tighten, developers are being asked to do more than just write clean … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/04/cis-secure-software-design-guide/
-
National cyber director solicits industry help in fixing regulations, threat information-sharing
President Donald Trump’s chief cybersecurity adviser said a forthcoming national strategy will kick off ambitious projects. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/sean-cairncross-white-house-cybersecurity-strategy-iti/811255/
-
Sean Cairncross’ cybersecurity agenda: less regulation, more cooperation
Cut the regulatory burden, boost information sharing, and get Congress moving: that’s the pitch as the White House readies a new cyber strategy. First seen on cyberscoop.com Jump to article: cyberscoop.com/sean-cairncross-industry-cut-cybersecurity-regulations-renew-cisa/
-
Outages Happen to Everyone. Building a Resilient Architecture Doesn’t Have to Be Hard.
Tags: access, ai, attack, breach, business, cloud, compliance, computing, container, control, csf, cyberattack, data, defense, detection, dora, encryption, finance, framework, government, nist, regulation, resilience, service, software, strategy, technologyOutages Happen to Everyone. Building a Resilient Architecture Doesn’t Have to Be Hard. madhav Tue, 02/03/2026 – 05:21 No company is spared the pain of outages. But their impact can be mitigated by how resilient you build your business architecture. And who you choose to partner with can significantly determine how effective that will be.…
-
NDSS 2025 Reinforcement Unlearning
Session 10D: Machine Unlearning Authors, Creators & Presenters: Dayong Ye (University of Technology Sydney), Tianqing Zhu (City University of Macau), Congcong Zhu (City University of Macau), Derui Wang (CSIRO’s Data61), Kun Gao (University of Technology Sydney), Zewei Shi (CSIRO’s Data61), Sheng Shen (Torrens University Australia), Wanlei Zhou (City University of Macau), Minhui Xue (CSIRO’s Data61)…
-
Aligning Substance Use Privacy Regs With HIPAA Isn’t Simple
Revisions to 42 CFR Part 2 that go into effect soon to better align federal regulations for the confidentiality of substance use disorder records with HIPAA require entities to adjust their compliance programs. But the changes aren’t easy, said attorney David Holtzman, founder of HITprivacy LLC. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/aligning-substance-use-privacy-regs-hipaa-isnt-simple-i-5519
-
Top 10 World’s Best Data Security Companies in 2026
In 2026, data has become the most valuable asset for businesses and the most targeted. With rising ransomware attacks, insider threats, AI-driven breaches, and strict global data protection regulations, organizations can no longer rely on basic security controls. This has fueled massive demand for advanced data security companies that can protect sensitive information across cloud,…
-
Securing the Future: Practical Approaches to Digital Sovereignty in Google Workspace
Tags: access, attack, ciso, cloud, compliance, computing, container, control, data, defense, dora, email, encryption, GDPR, google, Hardware, healthcare, identity, infrastructure, law, malware, network, privacy, regulation, resilience, risk, service, software, strategy, zero-trustSecuring the Future: Practical Approaches to Digital Sovereignty in Google Workspace madhav Thu, 01/22/2026 – 04:35 In today’s rapidly evolving digital landscape, data privacy and sovereignty have become top priorities for organizations worldwide. With the proliferation of cloud services and the tightening of global data protection regulations, security professionals face mounting pressure to ensure their…
-
For cyber risk assessments, frequency is essential
Tags: access, authentication, backup, breach, ciso, cloud, compliance, cyber, cyberattack, cybersecurity, data, data-breach, exploit, framework, GDPR, infrastructure, mitigation, network, password, radius, ransomware, regulation, risk, risk-assessment, risk-management, strategy, tool, vulnerabilityIdentifying vulnerabilities: A cyber risk assessment helps to identify security gaps in a company’s IT infrastructure, networks, and systems. This provides the opportunity to eliminate these vulnerabilities before they can be exploited by cybercriminals.Prioritize risk management measures: Not every system is critical, and not all of a company’s data is equally important. The results of the risk…
-
Ransomware gangs extort victims by citing compliance violations
Tags: ai, attack, breach, compliance, data, data-breach, extortion, group, ransomware, regulation, threat, toolAI amplifies attacks: Hild points to another problem: “AI-powered tools dramatically accelerate these attacks. Criminals can now screen stolen documents for ‘material’ compliance violations within hours of a data breach, faster and more accurately than many companies can audit their own systems.”The SailPoint specialist explains: “They create detailed, legally sound complaints for authorities and set…
-
Navigating Privacy and Cybersecurity Laws in 2026 Will Prove Difficult
No matter what new laws or regulations make the cut for 2026, it’s clear that compliance challenges will persist and federal legislation will be limited. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/navigating-privacy-and-cybersecurity-laws-in-2026-will-prove-difficult
-
Rapid7 increases focus on compliance
With customers struggling to deal with audits and rising levels of regulations, the vendor is setting out to arm its channel with more options First seen on computerweekly.com Jump to article: www.computerweekly.com/microscope/news/366637149/Rapid7-increases-focus-on-compliance
-
‘Elon Musk is playing with fire:’ All the legal risks that apply to Grok’s deepfake disaster
There are legal tools in place to curb what’s happening on X, but the incident will be precedent-setting for how these laws and regulations are wielded for AI-generated images. First seen on cyberscoop.com Jump to article: cyberscoop.com/elon-musk-x-grok-deepfake-crisis-section-230/
-
8 things CISOs can’t afford to get wrong in 2026
Tags: access, advisory, ai, attack, automation, awareness, breach, business, ciso, cloud, communications, compliance, control, cyber, cyberattack, cybersecurity, data, data-breach, defense, dora, encryption, finance, firmware, GDPR, healthcare, identity, incident response, india, infrastructure, injection, insurance, intelligence, iot, jobs, law, malicious, monitoring, network, privacy, ransom, regulation, resilience, risk, saas, scam, service, software, strategy, supply-chain, tactics, technology, theft, threat, tool, training, update, vulnerability, zero-trust“Identity and access controls for AI agents and AI platforms are one of the most important areas of concern for CISOs,” says Jason Stading, director at global technology research and advisory firm ISG. “Right now, permissions and access rights for AI are a black box in many areas. We will see a major push over…
-
FCC finalizes new penalties for robocall violators
Tags: regulationThe regulations, put in place after President Joe Biden’s voice was cloned, imposes $10,000 fines on telecoms that file false or late caller information. First seen on cyberscoop.com Jump to article: cyberscoop.com/fcc-finalizes-new-penalties-for-robocall-violators/
-
AI, Quantum, and the New Threat Frontier: What Will Define Cybersecurity in 2026?
Tags: access, ai, api, application-security, attack, authentication, automation, business, ciso, cloud, compliance, computer, computing, container, control, crypto, cryptography, cyber, cybersecurity, data, data-breach, defense, detection, encryption, exploit, finance, flaw, framework, governance, government, healthcare, iam, identity, infrastructure, injection, LLM, malicious, metric, monitoring, network, nist, open-source, oracle, regulation, resilience, risk, service, skills, software, strategy, supply-chain, threat, tool, vulnerability, vulnerability-management, waf, zero-day, zero-trustAI, Quantum, and the New Threat Frontier: What Will Define Cybersecurity in 2026? madhav Tue, 01/06/2026 – 04:44 If we think 2025 has been fast-paced, it’s going to feel like a warm-up for the changes on the horizon in 2026. Every time this year, Thales experts become cybersecurity oracles and predict where the industry is…
-
Equifax Europe CISO: Notorious breach spurred cybersecurity transformation
Tags: access, ai, attack, authentication, awareness, breach, business, ceo, cio, ciso, cloud, computer, control, corporate, cyber, cyberattack, cybercrime, cybersecurity, data, defense, dora, espionage, finance, framework, google, government, identity, infrastructure, intelligence, network, nis-2, phishing, regulation, risk, risk-management, security-incident, service, strategy, technology, threat, updateCloud as a new technological axis: Equifax’s $3 billion migration to the cloud, “which had been brewing for about seven years” and which the company says is the largest technological investment in its history, has involved moving more than 300 systems, over 30 product families, and thousands of customers to the company’s cloud platform, Equifax Cloud, in Spain…
-
What does a free to implement AI compliance strategy look like
How Can Organizations Implement a Free AI Compliance Strategy Effectively? Are you fully prepared to leverage AI while remaining compliant with regulations? Where enterprises increasingly rely on artificial intelligence, maintaining compliance with regulatory standards is not just essential but also a strategic priority. A robust AI compliance strategy that doesn’t strain budgets is crucial for……
-
Cryptohack Roundup: FCA Outlines UK Crypto Rules
Also: Trader Loses $50M in USDT in Address Poisoning Scam. This week, the U.K. FCA mapped a path to U.K. crypto regulation, iComTech promoter sentenced in Ponzi case, the U.S. SEC sought public company bans for former FTX and Alameda executives, a trader lost $50M in USDT in an address poisoning scam and a Brooklyn…
-
Implementing NIS2, without getting bogged down in red tape
Tags: access, ai, automation, backup, bsi, business, cloud, compliance, control, data, detection, email, encryption, iam, identity, incident response, infrastructure, law, least-privilege, metric, monitoring, network, nis-2, regulation, saas, sbom, service, siem, soc, software, startup, supply-chain, technology, threat, tool, update, vulnerability, vulnerability-management, zero-dayIT in transition: From text documents to declarative technology: NIS2 essentially requires three things: concrete security measures; processes and guidelines for managing these measures; and robust evidence that they work in practice.Process documentation, that is, policies, responsibilities, and procedures, is not fundamentally new for most larger companies. ISO 27001-based information security management systems, HR processes, and…
-
Why outsourced cyber defenses create systemic risks
Tags: access, ai, attack, backdoor, breach, business, ciso, cloud, compliance, corporate, cyber, cybercrime, cybersecurity, data, defense, detection, dora, exploit, finance, framework, GDPR, governance, government, hacker, healthcare, infrastructure, law, malicious, monitoring, moveIT, msp, nis-2, ransomware, regulation, resilience, risk, software, strategy, supply-chain, threat, tool, vulnerability, zero-trustRisk categories of outsourced IT & cybersecurity: When you outsource, responsibility shifts, but accountability never leaves you. The risks fall into clear categories. Operational risks The most basic risk is fragile continuity. In 2017, British Airways outsourced parts of its IT operations. A system outage grounded flights worldwide. The vendor contract delivered savings, but it…
-
Europe’s AI Challenge Runs Deeper Than Regulation
Europe Faces Barriers No Legal Rewrite Can Fix. An assumption propelling a proposed recalibration of European tech regulation is that red tape is holding back the trading bloc from gaining ground in a global race for artificial intelligence dominated by the United States and China. But Europe’s problem isn’t merely regulatory drag. First seen on…
-
FireTail’s 2022 Review on Macro, Industry, and Thoughts About What’s Next FireTail Blog
Tags: ai, api, attack, cloud, cyber, cybercrime, cybersecurity, data, exploit, finance, government, infrastructure, intelligence, Internet, jobs, office, open-source, regulation, russia, startup, strategy, technology, usa, vulnerabilityDec 19, 2025 – Jeremy Snyder – New beginnings, such as new years, provide a nice opportunity to look back at what we have just experienced, as well as look forward to what to expect. 2022 was a year of transition in many ways, and 2023 may well be the same. I wanted to reflect…