Tag: regulation
-
9 ways CISOs can combat AI hallucinations
Tags: access, ai, breach, ciso, compliance, control, corporate, cybersecurity, data, defense, encryption, flaw, framework, GDPR, governance, identity, metric, penetration-testing, regulation, risk, soc, tool, trainingTreat AI outputs as drafts, not finished products: One of the biggest risks is over-trusting AI, according to security experts. Coté says her organization changed its policy so AI-generated content cannot go straight into compliance documentation without a human review.”The moment your team starts treating an AI-generated answer as a finished work product, you have…
-
California Gets Serious About Regulation (Again)
California’s privacy regime has evolved. As of January 1, 2026, the CCPA/CPRA now mandates risk assessments, automated decision-making (AI) oversight, and independent cybersecurity audits. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/california-gets-serious-about-regulation-again/
-
6 key takeaways from RSA Conference 2026
Tags: ai, api, attack, ceo, cio, ciso, compliance, conference, control, cyber, cybersecurity, data, framework, google, governance, government, identity, infrastructure, injection, intelligence, jobs, LLM, office, RedTeam, regulation, risk, saas, service, technology, threat, tool, trainingSecuring the AI stack: Yes, but the threat surface has grown: The first technical priority I offered for CISOs in my conference preview was securing the AI stack, RAG workflows, LLM data pipelines, vector databases, and model APIs, on the basis that prompt injection, training data poisoning, and model inversion attacks were no longer theoretical.The…
-
European Commission data stolen in a cyberattack on the infrastructure hosting its web sites
Tags: attack, breach, ceo, cloud, computer, cyber, cyberattack, cybersecurity, data, hacking, infrastructure, regulationA ‘grim warning’: Ilia Kolochenko, CEO of Swiss-based ImmuniWeb, said that while the attack “may appear to be pretty banal on its face, there are several things to pay attention to.”Referring to the Bleeping Computer report, he said that, given that the attackers allegedly plan to release the data, their key intention here is to…
-
Europe Girds for Looming IoT Security Regulations
European Commission Publishes Draft Guidance for Cyber Resilience Act. Key implementation deadlines loom for one of Europe’s most consequential cybersecurity laws and draft guidance from the European Union may help manufacturers comply – up to a point. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/europe-girds-for-looming-iot-security-regulations-a-31249
-
What the UK Cyber Security Resilience Bill Means for Security Practitioners
Tags: cloud, compliance, cyber, data, detection, finance, framework, incident response, msp, network, nis-2, regulation, resilience, risk, saas, service, supply-chainThe UK Cyber Security & Resilience Bill is progressing through Parliament Royal Assent expected later in 2026. The UK’s Cyber Security and Resilience Bill is working its way through Parliament, and if you haven’t started paying serious attention yet, now is the time. Introduced to the House of Commons in November 2025, the Bill represents…
-
6 key trends reshaping the IAM market
Tags: access, ai, attack, authentication, ciso, compliance, corporate, cyber, cybersecurity, data, dora, finance, framework, governance, government, Hardware, iam, identity, mfa, mobile, network, nis-2, passkey, password, PCI, phone, regulation, saas, service, startup, strategy, technologyPasswordless authentication on the rise: Passwords have long been the weakest link in most security architectures.Many mobile phones and laptops already use biometrics for authentication, and the user experience is typically far better than typing a long and complex password into an interface.The growing uptake of passwordless authentication (FIDO2/passkeys, biometrics) is redefining the scope of…
-
6 key trends reshaping the IAM market
Tags: access, ai, attack, authentication, ciso, compliance, corporate, cyber, cybersecurity, data, dora, finance, framework, governance, government, Hardware, iam, identity, mfa, mobile, network, nis-2, passkey, password, PCI, phone, regulation, saas, service, startup, strategy, technologyPasswordless authentication on the rise: Passwords have long been the weakest link in most security architectures.Many mobile phones and laptops already use biometrics for authentication, and the user experience is typically far better than typing a long and complex password into an interface.The growing uptake of passwordless authentication (FIDO2/passkeys, biometrics) is redefining the scope of…
-
6 key trends reshaping the IAM market
Tags: access, ai, attack, authentication, ciso, compliance, corporate, cyber, cybersecurity, data, dora, finance, framework, governance, government, Hardware, iam, identity, mfa, mobile, network, nis-2, passkey, password, PCI, phone, regulation, saas, service, startup, strategy, technologyPasswordless authentication on the rise: Passwords have long been the weakest link in most security architectures.Many mobile phones and laptops already use biometrics for authentication, and the user experience is typically far better than typing a long and complex password into an interface.The growing uptake of passwordless authentication (FIDO2/passkeys, biometrics) is redefining the scope of…
-
6 key trends reshaping the IAM market
Tags: access, ai, attack, authentication, ciso, compliance, corporate, cyber, cybersecurity, data, dora, finance, framework, governance, government, Hardware, iam, identity, mfa, mobile, network, nis-2, passkey, password, PCI, phone, regulation, saas, service, startup, strategy, technologyPasswordless authentication on the rise: Passwords have long been the weakest link in most security architectures.Many mobile phones and laptops already use biometrics for authentication, and the user experience is typically far better than typing a long and complex password into an interface.The growing uptake of passwordless authentication (FIDO2/passkeys, biometrics) is redefining the scope of…
-
All AI and Security Teams Need Transparent Data Pipelines
Transparent AI data pipelines help organizations verify sources, reduce errors, meet regulations, and build trust by making outputs auditable and reliable. First seen on hackread.com Jump to article: hackread.com/ai-security-teams-transparent-data-pipelines/
-
All AI and Security Teams Need Transparent Data Pipelines
Transparent AI data pipelines help organizations verify sources, reduce errors, meet regulations, and build trust by making outputs auditable and reliable. First seen on hackread.com Jump to article: hackread.com/ai-security-teams-transparent-data-pipelines/
-
All AI and Security Teams Need Transparent Data Pipelines
Transparent AI data pipelines help organizations verify sources, reduce errors, meet regulations, and build trust by making outputs auditable and reliable. First seen on hackread.com Jump to article: hackread.com/ai-security-teams-transparent-data-pipelines/
-
Cyber Resilience Act (EU)
What is the Cyber Resilience Act (EU)? The Cyber Resilience Act (CRA) is a European Union regulation designed to establish mandatory cybersecurity requirements for products with digital elements placed on the EU market. Proposed by the European Commission as part of the EU’s broader cybersecurity strategy, the CRA aims to ensure that hardware and software……
-
White House AI Policy Blueprint Leaves Key Risks Unresolved
Federal Proposal Pushes AI Adoption While Avoiding Regulatory Detail. The White House AI framework urges rapid deployment and federal alignment to counter China while proposing guardrails on fraud, safety and speech – but leaves unresolved conflicts on IP, content regulation and state preemption that Congress must navigate. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/white-house-ai-policy-blueprint-leaves-key-risks-unresolved-a-31102
-
AI makes debut in Bridewell cyber security in CNI report
Regulation has superseded cyber threats as the main driver of cyber security spending, and AI has made its debut for attack and defence, according to a CNI-focused report from Bridewell First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366640469/AI-makes-debut-in-Bridewell-cyber-security-in-CNI-report
-
3 Things to Look for in Cloud Based Web Content Filtering Solutions
Schools rely on web content filtering to protect students, comply with regulations like the Children’s Internet Protection Act (CIPA), and maintain productive learning environments. As learning becomes increasingly digital, school districts must ensure students can access valuable online resources while preventing exposure to harmful or distracting content. Effective web filtering tools help strike that balance.…
-
Regulation Drives Cyber Spending for Critical Infrastructure Orgs
35% of security leaders working in the UK’s critical infrastructure said regulatory requirements are the primary influence on their security programs First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/uk-regulation-drives-cyber/
-
Cybersecurity and privacy priorities for 2026: The legal risk map
Tags: attack, authentication, awareness, best-practice, breach, communications, country, cyber, cybersecurity, data, defense, finance, fraud, governance, government, incident, incident response, infrastructure, law, mfa, monitoring, privacy, ransomware, regulation, risk, risk-management, service, strategy, supply-chain, threat, usaContinued federal interest in cybersecurity and privacy, especially in connection with national security concerns: The evident connection between cybersecurity and privacy and national security have led to a number of federal initiatives in recent years. Most recently in March 2026, the White House announced the current administration’s Cyber Strategy for America, renewing a commitment to…
-
Data Privacy in Technology: Finding Balance in the Age of Surveillance
Data privacy technologies help organizations protect sensitive information while balancing innovation, regulation and user trust. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/data-privacy-in-technology-finding-balance-in-the-age-of-surveillance/
-
Data Privacy in Technology: Finding Balance in the Age of Surveillance
Data privacy technologies help organizations protect sensitive information while balancing innovation, regulation and user trust. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/data-privacy-in-technology-finding-balance-in-the-age-of-surveillance/
-
NY Sets ‘FirstNation’ Cyber Mandates for Water Sector
Program Offers Up to $100K for Security Upgrades and $50K for Assessments. New York is rolling out new cybersecurity regulations for water and wastewater utilities, requiring operators to conduct risk assessments and deploy security controls while offering $2.5 million in grants to strengthen defenses against rising cyberthreats targeting critical infrastructure. First seen on govinfosecurity.com Jump…
-
Don’t confuse asset inventory with exposure management
Tags: access, ai, api, attack, breach, business, chatgpt, cloud, compliance, control, credentials, cyber, cybersecurity, data, data-breach, detection, endpoint, flaw, framework, governance, government, identity, infrastructure, intelligence, Internet, leak, least-privilege, metric, mfa, monitoring, network, regulation, risk, saas, service, software, threat, tool, update, vulnerability, vulnerability-managementAsset discovery tells you what IT exists in your environment. Exposure management tells you what will get you breached. If your platform can’t connect vulnerabilities, identities, misconfigurations, and AI systems into real attack paths, you don’t have exposure management. You have inventory. Key takeaways True exposure management requires more than asset inventory. It’s about merging…
-
Don’t confuse asset inventory with exposure management
Tags: access, ai, api, attack, breach, business, chatgpt, cloud, compliance, control, credentials, cyber, cybersecurity, data, data-breach, detection, endpoint, flaw, framework, governance, government, identity, infrastructure, intelligence, Internet, leak, least-privilege, metric, mfa, monitoring, network, regulation, risk, saas, service, software, threat, tool, update, vulnerability, vulnerability-managementAsset discovery tells you what IT exists in your environment. Exposure management tells you what will get you breached. If your platform can’t connect vulnerabilities, identities, misconfigurations, and AI systems into real attack paths, you don’t have exposure management. You have inventory. Key takeaways True exposure management requires more than asset inventory. It’s about merging…
-
Don’t confuse asset inventory with exposure management
Tags: access, ai, api, attack, breach, business, chatgpt, cloud, compliance, control, credentials, cyber, cybersecurity, data, data-breach, detection, endpoint, flaw, framework, governance, government, identity, infrastructure, intelligence, Internet, leak, least-privilege, metric, mfa, monitoring, network, regulation, risk, saas, service, software, threat, tool, update, vulnerability, vulnerability-managementAsset discovery tells you what IT exists in your environment. Exposure management tells you what will get you breached. If your platform can’t connect vulnerabilities, identities, misconfigurations, and AI systems into real attack paths, you don’t have exposure management. You have inventory. Key takeaways True exposure management requires more than asset inventory. It’s about merging…
-
New York cyber regulations for water organizations to take effect in 2027
The new rules for water and wastewater entities in New York include mandatory cybersecurity training for certified operators, incident response plans and reporting requirements. First seen on therecord.media Jump to article: therecord.media/new-york-water-cyber-regulations
-
New York cyber regulations for water organizations to take effect in 2027
The new rules for water and wastewater entities in New York include mandatory cybersecurity training for certified operators, incident response plans and reporting requirements. First seen on therecord.media Jump to article: therecord.media/new-york-water-cyber-regulations
-
New European Emissions Regs Include Cybersecurity Rules
Cybersecurity Requirements Could Clash With Right-to-Repair. Automakers are generally on track to implement new EU cybersecurity requirements in tailpipe emissions regulations instigated by the long shadow of Volkswagen’s emissions scandal, but there could be a clash between those new rules and others that are intended to guarantee the right-to-repair. First seen on govinfosecurity.com Jump to…
-
How EU Regulations Are Reshaping SOC Operations
NIS2, DORA, and the AI Act are rewriting the rulebook for Security Operations Centers. Here’s what you need to know and do. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/how-eu-regulations-are-reshaping-soc-operations-2/
-
How EU Regulations Are Reshaping SOC Operations
NIS2, DORA, and the AI Act are rewriting the rulebook for Security Operations Centers. Here’s what you need to know and do. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/how-eu-regulations-are-reshaping-soc-operations/