Tag: regulation
-
Keyfactor Lands $1B to Expand Crypto Trust Platform
CEO Jordan Rackie Cites AI, Regulation and Quantum Computing as Big Demand Drivers. Summit Partners invested $1 billion in Keyfactor as enterprises accelerate post-quantum cryptography planning, AI-driven identity management and cryptographic modernization, giving the trust infrastructure provider capital to expand R&D, global operations and enterprise security capabilities. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/keyfactor-lands-1b-to-expand-crypto-trust-platform-a-32163
-
Aussies Face Reduced Cybercrime Risk, as Pressure Shifts to SMBs
Improved institutional safeguards and stricter regulations have pushed the burdens of protection and risk reduction on to Australian businesses. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-analytics/aussies-face-reduced-cybercrime-risk-pressure-shifts-smbs
-
FCC Bans Chinese-Produced Network Equipment Linked to Cyber and Espionage Risks
The U.S. Federal Communications Commission (FCC) has implemented comprehensive new restrictions banning the import and marketing of Chinese-produced telecommunications and surveillance equipment identified as posing significant cybersecurity and espionage risks. Announced on June 26, 2026, this updated regulation addresses a longstanding loophole that previously allowed companies on the FCC’s “Covered List” to continue selling older,…
-
Is It Time to Put Some Teeth in Post-Quantum Guidelines?
Despite Government Regulations, Few Enterprises Have Moved Past Migration Planning. The post-quantum cryptography transition has moved beyond a theoretical exercise. Governments regulators have begun publishing migration road maps and setting increasingly explicit expectations around cryptographic inventories and governance. Yet many organizations are still in the planning phase. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/it-time-to-put-some-teeth-in-post-quantum-guidelines-a-32039
-
Is It Time to Put Some Teeth in Post-Quantum Guidelines?
Despite Government Regulations, Few Enterprises Have Moved Past Migration Planning. The post-quantum cryptography transition has moved beyond a theoretical exercise. Governments regulators have begun publishing migration road maps and setting increasingly explicit expectations around cryptographic inventories and governance. Yet many organizations are still in the planning phase. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/it-time-to-put-some-teeth-in-post-quantum-guidelines-a-32039
-
EU Cybersecurity Act 2.0: When good regulation goes bad
Over recent years we’ve witnessed the EU becoming increasingly serious about cybersecurity. After years of watching high profile breaches, many resulting from supply chain … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/16/eu-cybersecurity-act-2-0-regulation/
-
EU Cybersecurity Act 2.0: When good regulation goes bad
Over recent years we’ve witnessed the EU becoming increasingly serious about cybersecurity. After years of watching high profile breaches, many resulting from supply chain … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/16/eu-cybersecurity-act-2-0-regulation/
-
Policy as Code: From Documents to Machine Intelligence
Policy as Code Turns Static Compliance Documents Into Enforceable, Auditable Policy For decades, policies, standards and procedures have anchored security and compliance governance. But static documents can no longer keep pace with dynamic regulations and frontier technology. Policy as Code transforms them into machine-readable, enforceable, continuously verifiable rules that drive real business decisions. First seen…
-
Russia upgrades rules for its digital spy system to better track citizens online
New regulations published by Russia’s Ministry of Digital Development at the end of May updated the technical standards governing SORM, formally known as the System for Operative Investigative Activities. First seen on therecord.media Jump to article: therecord.media/russia-upgrades-rules-for-digital-spy-system-sorm
-
Securing the AI Supply Chain in the European Union
The European Union’s AI strategy is entering a new phase. What began as a commitment to “trustworthy AI,” grounded in ethics and human rights, is now evolving into a legally enforceable framework for technically secure AI. EU-specific AI, data and cybersecurity regulations are taking effect, alongside the January 2026 Digital Omnibus initiative. Cybersecurity is no…
-
Can Laws Stop Deepfakes? South Korea Aims to Find Out
South Korea’s local elections next month will be a test bed for how effective regulations might be to stymie the flow of deepfakes. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/can-laws-stop-deepfakes-south-korea
-
EU’s Cyber Resiliency Act will put IT leaders to the test
Tags: access, attack, cio, cyber, cybersecurity, data, encryption, exploit, firewall, Hardware, identity, infrastructure, Internet, kubernetes, law, malicious, mitigation, open-source, password, programming, regulation, risk, risk-assessment, router, sbom, software, supply-chain, tool, update, vpn, vulnerabilityProduct safety: The CRA says digital products have to be secure by design and default, and can’t ship with known vulnerabilities like obvious default passwords that can be exploited. They also must be updatable if such vulnerabilities are found later, as well as minimize their impact by limiting the attack surface and protecting confidentiality and…
-
EU’s Cyber Resiliency Act will put IT leaders to the test
Tags: access, attack, cio, cyber, cybersecurity, data, encryption, exploit, firewall, Hardware, identity, infrastructure, Internet, kubernetes, law, malicious, mitigation, open-source, password, programming, regulation, risk, risk-assessment, router, sbom, software, supply-chain, tool, update, vpn, vulnerabilityProduct safety: The CRA says digital products have to be secure by design and default, and can’t ship with known vulnerabilities like obvious default passwords that can be exploited. They also must be updatable if such vulnerabilities are found later, as well as minimize their impact by limiting the attack surface and protecting confidentiality and…
-
Europe Moves to Delay and Dilute AI Regulations
Trilogue Deal Carves Out Industrial AI, Adds Nudifier Ban. Lawmakers from Europe’s political institutions agreed to water down the continent’s landmark artificial intelligence regulation at a moment when the 2024 AI Act has barely started to be implemented. The law’s requirements for high-risk AI will likely only be enforced starting in December 2027. First seen…
-
Ten years later, has the GDPR fulfilled its purpose?
Tags: access, ai, breach, business, china, cio, compliance, data, data-breach, dora, finance, flaw, framework, GDPR, governance, government, international, jobs, law, mobile, office, privacy, regulation, risk, service, technology, tool, trainingFernando Maldonado, technology advisor at Foundry. MuleSoft. Gray areas remain: Still, if anything has been demonstrated in the decade since its entry into force, it’s that the GDPR still has a long way to go.Miguel Recio, president of APEP.IA (Spanish Professional Association for Privacy), argues that some of the limitations that have been exposed about the…
-
US government agency to safety test frontier AI models before release
Executive order ‘taking shape’: Following the announcement from CAISI, a published report on Wednesday indicated that the White House is on the verge of preparing an executive order that would see the creation of a vetting system for all new artificial intelligence models, key among them Anthropic’s Mythos.Bloomberg reported, “the directive is taking shape weeks…
-
EU finance firms urged to get on with anti-money laundering compliance
Two-thirds of finance firms in the European Union are at risk of missing next year’s deadline to comply with anti-money laundering regulations First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366642629/EU-finance-firms-urged-to-get-on-with-anti-money-laundering-compliance
-
IAM tools help Oracle Red Bull Racing keep pace with strict F1 regulations
Oracle Red Bull Racing massively improved the efficiency of its aerodynamics testing procedures after implementing new identity technology from 1Password. Learn more about this unlikely link First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366642593/IAM-tools-help-Oracle-Red-Bull-Racing-keep-pace-with-strict-F1-regs
-
AI Usage Monitoring: How to See Everything Your Employees Are Doing with AI FireTail Blog
Tags: access, ai, ciso, compliance, control, data, detection, GDPR, guide, login, monitoring, network, regulation, risk, toolApr 29, 2026 – Lina Romero – What is AI usage monitoring? AI usage monitoring is the practice of logging, tracking, and analysing how employees and systems interact with AI tools, both sanctioned and unsanctioned. FireTail provides centralised AI activity logging that gives security teams a real-time view of AI usage across the entire organisation.…
-
New US House privacy bills raise hard questions about enterprise data collection
Tags: access, ai, awareness, banking, business, cio, ciso, compliance, credentials, data, finance, framework, governance, group, identity, insurance, Internet, jobs, law, privacy, regulation, risk, service, strategy, supply-chainWhere privacy law overlaps with AI governance: The SECURE Data Act does not contain broad, standalone AI governance rules, but it still touches AI in meaningful ways.The bill includes opt-outs for fully automated profiling used for decisions with legal or similarly significant effects. That language can clearly implicate some uses of AI, particularly in hiring,…
-
DORA and operational resilience: Credential management as a financial risk control
Tags: access, authentication, breach, control, credentials, dora, finance, regulation, resilience, riskArticle 9 of DORA makes authentication and access control a legal obligation for EU financial entities. Here is what the regulation requires, and what a breach looks like when those controls are missing. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/dora-and-operational-resilience-credential-management-as-a-financial-risk-control/
-
When Geopolitics Writes Your Compliance Roadmap
Cyber policy has always lagged cyber reality. Regulations arrive after breaches, frameworks emerge after failures, and accountability structures materialize long after the damage lands on someone else’s balance sheet. NCC Group’s fifth edition of its Global Cyber Policy Radar suggests that cycle is finally breaking, not because governments have gotten smarter, but because the.. First…
-
Top 5 Enterprise DMARC Vendors that Optimize Email Security in 2026
Originally published at Top 5 Enterprise DMARC Vendors that Optimize Email Security in 2026 by Ruben Khachatryan. As email threats continue to grow and regulations … First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/top-5-enterprise-dmarc-vendors-that-optimize-email-security-in-2026/
-
Article 12 and the Logging Mandate: What the EU AI Act Actually Requires FireTail Blog
Tags: access, ai, breach, ciso, cloud, compliance, control, data, data-breach, finance, GDPR, grc, healthcare, infrastructure, insurance, jobs, metric, monitoring, regulation, risk, saas, service, toolApr 16, 2026 – Lina Romero – When GDPR arrived, the organisations that had mistaken documentation for capability were the ones that struggled the most. They had policies about data retention but no technical controls enforcing those policies. They had breach notification procedures but no systems capable of detecting a breach in time to use…
-
Beyond the Spreadsheet: Why Manual AI Audits Are an EU AI Act Compliance Liability FireTail Blog
Tags: access, ai, ciso, cloud, compliance, control, data, detection, finance, framework, GDPR, governance, grc, group, incident response, infrastructure, ISO-27001, monitoring, regulation, risk, saas, service, soc, toolApr 16, 2026 – Alan Fagan – When it comes to the EU AI Act, many organisations take a manual approach to auditing, which looks impressive on paper but collapses under regulatory scrutiny. They use policies, surveys, working groups, and a well-formatted risk register. However, a manual approach does not provide the continuous, automated, technical…
-
Beyond the Spreadsheet: Why Manual AI Audits Are an EU AI Act Compliance Liability FireTail Blog
Tags: access, ai, ciso, cloud, compliance, control, data, detection, finance, framework, GDPR, governance, grc, group, incident response, infrastructure, ISO-27001, monitoring, regulation, risk, saas, service, soc, toolApr 16, 2026 – Alan Fagan – When it comes to the EU AI Act, many organisations take a manual approach to auditing, which looks impressive on paper but collapses under regulatory scrutiny. They use policies, surveys, working groups, and a well-formatted risk register. However, a manual approach does not provide the continuous, automated, technical…
-
The need for a board-level definition of cyber resilience
Tags: awareness, business, cisa, compliance, control, crime, cyber, cybercrime, cybersecurity, detection, finance, framework, governance, law, metric, regulation, resilience, risk, risk-analysis, risk-management, service, supply-chain, technologyWhere the literature converges: Organizational outcomes vs. policy and controls It’s consistently agreed that cyber resilience should be tied to organizational outcomes rather than technical controls and policies. Rather than focusing on metrics such as mean time to detection or number of security controls, organizational cyber resilience needs to evaluate levels of business continuity, preservation…
-
5 trends defining the future of AI-powered cybersecurity
Tags: ai, automation, backup, breach, business, cloud, compliance, cyber, cybersecurity, data, defense, detection, endpoint, framework, government, metric, monitoring, msp, regulation, resilience, threatSee how AI is altering the landscape in the new N-able and Futurum report, Cybersecurity in the Age of AI: Moving from Fragile to Resilient. Get key insights on building a modern framework for business resilience. 2. From perimeter security to continuous cyber resilience: The “castle and moat” approach is obsolete. In a world of…

