Tag: regulation
-
How EU Regulations Are Reshaping SOC Operations
NIS2, DORA, and the AI Act are rewriting the rulebook for Security Operations Centers. Here’s what you need to know and do. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/how-eu-regulations-are-reshaping-soc-operations/
-
How EU Regulations Are Reshaping SOC Operations
NIS2, DORA, and the AI Act are rewriting the rulebook for Security Operations Centers. Here’s what you need to know and do. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/how-eu-regulations-are-reshaping-soc-operations-2/
-
Conflicting definitions and timelines cause cybersecurity regulation morass, industry reps say
A recent Government Accountability Office report highlights businesses’ frustrations with the way the government currently oversees cybersecurity. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cybersecurity-regulation-industry-feedback-gao-panel/814215/
-
The Economic Argument: The Real Cost of Insecure APIs in the AI Era
Tags: access, ai, api, application-security, attack, business, compliance, control, corporate, cybersecurity, data, defense, exploit, finance, flaw, framework, governance, identity, injection, international, jobs, malicious, privacy, regulation, risk, threat, tool, vulnerabilityWhen cybersecurity teams talk about risk, they usually speak in technical terms like vulnerabilities, exploits, and attack vectors. But when they walk into the boardroom, they need to speak a different language. They need to speak about cost. In the era of AI, the cost of insecure APIs has shifted from a potential liability to…
-
The OT security time bomb: Why legacy industrial systems are the biggest cyber risk nobody wants to fix
Tags: access, attack, authentication, awareness, business, ciso, compliance, control, cyber, cybersecurity, data, detection, exploit, firewall, incident, incident response, infrastructure, insurance, ISO-27001, metric, mfa, monitoring, network, office, phishing, ransomware, regulation, resilience, risk, risk-management, service, siem, soc, stuxnet, supply-chain, tool, vpn, vulnerability, zero-dayWhy everyone knows it’s burning, but nobody pulls the fire alarm: When I talk to OT managers, production leads or plant engineers, I rarely hear, “We didn’t know we had a problem.” Far more often, it’s, “We know it’s critical, but we can’t just shut it down.” This gap between awareness and action is the…
-
President Trump’s Cyber Strategy for America: What It Means for the U.S. and Why It Matters Globally
Tags: access, ai, awareness, business, ceo, cloud, compliance, computing, cryptography, cyber, cybercrime, cybersecurity, data, defense, exploit, governance, government, healthcare, incident response, infrastructure, intelligence, international, malicious, network, regulation, resilience, risk, skills, startup, strategy, supply-chain, technology, threat, tool, training, usa, vulnerability, zero-trustPresident Trump’s Cyber Strategy for America signals a shift toward risk-based security and cooperation across emerging technologies. While centered on U.S. interests, the strategy provides a blueprint to collectively strengthen global cyber resilience. Key takeaways Cybersecurity as a global security imperative: The strategy signals that cybersecurity has evolved beyond a mere “IT issue” to become…
-
Conflicting definitions and timelines causing cybersecurity regulation morass, industry reps say
A recent Government Accountability Office report highlights businesses’ frustrations with the way the government currently oversees cybersecurity. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cybersecurity-regulation-industry-feedback-gao-panel/814215/
-
New White House cyber strategy pledges to ease regulations, ‘impose costs’ on bad actors
The White House unveiled its National Cyber Strategy, pledging more offensive cyber actions against criminal networks and adversarial governments. First seen on therecord.media Jump to article: therecord.media/trump-cyber-strategy-released-regulations
-
Should Cloud Be Classed as Critical Infrastructure?
Tags: access, authentication, banking, breach, business, cloud, compliance, computing, container, control, cyber, cybersecurity, data, dora, encryption, fido, finance, framework, governance, Hardware, healthcare, identity, incident, infrastructure, mfa, network, nis-2, radius, regulation, resilience, risk, saas, service, strategy, supply-chain, technologyShould Cloud Be Classed as Critical Infrastructure? madhav Thu, 03/05/2026 – 09:53 Over the past few years, large-scale cloud outages have demonstrated just how deeply digital services are woven into the fabric of modern society. When widely used cloud platforms experience disruption, the impact extends far beyond individual applications; banking services stall, transport systems falter,…
-
State-affiliated hackers set up for critical OT attacks that operators may not detect
Tags: access, antivirus, attack, conference, control, credentials, cyberattack, cybersecurity, data, data-breach, defense, detection, exploit, firmware, fortinet, group, hacker, incident response, infrastructure, Internet, Intruder, lessons-learned, malware, mfa, monitoring, network, password, penetration-testing, phishing, regulation, russia, service, spear-phishing, supply-chain, threat, tool, ukraine, update, vulnerabilityRussia’s OT attack teams expand beyond Ukraine: The Russia-linked pair Kamacite and Electrum, which Dragos has tracked since the mid-2010s and is responsible for the 2015 and 2016 cyberattacks that took down parts of Ukraine’s power grid, expanded operations into NATO territory in 2025 after years focused almost exclusively on Ukrainian targets.Kamacite, which serves as…
-
State-affiliated hackers set up for critical OT attacks that operators may not detect
Tags: access, antivirus, attack, conference, control, credentials, cyberattack, cybersecurity, data, data-breach, defense, detection, exploit, firmware, fortinet, group, hacker, incident response, infrastructure, Internet, Intruder, lessons-learned, malware, mfa, monitoring, network, password, penetration-testing, phishing, regulation, russia, service, spear-phishing, supply-chain, threat, tool, ukraine, update, vulnerabilityRussia’s OT attack teams expand beyond Ukraine: The Russia-linked pair Kamacite and Electrum, which Dragos has tracked since the mid-2010s and is responsible for the 2015 and 2016 cyberattacks that took down parts of Ukraine’s power grid, expanded operations into NATO territory in 2025 after years focused almost exclusively on Ukrainian targets.Kamacite, which serves as…
-
Car Tyre Sensors Can Be Used to Track Drivers Without Their Knowledge
New research from IMDEA Networks reveals how unencrypted signals from tyre pressure sensors in brands like Toyota and Mercedes can be used for covert vehicle tracking. Learn how these low-cost systems can map out your daily routines and why current regulations fail to protect driver privacy. First seen on hackread.com Jump to article: hackread.com/car-tyre-sensors-track-drivers-without-knowledge/
-
Car Tyre Sensors Can Be Used to Track Drivers Without Their Knowledge
New research from IMDEA Networks reveals how unencrypted signals from tyre pressure sensors in brands like Toyota and Mercedes can be used for covert vehicle tracking. Learn how these low-cost systems can map out your daily routines and why current regulations fail to protect driver privacy. First seen on hackread.com Jump to article: hackread.com/car-tyre-sensors-track-drivers-without-knowledge/
-
Car Tyre Sensors Can Be Used to Track Drivers Without Their Knowledge
New research from IMDEA Networks reveals how unencrypted signals from tyre pressure sensors in brands like Toyota and Mercedes can be used for covert vehicle tracking. Learn how these low-cost systems can map out your daily routines and why current regulations fail to protect driver privacy. First seen on hackread.com Jump to article: hackread.com/car-tyre-sensors-track-drivers-without-knowledge/
-
MSP Strategic Defense: Building Compliance on Dynamic Attack Surface Reduction
Tags: attack, compliance, control, cyber, defense, dora, HIPAA, insurance, ISO-27001, msp, nis-2, PCI, regulation, soc, supply-chain<div cla Compliance expectations across SMB markets are rising as supply chain regulations and cyber insurance requirements raise the baseline for security maturity. Regulatory standards such as CIS Controls v8, the NIS2 Directive, ISO 27001, SOC 2, PCI DSS, HIPAA, Cyber Essentials, CMMC 2.0, DORA, and the Essential Eight now shape what that baseline looks…
-
Apple blocks 18+ app downloads in select markets
Apple has introduced expanded age assurance tools to help developers comply with regulations taking effect in Brazil, Australia, Singapore, Utah, and Louisiana. The updates, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/25/apple-expands-age-verification-controls/
-
The Coming Regulatory Wave for AI Agents Their APIs
Tags: access, ai, api, attack, ciso, compliance, control, corporate, data, endpoint, finance, framework, governance, guide, infrastructure, leak, monitoring, regulation, risk, toolFor the past two years, the adoption of Generative AI has felt like a gold rush. Organizations raced to integrate Large Language Models and build autonomous agents to assist employees. They often bypassed standard governance processes in the name of speed and innovation. That era of unrestricted experimentation is rapidly drawing to a close. A…
-
Ukraine pushes tighter Telegram regulation, citing Russian recruitment of locals
Protecting Ukrainian national security will probably require restrictions on Telegram and other anonymous online platforms as Russia continues to use them to organize sabotage and terrorism, officials said. First seen on therecord.media Jump to article: therecord.media/ukraine-telegram-regulation-russia-sabotage-recruitment
-
How Enterprise CISOs Design Their Cyber Risk Management Strategy
Tags: ai, business, ciso, cyber, cybersecurity, finance, regulation, risk, risk-management, strategy<div cla For today’s CISOs, enterprise cyber risk management is no longer a technical exercise. It’s a leadership mandate that sits at the intersection of security, business risk, regulation, and executive accountability. Aligning proactive cybersecurity risk management strategies with the business’s overall risk posture is an ongoing, necessary process. A lack of alignment between cybersecurity…
-
UK sets course for stricter AI chatbot regulation
The UK government has announced immediate action to force AI chatbot providers to comply with laws requiring online platforms to protect children from illegal and harmful … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/16/uk-ai-chatbot-rules-child-online-safety/
-
150+ Key Compliance Statistics: AI, Data Privacy, Cybersecurity Regulatory Trends to Know in 2026
In 2026, compliance sits at the intersection of AI adoption, expanding privacy regulations, and rising cybersecurity risk. As regulatory expectations tighten and digital systems grow more complex, organizations are under. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/150-key-compliance-statistics-ai-data-privacy-cybersecurity-regulatory-trends-to-know-in-2026/
-
Roses Are Red, AI Is Wild: A Guide to AI Regulation
AI regulation doesn’t have to be romanticized or feared. Understand what matters in AI governance, compliance, and SaaS risk management. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/roses-are-red-ai-is-wild-a-guide-to-ai-regulation/
-
Roses Are Red, AI Is Wild: A Guide to AI Regulation
AI regulation doesn’t have to be romanticized or feared. Understand what matters in AI governance, compliance, and SaaS risk management. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/roses-are-red-ai-is-wild-a-guide-to-ai-regulation/
-
EU Privacy Watchdogs Pan Digital Omnibus
Critics Say Regulation Amendments Would Chip Away at Fundamental Rights. A slew of amendments to European tech regulations touted by the European Commission as necessary for boosting continental competitiveness is receiving pushback from privacy watchdogs unhappy with changes that could water down EU privacy laws. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/eu-privacy-watchdogs-pan-digital-omnibus-a-30744
-
CISA to host industry feedback sessions on cyber incident reporting regulation
One industry official told CyberScoop the town halls are probably not what CIRCIA needs right now. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisa-circia-town-halls-cyber-incident-reporting-rule/
-
India Brings AI-Generated Content Under Formal Regulation with IT Rules Amendment
The Central Government has formally brought AI-generated content within India’s regulatory framework for the first time. Through notification G.S.R. 120(E), issued by the Ministry of Electronics and Information Technology (MeitY) and signed by Joint Secretary Ajit Kumar, amendments were introduced to the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021. The revised…
-
Critics warn America’s ‘move fast’ AI strategy could cost it the global market
As the U.S. promises a light-touch approach to AI regulation, businesses and other stakeholders must work out the rules of the road for themselves. First seen on cyberscoop.com Jump to article: cyberscoop.com/trump-ai-policy-global-adoption-safety-regulation-critics/
-
AI and Regulation Redefine Application Security, New Global Study Finds
Artificial intelligence has overtaken all other forces shaping application security, according to a major new industry study that shows organisations racing to secure AI-generated code while responding to growing regulatory pressure. The 16th edition of the Building Security In Maturity Model (BSIMM), released by Black Duck, analysed real-world software security practices across 111 organisations worldwide,…
-
The Compliance Convergence Challenge: Permission Sprawl and AI Regulations in Hybrid Environments
Permission sprawl is colliding with AI regulations, creating new compliance risks across hybrid and multi-cloud environments. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/the-compliance-convergence-challenge-permission-sprawl-and-ai-regulations-in-hybrid-environments/
-
Building trust with the board through evidence-based proof
Tags: backup, business, cio, ciso, compliance, control, cyber, cybersecurity, data, finance, governance, incident, insurance, mitigation, regulation, resilience, risk, strategy, tool, updateBuilding a common language to get to “Here’s the proof of cyber resilience”: CISOs can reframe the discussion using data and evidence. Modern cybersecurity tools produce a large volume of data and information on how they operate at any point in time, the status of controls deployed, the validation of configuration and more. There’s an…