Tag: regulation
-
What is a CISO? The top IT security leader role explained
Tags: access, authentication, breach, business, ceo, cio, cisa, ciso, compliance, computer, container, control, corporate, credentials, cyber, cybersecurity, data, ddos, defense, dns, encryption, exploit, finance, firewall, framework, fraud, guide, Hardware, healthcare, infosec, infrastructure, intelligence, international, jobs, kubernetes, mitigation, msp, mssp, network, nist, programming, RedTeam, regulation, risk, risk-management, security-incident, service, skills, software, strategy, technology, threat, training, vpn, zero-day, zero-trust. You’ll often hear people say the difference between the two is that CISOs focus entirely on information security issues, while a CSOs remit is wider, also taking in physical security as well as risk management.But reality is messier. Many companies, especially smaller ones, have only one C-level security officer, called a CSO, with IT…
-
Data Center Security
In an era where data is the lifeblood of every enterprise, safeguarding the core of your digital operations”, the data center”, is absolutely non-negotiable. With cyber threats evolving, regulations tightening, and infrastructure growing more complex, data center security is the pillar of business continuity, trust, and reputation. At Seceon, we understand this better than anyone,…
-
Strong regulation can nudge automakers to improve customers’ privacy, research suggests
Fines from a state regulator pushed one car maker to improve the data privacy on its website and customer portal, and others seem to have taken notice, according to new ratings from the watchdog Privacy4Cars. First seen on therecord.media Jump to article: therecord.media/automakers-data-privacy-ratings-websites-customer-portals
-
5 hard truths of a career in cybersecurity, and how to navigate them
Tags: access, ai, application-security, attack, awareness, best-practice, breach, business, cio, ciso, conference, control, cyber, cybersecurity, data-breach, finance, firewall, framework, gartner, identity, ISO-27001, jobs, mitigation, network, regulation, risk, risk-assessment, risk-management, skills, strategy, technology, threat, training, wafCybersecurity teams protect systems but neglect people: After all the effort it takes to break into cybersecurity, professionals often end up on teams that don’t feel welcoming or supportive.Jinan Budge, a research director at Forrester who focuses on enabling CISOs and other technical leaders, believes the way most cybersecurity career paths are structured plays a…
-
6 things keeping CISOs up at night
Tags: access, ai, attack, breach, business, cio, ciso, cloud, compliance, control, cyber, data-breach, deep-fake, email, exploit, infrastructure, jobs, metric, password, phishing, regulation, risk, service, technology, threat, tool, training, vulnerabilityAI’s potential to create a competency crisis: At mental health organization Headspace CISO Jameeka Aaron sees many potential applications for AI but she is balancing enablement with caution. However, Aaron is particularly concerned about the impact of generative AI on the hiring process.While strong developers can leverage AI to their advantage, weaker developers may appear…
-
How CISOs can scale down without compromising security
Tags: breach, business, ciso, compliance, control, cybersecurity, data, detection, finance, framework, gartner, governance, intelligence, jobs, metric, open-source, regulation, resilience, risk, soc, strategy, threat, tool, training, vulnerabilityStrategic risk (high, medium, low): What’s the actual exposure if this control fails?Business alignment: Which functions are enabling revenue, customer trust, or compliance?No-brainers: These are redundant tools, shelfware, or “security theatre” controls that look good on paper but deliver no measurable protection.For this assessment, Mahdi brings together a cross-functional team that includes business unit leaders,…
-
Chinese Hackers Exploit Software Vulnerabilities to Breach Targeted Systems
Tags: breach, china, cyber, exploit, flaw, hacker, network, regulation, software, technology, vulnerabilityChina’s Cyberspace Administration, Ministry of Public Security, and Ministry of Industry and Information Technology introduced the Regulations on the Management of Network Product Security Vulnerabilities (RMSV) in July 2021, mandating that software vulnerabilities exploitable flaws in code be reported to the MIIT within 48 hours of discovery. This policy prohibits researchers from publishing vulnerability details,…
-
Internet Archive is now a US federal depository library
The Internet Archive has become an official U.S. federal depository library, providing online users with access to archived congressional bills, laws, regulations, presidential documents, and other U.S. government documents. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/technology/internet-archive-is-now-a-us-federal-depository-library/
-
An inside look into how a coalition of state legislators plans to take on data brokers
A state lawmaker spoke to Recorded Future News about how a multistate group of legislators is working to put regulations on the data broker industry. First seen on therecord.media Jump to article: therecord.media/state-coalition-lawmakers-data-broker-rules
-
An inside look into how a coalition of state legislators plan to take on data brokers
A state lawmaker spoke to Recorded Future News about how a multistate group of legislators is working to put regulations on the data broker industry. First seen on therecord.media Jump to article: therecord.media/state-coalition-lawmakers-data-broker-rules
-
New York Unveils ‘Nation-Leading’ Water Sector Cyber Rules
State Seeks Public Input on New Reporting Rules and Regulations for Water Sector. New York State has unveiled a comprehensive set of water and wastewater cybersecurity regulations aimed at bolstering defenses for the vulnerable critical infrastructure sector, in addition to a new competitive investment program to help modernize under-resourced entities. First seen on govinfosecurity.com Jump…
-
California privacy regulator approves watered-down AI rules
The new regulations have been controversial because the California Privacy Protection Agency (CPPA) overhauled them to be significantly weaker than the originally-proposed rules. First seen on therecord.media Jump to article: therecord.media/california-privacy-agency-approves-ai-rules
-
ENISA Turns to Experts to Steer EU Cyber Regulations
Newly Appointed Advisory Group to Support NIS2 and CRA Implementation Across Europe. Beginning Aug. 1, European Union Agency for Cybersecurity, ENISA, will launch a new Advisory Group composed of 26 independent experts to help guide the EU’s cybersecurity strategy through 2027. Their work will support the rollout of the NIS2 Directive and the Cyber Resilience…
-
New York Proposes Cybersecurity Regulations for Water Systems
A series of new cybersecurity regulations related to the water industry have been set out by New York state agencies First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/new-york-cybersecurity-regulations/
-
Netherlands calls for European shift to post-tracking internet as privacy laws fail
Dutch research institute argues decade of regulation hasn’t curbed surveillance capitalism, proposes fundamental business model change First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366627666/Netherlands-calls-for-European-shift-to-post-tracking-internet-as-privacy-laws-fail
-
How AI is changing the GRC strategy
Tags: access, ai, best-practice, breach, business, ciso, compliance, control, data, detection, finance, framework, fraud, governance, grc, guide, law, monitoring, network, nist, privacy, regulation, risk, risk-analysis, risk-management, strategy, threat, toolAdapting existing frameworks with AI risk controls: AI risks include data safety, misuse of AI tools, privacy considerations, shadow AI, bias and ethical considerations, hallucinations and validating results, legal and reputational issues, and model governance to name a few.AI-related risks should be established as a distinct category within the organization’s risk portfolio by integrating into…
-
Unified Cyber Standards Are Vital for 5G Resilience
5G OT Security Summit Speakers on Secure Frameworks for Regional Infrastructure. At a time when ASEAN nations are accelerating 5G deployments, cybersecurity leaders at the 5G and OT Security Summit in Malaysia issued a sobering warning: Fragmented regulations and uneven OT readiness threaten to undermine the region’s digital ambitions. First seen on govinfosecurity.com Jump to…
-
8 tough trade-offs every CISO must navigate
Tags: access, ai, attack, business, ciso, cloud, compliance, computer, cyber, cybersecurity, ddos, defense, detection, framework, group, healthcare, incident response, jobs, malicious, mfa, regulation, resilience, risk, service, technology, threat, tool, vulnerability2. Weighing security investments when the budget forces choices: Closely related to the trade-off around risk is what CISOs must navigate when it comes to security investments.”For most CISOs, when they have to make tough choices, 99% of the time it’s due to budget constraints that force them to weight risks versus rewards,” says John…
-
The head of the California Privacy Protection Agency on the future of data privacy regulation
Kemp spoke with Recorded Future News about why he believes data brokers are dangerous and whether forthcoming federal privacy legislation is likely to wipe out California’s pioneering privacy law. First seen on therecord.media Jump to article: therecord.media/california-privacy-protection-agency-tom-kemp-interview
-
Cybersecurity Operations and AI Carry Hidden Climate Costs
Crypto Defense, Data Centers, Monitoring Systems Strain Global Energy Use As security monitoring, crypto mining protection and data centers fuel cybersecurity’s energy demands, new regulations, such as Australia’s National Greenhouse and Energy Reporting Act 2007, signal a global shift toward holding the industry accountable for its environmental impact. First seen on govinfosecurity.com Jump to article:…
-
CISOs urged to fix API risk before regulation forces their hand
Most organizations are exposing sensitive data through APIs without security controls in place, and they may not even realize it, according to Raidiam. Their report, API … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/08/report-enterprise-api-security-risks/
-
Has CISO become the least desirable role in business?
Tags: advisory, ai, business, cio, ciso, control, corporate, cybersecurity, data, dora, finance, governance, international, jobs, network, office, regulation, resilience, risk, sap, skills, startup, threatGeorge Gerchow, CSO, Bedrock Security George Gerchow / Bedrock Security”I’ll never report to a CTO or CFO again. I have to have seat at the table,” he says emphatically. Otherwise, he says, you become frustrated “because you’re not in control of your own destiny. You’re parsing everything to this other person who’s a leader in…
-
Mastering Real-Time Cloud Data Governance Amid Evolving Threats and Regulations
Real-time data governance provides security and privacy teams with immediate visibility into what is happening, allowing them to stop a problem before it becomes a crisis. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/mastering-real-time-cloud-data-governance-amid-evolving-threats-and-regulations/
-
Cybersecurity essentials for the future: From hype to what works
Cybersecurity never stands still. One week it’s AI-powered attacks, the next it’s a new data breach, regulation, or budget cut. With all that noise, it’s easy to get … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/02/cybersecurity-essentials-best-practices/
-
Senate Strips AI Moratorium Amid Sharp Bipartisan Opposition
Republicans Remove Controversial AI Regulatory Ban in Trump’s ‘Big, Beautiful Bill’. Senate Republicans removed a state moratorium on artificial intelligence regulations from its version of President Donald Trump’s big, beautiful bill following bipartisan warnings the component could risk data privacy and civil rights – particularly without a strong federal regulatory framework. First seen on govinfosecurity.com…
-
How to Chart an Exposure Management Leadership Path for You, Your Boss and Your Organization
Tags: access, attack, automation, breach, business, ciso, cloud, container, cybersecurity, data, defense, exploit, identity, incident response, iot, jobs, kubernetes, ransom, regulation, risk, security-incident, service, soc, threat, tool, vulnerability, vulnerability-managementEach Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, we share some tips on how to lead the move to exposure management. You can read the entire Exposure Management Academy series here. For years, organizations poured resources into reactive…
-
Germany Urges Apple and Google to Ban Chinese AI App DeepSeek Over Privacy Concerns
Berlin’s data protection commissioner, Meike Kamp, has raised serious alarms over the Chinese AI application DeepSeek, accusing the company of unlawfully transferring personal data of German users to China in violation of the European Union’s stringent General Data Protection Regulation (GDPR). In a statement released on Friday, Kamp highlighted that DeepSeek has failed to demonstrate…
-
The rise of the compliance super soldier: A new human-AI paradigm in GRC
Tags: ai, automation, awareness, compliance, control, governance, grc, jobs, law, LLM, metric, regulation, risk, skills, strategy, threat, tool, training, updateRegulatory acceleration: Global AI laws are evolving but remain fragmented and volatile. Toolchain convergence: Risk, compliance and engineering workflows are merging into unified platforms. Maturity asymmetry: Few organizations have robust genAI governance strategies, and even fewer have built dedicated AI risk teams. These forces create a scenario where GRC teams must evolve rapidly, from policy monitors to strategic…
-
AI Moratorium Stays in US Senate Budget Reconciliation Bill
10-Year Freeze on AI State Laws Remains in Senate Bill Despite Fierce Pushback. A decade-long federal ban on state AI regulations remains in the Senate’s version of Trump’s sweeping legislative bill, drawing sharp bipartisan criticism for sidelining state oversight and granting tech giants a reprieve amid growing calls for stronger AI governance. First seen on…
-
Unstructured Data Management: Closing the Gap Between Risk and Response
Unstructured Data Management: Closing the Gap Between Risk and Response madhav Tue, 06/24/2025 – 05:44 The world is producing data at an exponential rate. With generative AI driving 90% of all newly created content, organizations are overwhelmed by an ever-growing data estate. More than 181 zettabytes of data now exist globally”, and 80% of it…