Tag: resilience
-
Wettbewerbsvorteil statt Compliance-Übung Warum DORA mehr ist als ein Hürdenlauf
Die digitale Transformation im Finanzsektor schreitet unaufhaltsam voran und mit ihr wachsen die Anforderungen an die IT-Sicherheit. Mit dem Digital Operational Resilience Act (DORA) hat die EU nun einen wegweisenden Regulierungsrahmen geschaffen, der die digitale Widerstandsfähigkeit von Finanzinstituten stärken soll. Die neue Verordnung betrifft nicht nur Banken und Versicherungen, sondern den gesamten Finanzsektor inklusive […]…
-
DORA ist mehr als nur ein weiteres Regelwerk: Wettbewerbsvorteil statt Compliance-Übung
[link text=”DORA” id=”39656″] markiert einen Wendepunkt in der Regulierung digitaler Resilienz im Finanzsektor. Der Erfolg in der Umsetzung wird maßgeblich davon abhängen, wie gut es Unternehmen gelingt, technische, prozedurale Lösungen wie IGA mit organisatorischen Maßnahmen und einem Risikomanagement zu verbinden. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/dora-ist-mehr-als-nur-ein-weiteres-regelwerk-wettbewerbsvorteil-statt-compliance-uebung/a39736/
-
Why cyber hygiene remains critical in the era of AI-driven threats
Tags: access, ai, attack, authentication, breach, business, cyber, cyberattack, cybersecurity, data, email, exploit, Internet, login, malicious, mfa, network, phishing, resilience, risk, software, strategy, technology, threat, update, vulnerability, zero-trustCyber-attacks are an assumed inevitable for businesses today. As companies increasingly handle large amounts of valuable data, safeguarding operations has never been more important. Now, half (50%) of IT decision-makers report information security as their most time-consuming task[1].While AI offers a promising solution, security leaders must get the basics right first. Only by practicing good…
-
Fortifying cyber security: What does secure look like in 2025?
Tags: access, ai, attack, authentication, business, compliance, cyber, cybercrime, cybersecurity, deep-fake, exploit, finance, Hardware, intelligence, least-privilege, malware, mfa, nis-2, phishing, regulation, resilience, risk, risk-management, scam, software, threat, training, update, vulnerability, zero-trustThe evolving cybersecurity landscape has increased security pressures for IT leaders. With the World Economic Forum estimating, the global cost of cybercrime is projected to reach $10.5trillion annually in 2025, the situation is only escalating[1]. The rise of new technologies, such as Artificial Intelligence (AI), and the complexities introduced by flexible working have made IT…
-
Security validation: The new standard for cyber resilience
Security validation has officially turned a corner. Once considered a “nice-to-have” it’s now a top priority for security leaders worldwide. This shift has been accelerated by … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/10/cyber-resilience-security-validation/
-
SolarWinds to Be Purchased By Turn/River Capital for $4.4B
CEO: Going Private Will Help SolarWinds Expand Its Operational Resilience Vision. SolarWinds agreed to be bought by Turn/River Capital for $4.4 billion just six years after the observability and IT management software firm went public. The proposed deal will help SolarWinds expand its vision in operational resilience and ensure the company’s IT infrastructure remains robust.…
-
CIOs and CISOs grapple with DORA: Key challenges, compliance complexities
Tags: access, automation, banking, business, cio, ciso, communications, compliance, control, country, cyber, cybersecurity, data, dora, finance, framework, GDPR, governance, jobs, law, monitoring, network, nis-2, penetration-testing, privacy, regulation, resilience, risk, risk-management, service, skills, supply-chain, technology, threat, tool, training, vulnerabilityIn force since January, the Digital Operational Resilience Act (DORA) has required considerable effort from CIOs and CISOs at 20 types of financial entities to achieve compliance. For many, the journey is not complete.”In the past months, financial entities targeted by DORA have been busy internally defining roles and responsibilities related to ICT security, identifying…
-
21% of CISOs pressured to not report compliance issues
Tags: awareness, breach, business, ceo, ciso, compliance, control, corporate, cybersecurity, data, dora, finance, framework, governance, incident response, infrastructure, insurance, law, nis-2, regulation, resilience, risk, security-incident, trainingCISOs are increasingly getting caught between business pressures and regulatory obligations, leaving them struggling to balance corporate loyalty and legal accountability.To wit: One in five (21%) security leaders have been pressured by other executives or board members not to report compliance issues at their companies, according to a recent study by security vendor Splunk.The same…
-
Anomalies are not Enough
Tags: ai, attack, ciso, communications, country, cybersecurity, data, data-breach, defense, email, government, LLM, mail, marketplace, mitre, ml, network, resilience, risk, service, siem, threat, toolMitre Att&ck as Context Introduction: A common theme of science fiction authors, and these days policymakers and think tanks, is how will the humans work with the machines, as the machines begin to surpass us across many dimensions. In cybersecurity humans and their systems are at a crossroads, their limitations daily exposed by ever more innovative,…
-
DORA-Rettungsanker: Automatisierte Tests
Seit dem 17. Januar 2025 ist der Digital Operational Resilience Act (DORA) in Kraft. Ohne nationale Umsetzungsgesetze gilt die Verordnung direkt und einheitlich in allen EU-Mitgliedstaaten. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/dora-rettungsanker-automatisierte-tests/a39656/
-
Why digital resilience is critical to banks
Going beyond the traditional “Prevent, Detect, and Respond” framework and taking a proactive approach First seen on theregister.com Jump to article: www.theregister.com/2025/02/04/why_digital_resilience_is_critical/
-
UK govt must learn fast and let failing projects die young
Tackle longstanding issues around productivity, cyber resilience and public sector culture, advises spending watchdog First seen on theregister.com Jump to article: www.theregister.com/2025/02/04/ukgov_must_embrace_a_fastlearning/
-
Researchers Discover Novel Techniques to Protect AI Models from Universal Jailbreaks
In a significant advancement in AI safety, the Anthropic Safeguards Research Team has introduced a cutting-edge framework called Constitutional Classifiers to defend large language models (LLMs) against universal jailbreaks. This pioneering approach demonstrates heightened resilience to malicious inputs while maintaining optimal computational efficiency, a critical step in ensuring safer AI systems. Universal jailbreaks specially designed…
-
7 tips for improving cybersecurity ROI
Tags: advisory, ai, attack, business, ciso, compliance, control, corporate, cyber, cybersecurity, data, defense, detection, exploit, finance, gartner, group, incident response, infrastructure, intelligence, metric, monitoring, network, privacy, resilience, risk, risk-assessment, risk-management, service, siem, software, strategy, technology, threat, tool, vulnerability, wafWhen it comes to cybersecurity investments, smart money is directed toward initiatives that deliver the greatest protection at the lowest possible cost. But what appears to be a straightforward calculation can often be anything but.CISOs perennially face challenges securing adequate funding to safeguard the enterprise, placing them often in difficult positions attempting to stretch resources…
-
DORA Compliance Must be a Top Priority for US Financial Institutions
In an era where digital resilience determines market survival, the European Union’s Digital Operational Resilience Act (DORA) has emerged as a global benchmark for financial sector cybersecurity. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/dora-compliance-must-be-a-top-priority-for-us-financial-institutions/
-
Data resilience and data portability
Why organizations should protect everything, everywhere, all at once First seen on theregister.com Jump to article: www.theregister.com/2025/01/30/data_resilience_and_data_portability/
-
MSSP Market Update: BackBox Launches Network Cyber Resilience Platform
First seen on scworld.com Jump to article: www.scworld.com/news/mssp-market-update-backbox-launches-network-cyber-resilience-platform
-
NAO: UK government cyber resilience weak in face of mounting threats
The National Audit Office has found UK government cyber resilience wanting, weakened by legacy IT and skills shortages, and facing mounting threats First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366618552/NAO-UK-government-cyber-resilience-weak-in-face-of-mounting-threats
-
Scores of Critical UK Government IT Systems Have Major Security Holes
The National Audit Office warns of major gaps in cyber resilience across UK government departments First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/scores-critical-government-it/
-
Spending watchdog blasts UK govt over sloth-like cyber resilience progress
Think government cybersecurity is bad? Guess again. It’s alarmingly so First seen on theregister.com Jump to article: www.theregister.com/2025/01/29/nao_blasts_uk_gov_cyber/
-
US takes aim at healthcare cybersecurity with proposed HIPAA changes
Tags: access, authentication, best-practice, breach, compliance, control, csf, cyber, cyberattack, cybersecurity, data, defense, detection, dora, encryption, finance, framework, government, group, healthcare, HIPAA, incident response, infrastructure, insurance, intelligence, jobs, law, malware, mfa, network, nist, penetration-testing, phishing, privacy, ransom, ransomware, regulation, resilience, risk, security-incident, service, skills, technology, threat, tool, update, usa, vulnerability, vulnerability-managementThe US Department of Health and Human Services (HHS) has launched a consultation on stricter rules for the safeguarding of electronic health records.The proposed revamp of security rules covered by the Health Insurance Portability and Accountability Act (HIPAA) is designed to address the increased risk from cyberattacks such as ransomware against healthcare environments.The revamped rules…
-
MSSP Market Update: Fenix24 Acquires vArmour for Cyber Resilience
First seen on scworld.com Jump to article: www.scworld.com/news/mssp-market-update-fenix24-acquires-varmour-for-cyber-resilience
-
Softcat: Customers want innovation and resilience
Tags: resilienceChannel player’s latest annual insights into customer priorities underlines the need for the channel to recognise the budgetary challenges most users are under First seen on computerweekly.com Jump to article: www.computerweekly.com/microscope/news/366618512/Softcat-Customers-want-innovation-and-resilience
-
Fenix24 Buys vArmour IP to Boost Cyber Resilience, Recovery
Focus on Pre-Breach Resilience and Post-Breach Recovery Via Mapping Dependencies. By acquiring vArmour’s intellectual property, Phoenix 24 will enhance its recovery services with advanced application visualization and dependency mapping. CEO Mark Grazman said the move will streamline recovery processes during ransomware attacks and improve organizational readiness. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/fenix24-buys-varmour-ip-to-boost-cyber-resilience-recovery-a-27375
-
Misinformation Is No. 1 Global Risk, Cyberespionage in Top 5
Inadequate Cyber Resilience and More Findings From WEF’s Global Risks Report 2025. Polarization within societies, escalating geopolitical tensions and the proliferation of generative AI tools have cemented misinformation and disinformation as the top global risk in a two-year outlook, according to the World Economic Forum’s Global Risks Report 2025. First seen on govinfosecurity.com Jump to…
-
ENISA: Embedding Resilience in Critical Infrastructure
ENISA’s Marnix Dekker on Supply Chain Attacks, Harmonizing the New NIS2 Regulations. The European Union Agency for Cybersecurity is at the center of rolling out new cybersecurity frameworks for critical infrastructure providers across Europe. But a major priority, according to ENISA’s Marnix Dekker, is helping smaller vendors withstand supply chain attacks. First seen on govinfosecurity.com…
-
Security chiefs whose companies operate in the EU should be exploring DORA now
Tags: attack, business, ciso, compliance, conference, corporate, cyber, cybersecurity, data, detection, dora, finance, framework, GDPR, incident, network, regulation, resilience, risk, service, technology, threat, vulnerabilityIf your enterprise operates in Europe, you should care about the Digital Operational Resilience Act (DORA), which took effect on January 17. DORA, also known as Directive (EU) 2022/2555 of the European Parliament, aims to enhance and build the EU’s cybersecurity capabilities and it has been hanging like the Sword of Damocles over the heads…