Tag: risk
-
EU AI Act Compliance Guide for CISOs GRC Leaders – Kovrr
Articles related to cyber risk quantification, cyber risk management, and cyber resilience. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/eu-ai-act-compliance-guide-for-cisos-grc-leaders-kovrr/
-
Treasury asks whether terrorism risk insurance program should bolster cyber coverage
A Federal Register notice seeks public comment on how cyber is covered within a 2002 law and program. First seen on cyberscoop.com Jump to article: cyberscoop.com/treasury-asks-whether-terrorism-risk-insurance-program-should-bolster-cyber-coverage/
-
Treasury asks whether terrorism risk insurance program should bolster cyber coverage
A Federal Register notice seeks public comment on how cyber is covered within a 2002 law and program. First seen on cyberscoop.com Jump to article: cyberscoop.com/treasury-asks-whether-terrorism-risk-insurance-program-should-bolster-cyber-coverage/
-
Treasury asks whether terrorism risk insurance program should bolster cyber coverage
A Federal Register notice seeks public comment on how cyber is covered within a 2002 law and program. First seen on cyberscoop.com Jump to article: cyberscoop.com/treasury-asks-whether-terrorism-risk-insurance-program-should-bolster-cyber-coverage/
-
FCC bans import of new consumer routers made overseas, citing security risks
The FCC ban will affect the import of all new, foreign-made consumer routers, the agency’s head Brendan Carr said. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/24/fcc-bans-import-of-new-consumer-routers-made-overseas-citing-security-risks/
-
Strengthening Cloud Resilience in Federal Environments
An OnDemand Webinar from Rubrik. As federal agencies expand their cloud footprint, managing both risk and cost becomes more complex. This session explores how to close operational gaps, strengthen resilience, and take a more strategic approach to cloud protection. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/strengthening-cloud-resilience-in-federal-environments-a-31139
-
News: AI-native Security Assurance leads the GRC Transformation
Enterprise CISOs are being asked to do more than ever. Their role is now two-fold: protector of the business and enabler of its growth. They need to reduce risk across a vast and changing digital environment, protect the business, satisfy customers, and meet compliance requirements. What’s more, they want to showcase the positive impacts of…The…
-
KnowBe4 Expands AIDA to Eight AI Agents at RSAC 2026, Targeting Fully Autonomous Human Risk Management
KnowBe4 is leaning hard into autonomous AI at RSAC 2026, using the conference to spotlight an expanding suite of AI agents it says is reducing security administration from hours to seconds. The company’s AIDA platform, short for Artificial Intelligence Defense Agents, now includes eight agents after the recent launch of the AIDA Orchestration Agent. That..…
-
Utimaco Survey: 78% of US Companies Say Data Breaches Are the Top GenAI Risk, But Most Haven’t Acted
Companies know they have a problem with generative AI and quantum security. They just haven’t done much about it yet. That’s the upshot of Utimaco’s 2026 Digital Trust Report, a commissioned study of 250 large U.S. companies released at RSAC 2026. The research, conducted by 451 Research from S&P Global, exposes a stark gap between..…
-
DarkSword Exploit Chain Leaked Online, Posing Risk to Millions of iPhones
Security researchers have confirmed that the sophisticated iOS exploit chain known as DarkSword is now accessible outside of its original threat actor groups. Recently, security researcher @matteyeux successfully achieved kernel read/write access on an iPad mini 6th generation running iOS 18.6.2 using the in-the-wild DarkSword exploit. This development demonstrates that the exploit kit is highly…
-
Enterprise Cybersecurity Software Fails 20% of the Time, Warns Absolute Security
Poor patch management, increasingly complex IT environments and continued use of obsolete software puts organizations at risk from cyber threats, says the Absolute Security 2026 Resilience Risk Index First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cybersecurity-software-failure-20/
-
DarkSword iPhone Exploit Leaked Online, Hundreds of Millions at Risk
DarkSword exploit leak puts up to 270 million iPhones at risk, with hackers able to access data through… First seen on hackread.com Jump to article: hackread.com/darksword-iphone-exploit-leaked-online/
-
The Hidden Cost of Cybersecurity Specialization: Losing Foundational Skills
Cybersecurity has changed fast. Roles are more specialized, and tooling is more advanced. On paper, this should make organizations more secure. But in practice, many teams struggle with the same basic problems they faced years ago: unclear risk priorities, misaligned tooling decisions, and difficulty explaining security issues in terms the business understands. These challenges do…
-
Autonomous AI adoption is on the rise, but it’s risky
Big risk, big reward: Herein lies the rub: AI experts see huge potential advantages with autonomous AI, with the possibility of creating huge workplace efficiencies, but the risks are substantial.Riley acknowledges both security concerns and the potential for agentic AI to take actions that users didn’t anticipate. While users haven’t yet seen autonomous AI able…
-
Streamline physical security to enable data center growth in the era of AI
Tags: access, ai, automation, best-practice, business, control, data, framework, identity, risk, threat, tool, vulnerabilityThink beyond delivery : Every company operates as an economy of projects. But at AI scale, projects must evolve into programs. Designing and delivering AI-capable data centers requires an integrated, fast-moving production model built on repeatable processes and structured knowledge transfer. Intelligent reuse of project elements, including toolsets, intellectual property, templates, design standards and best practices, becomes…
-
GitHub just made it much harder to ship a vulnerable pull request
GitHub is expanding its application security capabilities with AI-powered security detections designed to identify risks earlier in the development process, with public … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/24/github-ai-powered-detections-code-scanning/
-
GitHub just made it much harder to ship a vulnerable pull request
GitHub is expanding its application security capabilities with AI-powered security detections designed to identify risks earlier in the development process, with public … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/24/github-ai-powered-detections-code-scanning/
-
OWASP Top 10 Risks for Agentic Applications: Must-Know Risks
The rapid evolution of AI has moved us beyond simple chatbots into the era of agentic applications, systems that can plan, reason, and act autonomously across multiple steps. From finance and healthcare to cybersecurity and DevOps, these agents are no longer passive assistants; they are decision-makers. But with autonomy comes a new class of risks….…
-
Why CISOs should embrace AI honeypots
Tags: access, ai, api, attack, breach, business, ciso, credentials, cyberattack, cybercrime, cybersecurity, data, defense, detection, exploit, hacker, LLM, mitigation, open-source, RedTeam, risk, service, threat, tool, vulnerabilityWhy CISOs should consider honeypots: Another player in the AI honeypot space is Deutsche Telekom (DT). The firm is both a user and purveyor of AI-powered honeypots through its free, open-source platform ‘T-Pot.’ The most obvious advantage to their use, explains Marco Ochse, DT’s lead for threat analytics and mitigation, lies in how little these…
-
Alleged Cyberattack on Crunchyroll Exposes Risks in Outsourced Systems
The reported Crunchyroll data breach has sparked a new debate across First seen on thecyberexpress.com Jump to article: thecyberexpress.com/crunchyroll-data-breach/
-
NIST Releases Quick-Start Guide Linking Cybersecurity, Enterprise Risk, and Workforce Management
The National Institute of Standards and Technology (NIST) has officially released Special Publication 1308, a new quick-start guide designed to align cybersecurity, enterprise risk, and workforce management. Published in March 2026, this documentation addresses the growing need for organizations to dynamically adapt their workforce capabilities against rapidly evolving cyber threats. By integrating these traditionally siloed…
-
AI agent discovery: Inventory and govern shadow AI agents – Nudge Security
Discover AI agents your employees build. Get complete inventory, risk insights, and governance across enterprise platforms with Nudge Security. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/ai-agent-discovery-inventory-and-govern-shadow-ai-agents-nudge-security/
-
Dataminr Launches Cyber Defense Suite That Fuses External Threat Signals With Internal Telemetry
Dataminr used RSAC 2026 to roll out Dataminr for Cyber Defense, a new product suite the company says is designed to move security teams from alert-driven response to preemptive, risk-prioritized action. The suite aims to combine Dataminr’s real-time event and threat detection with an organization’s internal telemetry so teams can quickly determine what matters to..…
-
Netenrich Launches Cyber Risk Operations to Replace Alert-Centric Security Models
Netenrich launched Cyber Risk Operations at RSAC 2026 Monday, a new operating model powered by its Resolution Intelligence Cloud platform that aims to move enterprise security from reactive alert management toward continuous validation of control effectiveness. The offering targets CIOs, CTOs, and CISOs who are jointly accountable for enterprise security posture. Netenrich’s central argument is..…
-
Netenrich Launches Cyber Risk Operations to Replace Alert-Centric Security Models
Netenrich launched Cyber Risk Operations at RSAC 2026 Monday, a new operating model powered by its Resolution Intelligence Cloud platform that aims to move enterprise security from reactive alert management toward continuous validation of control effectiveness. The offering targets CIOs, CTOs, and CISOs who are jointly accountable for enterprise security posture. Netenrich’s central argument is..…
-
Armor Launches Dash to Give Boards and C-Suite a Direct, Unfiltered View of Cyber Risk
Armor launched Dash at RSAC 2026 Monday, an executive dashboard that pulls cybersecurity posture data directly from an organization’s security stack via APIs and delivers it to the C-suite and board without any manual assembly or human filtering in between. The problem Dash addresses is familiar: security teams typically spend significant time pulling data from..…
-
DOE Sets 5-Year Plan to Harden US Grid Against Cyberattacks
Roadmap Focuses on OT Security, Grid Hardening and Incident Response. A new Department of Energy strategy defines its role as sector risk manager for grid security, prioritizing OT defense, resilience and response – but analysts say it faces execution challenges tied to reduced funding, workforce constraints and reliance on weakened federal partners. First seen on…
-
Zero Trust Anchors AI Security Strategy
Zscaler’s Jay Chaudhry on Infrastructure, Agents and Oversight. Zscaler CEO Jay Chaudhry explains why distributed infrastructure and zero trust models will shape AI security, the agent risks mirroring human threats and why strong oversight and identity validation remain essential for mission-critical applications. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/zero-trust-anchors-ai-security-strategy-a-31119
-
Absolute Security: Enterprise PCs Are Left Unprotected 76 Days a Year as Endpoint Tools Fail 21% of the Time
Absolute Security released its 2026 Resilience Risk Index at RSA Conference 2026, and the headline finding is stark: endpoint security software fails to protect devices nearly 21 percent of the time, leaving enterprise PCs exposed to attacks for up to 76 days per year. The report is based on anonymized telemetry analyzed across millions of..…
-
Live from RSAC 2026: ColorTokens on Breach Readiness, Measurable Risk Reduction, and What’s Ahead
RSAC 2026 is here, and for ColorTokens, this year’s focus is “breach readiness for measurable risk reduction.” From March 23 to 26, at Booth #1933 in the South Expo Hall, Moscone Center, we are meeting with security leaders facing a hard reality. Attacks are moving faster. AI is reducing the effort needed to exploit modern……