Compliance

New UK Framework Pressures Vendors on SBOMs, Patching and Default MFA

New UK Framework Pressures Vendors on SBOMs, Patching and Default MFA 2025-05-07 at 17:58 By Ryan Naraine By baking minimum expectations into procurement conversations, the plan is to steer software vendors to “secure-by-design and default” basics. The post New UK Framework Pressures Vendors on SBOMs, Patching and Default MFA appeared first on SecurityWeek. This article […]

React to this headline:

Loading spinner

New UK Framework Pressures Vendors on SBOMs, Patching and Default MFA Read More »

TikTok Fined $600 Million for China Data Transfers That Broke EU Privacy Rules

TikTok Fined $600 Million for China Data Transfers That Broke EU Privacy Rules 2025-05-05 at 11:02 By Associated Press EU privacy watchdog fined TikTok $600 million after a four-year investigation found that data transfers to China put users at risk of spying, in breach of strict EU data privacy rules. The post TikTok Fined $600

React to this headline:

Loading spinner

TikTok Fined $600 Million for China Data Transfers That Broke EU Privacy Rules Read More »

Raytheon, Nightwing to Pay $8.4 Million in Settlement Over Cybersecurity Failures

Raytheon, Nightwing to Pay $8.4 Million in Settlement Over Cybersecurity Failures 2025-05-02 at 15:50 By Ionut Arghire The US government says defense contractor Raytheon and Nightwing agreed to pay $8.4 million to settle False Claims Act allegations. The post Raytheon, Nightwing to Pay $8.4 Million in Settlement Over Cybersecurity Failures appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Raytheon, Nightwing to Pay $8.4 Million in Settlement Over Cybersecurity Failures Read More »

Half of red flags in third-party deals never reach compliance teams

Half of red flags in third-party deals never reach compliance teams 2025-05-02 at 07:32 By Help Net Security Third-party risk management (TPRM) is compromised in many organizations because those holding the relationship with the third-party (relationship owners) don’t escalate red flags to compliance teams reliably, according to Gartner. The post Half of red flags in

React to this headline:

Loading spinner

Half of red flags in third-party deals never reach compliance teams Read More »

Essential Strategies for HIPAA Compliance and Ransomware Resilience

Essential Strategies for HIPAA Compliance and Ransomware Resilience 2025-04-28 at 23:18 By Understand the critical link between robust healthcare security, ransomware defense, and mandatory compliance (like HIPAA). See why ransomware remains a primary threat targeting healthcare, leading to significant data breaches and costly compliance failures. Explore essential strategies for healthcare organizations to achieve HIPAA compliance,

React to this headline:

Loading spinner

Essential Strategies for HIPAA Compliance and Ransomware Resilience Read More »

Compliance weighs heavily on security and GRC teams

Compliance weighs heavily on security and GRC teams 2025-04-22 at 07:24 By Help Net Security Only 29% of all organizations say their compliance programs consistently meet internal and external standards, according to Swimlane. Their report reveals that fragmented workflows, manual evidence gathering and poor collaboration between security and governance, risk and compliance (GRC) teams are

React to this headline:

Loading spinner

Compliance weighs heavily on security and GRC teams Read More »

How Trustwave’s Microsoft Purview Accelerator Quickly Maximizes Client Security

How Trustwave’s Microsoft Purview Accelerator Quickly Maximizes Client Security 2025-04-18 at 16:01 By Strengthen cybersecurity and regulatory compliance by optimizing Microsoft Purview’s powerful policy and risk management capabilities. Accelerate your Microsoft Purview implementation with Trustwave’s expert-led service designed to streamline data governance and compliance from day one. Maximize the value of Microsoft Purview with Trustwave’s

React to this headline:

Loading spinner

How Trustwave’s Microsoft Purview Accelerator Quickly Maximizes Client Security Read More »

Securing digital products under the Cyber Resilience Act

Securing digital products under the Cyber Resilience Act 2025-04-18 at 08:37 By Mirko Zorz In this Help Net Security interview, Dr. Dag Flachet, co-founder at Codific, explains what the Cyber Resilience Act (CRA) means for companies and how it compares to GDPR in terms of regulatory complexity and impact on organizations. He discusses the technical

React to this headline:

Loading spinner

Securing digital products under the Cyber Resilience Act Read More »

Strategic AI readiness for cybersecurity: From hype to reality

Strategic AI readiness for cybersecurity: From hype to reality 2025-04-16 at 08:34 By Help Net Security AI readiness in cybersecurity involves more than just possessing the latest tools and technologies; it is a strategic necessity. Many companies could encounter serious repercussions, such as increased volumes of advanced cyber threats, if they fail to exploit AI

React to this headline:

Loading spinner

Strategic AI readiness for cybersecurity: From hype to reality Read More »

Organizations can’t afford to be non-compliant

Organizations can’t afford to be non-compliant 2025-04-14 at 07:01 By Help Net Security Non-compliance can cost organizations 2.71 times more than maintaining compliance programs, according to Secureframe. That’s because non-compliance can result in business disruption, productivity losses, fines, penalties, and settlement costs, among other factors that come with a hefty price tag. Even data breaches

React to this headline:

Loading spinner

Organizations can’t afford to be non-compliant Read More »

Anecdotes Raises $30 Million for Enterprise GRC Platform

Anecdotes Raises $30 Million for Enterprise GRC Platform 2025-04-08 at 18:04 By Eduard Kovacs Anecdotes has raised $55 million in an extended Series B funding round that brings the total raised by the company to $85 million.  The post Anecdotes Raises $30 Million for Enterprise GRC Platform appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Anecdotes Raises $30 Million for Enterprise GRC Platform Read More »

PCI DSS 4.0.1: A Cybersecurity Blueprint by the Industry, for the Industry

PCI DSS 4.0.1: A Cybersecurity Blueprint by the Industry, for the Industry 2025-04-07 at 22:17 By Kevin Townsend As PCI DSS 4.0.1 comes into force, it shows the power of industry collaboration in cybersecurity. The post PCI DSS 4.0.1: A Cybersecurity Blueprint by the Industry, for the Industry appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

PCI DSS 4.0.1: A Cybersecurity Blueprint by the Industry, for the Industry Read More »

Strengthening Healthcare Security: Navigating HIPAA’s Latest Cybersecurity Requirements

Strengthening Healthcare Security: Navigating HIPAA’s Latest Cybersecurity Requirements 2025-04-03 at 16:02 By Don White Understand the Upcoming HIPAA Changes: Get a clear breakdown of the 2025 HIPAA Security Rule updates and what they mean for healthcare providers and business associates. Strengthen Cybersecurity Resilience: Learn how the new regulations emphasize cyber resilience, requiring proactive measures like

React to this headline:

Loading spinner

Strengthening Healthcare Security: Navigating HIPAA’s Latest Cybersecurity Requirements Read More »

7 ways to get C-suite buy-in on that new cybersecurity tool

7 ways to get C-suite buy-in on that new cybersecurity tool 2025-04-03 at 08:34 By Help Net Security You’re in the middle of a sprint, juggling deadlines, debugging code, fine-tuning pipelines, and then it happens—you stumble across the perfect cybersecurity tool. It promises to eliminate secrets in logs, reduce risks in CI/CD pipelines, and save

React to this headline:

Loading spinner

7 ways to get C-suite buy-in on that new cybersecurity tool Read More »

UK Software Firm Fined £3 Million Over Ransomware-Caused Data Breach 

UK Software Firm Fined £3 Million Over Ransomware-Caused Data Breach  2025-03-27 at 17:32 By Eduard Kovacs The UK ICO has fined Advanced Computer Software Group £3 million ($3.8 million) over a 2022 data breach resulting from a ransomware attack. The post UK Software Firm Fined £3 Million Over Ransomware-Caused Data Breach  appeared first on SecurityWeek.

React to this headline:

Loading spinner

UK Software Firm Fined £3 Million Over Ransomware-Caused Data Breach  Read More »

Defense Contractor MORSE to Pay $4.6M to Settle Cybersecurity Failure Allegations

Defense Contractor MORSE to Pay $4.6M to Settle Cybersecurity Failure Allegations 2025-03-27 at 15:08 By Eduard Kovacs US defense contractor MORSE Corp has agreed to pay $4.6 million to settle allegations over its cybersecurity failures.  The post Defense Contractor MORSE to Pay $4.6M to Settle Cybersecurity Failure Allegations appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Defense Contractor MORSE to Pay $4.6M to Settle Cybersecurity Failure Allegations Read More »

Creating Operational Resilience: How to Align Compliance and Risk Management for Operational Success

Creating Operational Resilience: How to Align Compliance and Risk Management for Operational Success 2025-03-24 at 17:47 By Maddisson White Learn the Essentials of Operational Resilience: Discover what operational resilience means, why it’s a regulatory focus, and how it impacts your organization. Identify and Manage Risks Effectively: Understand your organization’s risk environment and apply proactive strategies to minimize

React to this headline:

Loading spinner

Creating Operational Resilience: How to Align Compliance and Risk Management for Operational Success Read More »

Moving beyond checkbox security for true resilience

Moving beyond checkbox security for true resilience 2025-03-19 at 08:13 By Mirko Zorz In this Help Net Security interview, William Booth, director, ATT&CK Evaluations at MITRE, discusses how CISOs can integrate regulatory compliance with proactive risk management, prioritize spending based on threat-informed assessments, and address overlooked vulnerabilities like shadow IT and software supply chain risks.

React to this headline:

Loading spinner

Moving beyond checkbox security for true resilience Read More »

Q&A with TGS President Bill Rucker on Trustwave’s FedRAMP Authorization

Q&A with TGS President Bill Rucker on Trustwave’s FedRAMP Authorization 2025-03-14 at 15:03 By Trustwave’s recent completion of the FedRAMP authorization process increases our ability to provide exceptional service to the federal government, the defense industrial base, and those with Cybersecurity Maturity Model Certification (CMMC) requirements, especially with a cloud service offering. This article is an excerpt

React to this headline:

Loading spinner

Q&A with TGS President Bill Rucker on Trustwave’s FedRAMP Authorization Read More »

Scroll to Top