Compliance

Navigating SEC, NIS2, and DORA incident disclosure timelines under pressure

Compliance, Data Protection, News, regulation, strategy, tips, Video /

Navigating SEC, NIS2, and DORA incident disclosure timelines under pressure 2026-06-17 at 07:30 By Help Net Security In this Help Net Security video, Rick Goud, Global Field CTO at Kiteworks, discusses how to handle SEC, NIS2, and DORA disclosure timelines during a security incident. He opens with a 3.47 a.m. call: the team cannot confirm […]

Navigating SEC, NIS2, and DORA incident disclosure timelines under pressure Read More »

The checklist problem behind critical infrastructure cyber safety

asset discovery, Compliance, critical infrastructure, cyber resilience, cyber risk, cybersecurity, Don't miss, Government, ICS/SCADA, News, policy, regulation, research, USA /

The checklist problem behind critical infrastructure cyber safety 2026-06-17 at 07:00 By Anamarija Pogorelec An asset owner can meet major federal cyber compliance standards and still run equipment that lacks the engineering to withstand an attack or a failure. New research from George Mason University examines how United States cyber policy defines reasonable care for

The checklist problem behind critical infrastructure cyber safety Read More »

Software supply chains are heading for a transparency test

Compliance, cybersecurity, ENISA, EU, Europe, News, regulation, software development, supply chain /

Software supply chains are heading for a transparency test 2026-06-16 at 12:24 By Anamarija Pogorelec Software supply chain visibility is becoming part of product security work as the EU Cyber Resilience Act (CRA) moves toward application in December 2027. ENISA’s SBOM Adoption State of Play 2026 shows organizations preparing for CRA obligations through SBOM tooling,

Software supply chains are heading for a transparency test Read More »

EU Cybersecurity Act 2.0: When good regulation goes bad

BH Consulting, Brian Honan, Compliance, Data Protection, Don't miss, enterprise, EU, Europe, Expert analysis, Expert corner, Hot stuff, News, opinion, regulation, strategy, tips /

EU Cybersecurity Act 2.0: When good regulation goes bad 2026-06-16 at 08:30 By Help Net Security Over recent years we’ve witnessed the EU becoming increasingly serious about cybersecurity. After years of watching high profile breaches, many resulting from supply chain attacks targeting our critical infrastructure, that seriousness is welcome. But good intentions and good policy

EU Cybersecurity Act 2.0: When good regulation goes bad Read More »

Making the cloud prove it followed your privacy wishes

auditing, Cloud, cloud security, cloud storage, Compliance, data, data security, Don't miss, EU, News, Privacy, regulation, research, storage, strategy /

Making the cloud prove it followed your privacy wishes 2026-06-11 at 08:43 By Sinisa Markovic Making companies that store personal data in cloud key-value databases handle deletion requests by running the operation and confirming the job is complete. The people making those requests and the regulators overseeing them have had limited means to confirm the

Making the cloud prove it followed your privacy wishes Read More »

Organizations can’t see much of their mobile AI activity

agentic AI, AI, BYOD, Compliance, cybersecurity, Lookout, mobile security, News, report, smartphones /

Organizations can’t see much of their mobile AI activity 2026-06-11 at 08:43 By Anamarija Pogorelec Organizations have limited visibility into AI activity on mobile devices despite security leaders expressing confidence in their AI governance, according to Lookout’s “Solving for the Mobile AI Blind Spot: Executive Confidence Meets Technical Reality” report. Mobile AI visibility gaps Enterprises

Organizations can’t see much of their mobile AI activity Read More »

WhatsApp Catches Spyware Firm NSO Defying No-Hacking Court Order

Compliance, Featured, lawsuit, NSO, Privacy & Compliance, spyware, WhatsApp /

WhatsApp Catches Spyware Firm NSO Defying No-Hacking Court Order 2026-06-08 at 17:58 By Eduard Kovacs The Meta-owned communications app is filing a federal court contempt order against NSO. The post WhatsApp Catches Spyware Firm NSO Defying No-Hacking Court Order appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

WhatsApp Catches Spyware Firm NSO Defying No-Hacking Court Order Read More »

The modern-day business can learn a lot about risk from this year’s mega events

Compliance, cybersecurity, Don't miss, Expert analysis, Expert corner, LogicGate, News, opinion, Risk Management, strategy /

The modern-day business can learn a lot about risk from this year’s mega events 2026-06-04 at 13:17 By Help Net Security Every year brings its share of global events, but 2026 is proving to be a banner year for mega-scale entertainment. The year got off to a roaring start with the Winter Olympics, and now

The modern-day business can learn a lot about risk from this year’s mega events Read More »

Spotless compliance evidence can still hide a broken control

auditing, CISO, CMMC Accreditation Body, Compliance, cyber risk, cybersecurity, Don't miss, Features, framework, Hot stuff, News, NIST, opinion, Risk Management, Secureframe, security assessment, security controls, strategy /

Spotless compliance evidence can still hide a broken control 2026-06-04 at 09:26 By Mirko Zorz In this interview with Help Net Security, Marc Rubbinaccio, Head of Cybersecurity and Compliance at Secureframe, explains where security teams go wrong when preparing for CMMC and FedRAMP 20x. The conversation covers how organizations check the 110 requirements but miss

Spotless compliance evidence can still hide a broken control Read More »

EU organizations buckle under rising compliance pressure

AI, CISO, Compliance, conferences, cybersecurity, Don't miss, EU, Features, Government, Hot stuff, News, regulation, Risk Management /

EU organizations buckle under rising compliance pressure 2026-06-01 at 08:19 By Sinisa Markovic Cybersecurity governance in the EU is shifting under expanding frameworks such as NIS2 and DORA, while AI raises new questions for security teams. What the future brings is hard to predict, and organizations must find a way to cope. Antonija Vojnović, Governance,

EU organizations buckle under rising compliance pressure Read More »

Anthropic adds 28 security and compliance integrations for Claude

AI, Anthropic, Claude Code, Compliance, cybersecurity, News /

Anthropic adds 28 security and compliance integrations for Claude 2026-05-25 at 21:27 By Sinisa Markovic AI tools are becoming part of everyday work in organizations, creating new security and oversight requirements as usage grows. To address that, Anthropic introduced 28 integrations with security and compliance tools that allow IT and security teams to manage Claude

Anthropic adds 28 security and compliance integrations for Claude Read More »

AI infrastructure is cracking under sovereignty demands

AI, Compliance, News, NTT, regulation, report /

AI infrastructure is cracking under sovereignty demands 2026-05-19 at 09:17 By Anamarija Pogorelec AI deployments are moving into environments with tighter controls around data, infrastructure, and system operations. Organizations are building AI systems across multiple providers, platforms, and computing environments while managing governance, security, and compliance obligations within defined boundaries. NTT DATA’s 2026 Global AI

AI infrastructure is cracking under sovereignty demands Read More »

25 open-source cybersecurity tools that don’t care about your budget

AI, AWS, Compliance, GitHub, GitLab, Kubernetes, Linux, News, open source, OpenClaw, penetration testing, software, Trail of Bits /

25 open-source cybersecurity tools that don’t care about your budget 2026-04-27 at 10:30 By Anamarija Pogorelec Regardless of the operating system you use, managing secrets, apps, cloud, compliance, and security operations can be overwhelming. The free, open-source tools presented in this article can help you detect threats, increase visibility, enforce controls, and investigate and respond

25 open-source cybersecurity tools that don’t care about your budget Read More »

A study of 1,000 Android apps finds a privacy policy logging gap

Android, CCPA, Compliance, data analysis, Data Protection, Don't miss, GDPR, News, Privacy, regulation, research, software /

A study of 1,000 Android apps finds a privacy policy logging gap 2026-04-24 at 08:22 By Anamarija Pogorelec Android developers write log statements for the same reasons they always have: debugging crashes, tracing performance issues, and understanding how features behave in production. Legal and privacy teams, working from templates and regulatory checklists, draft policies describing

A study of 1,000 Android apps finds a privacy policy logging gap Read More »

GDPR works, but only where someone enforces it

CCPA, Compliance, data, Don't miss, EU, Europe, Features, GDPR, News, online tracking, Privacy, regulation, research /

GDPR works, but only where someone enforces it 2026-04-23 at 07:32 By Sinisa Markovic A new measurement study of web tracking across ten countries offers a reality check for anyone working on privacy compliance. Researchers crawled the same set of globally popular websites from virtual machines located in Australia, Brazil, Canada, Germany, India, Singapore, South

GDPR works, but only where someone enforces it Read More »

What the EU AI Act requires for AI agent logging

Artificial Intelligence, Compliance, Don't miss, EU, Europe, Expert analysis, Expert corner, Hot stuff, logging, opinion, regulation, strategy /

What the EU AI Act requires for AI agent logging 2026-04-16 at 09:02 By Help Net Security The EU AI Act is 144 pages long. The logging requirements that matter for AI agent developers sit across four articles that keep referencing each other. Here’s what they say, when the deadlines hit, and where the gaps

What the EU AI Act requires for AI agent logging Read More »

Review: The Psychology of Information Security

Compliance, cyber risk, cybersecurity, Don't miss, News, opinion, Review, Reviews, Risk Management /

Review: The Psychology of Information Security 2026-04-14 at 09:15 By Mirko Zorz Security controls fail when they are designed without regard for the people who must use them. That is the central argument of Leron Zinatullin’s second edition, and it is an argument he builds methodically across 17 chapters that draw from organizational psychology, change

Review: The Psychology of Information Security Read More »

Bringing governance and visibility to machine and AI identities

AppViewX, Artificial Intelligence, Compliance, cybersecurity, Don't miss, Features, Hot stuff, identity management, identity protection, News, RSAC 2026 /

Bringing governance and visibility to machine and AI identities 2026-04-13 at 07:32 By Mirko Zorz In this Help Net Security interview, Archit Lohokare, CEO of AppViewX, explains how the rise of AI marked a turning point where machine and AI agent identities began converging into a single problem. Drawing on his experience across IBM and

Bringing governance and visibility to machine and AI identities Read More »

Comp AI: The open-source way to get compliant with SOC 2, ISO 27001, HIPAA and GDPR

Compliance, cybersecurity, Data Protection, Don't miss, Drata, GDPR, HIPAA, ISO 27001, News, open source, regulation, Vanta /

Comp AI: The open-source way to get compliant with SOC 2, ISO 27001, HIPAA and GDPR 2026-04-07 at 12:01 By Anamarija Pogorelec Getting a startup through a SOC 2 audit has long meant months of manual evidence collection, policy writing, and repeated back-and-forth with auditors. A growing number of compliance platforms have moved to automate

Comp AI: The open-source way to get compliant with SOC 2, ISO 27001, HIPAA and GDPR Read More »

Trust, friction, and ROI: A CISO’s take on making security work for the business

CISO, Compliance, cyber risk, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Risk Management, security ROI, strategy /

Trust, friction, and ROI: A CISO’s take on making security work for the business 2026-04-02 at 08:42 By Mirko Zorz In this Help Net Security interview, John O’Rourke, CISO at PPG, talks about what it means for security to drive business value. He explains how mature security programs reduce friction in sales cycles and M&A

Trust, friction, and ROI: A CISO’s take on making security work for the business Read More »

Scroll to Top