Compliance

Creating Operational Resilience: How to Align Compliance and Risk Management for Operational Success

Compliance, DFIR, Tips & Tricks /

Creating Operational Resilience: How to Align Compliance and Risk Management for Operational Success 2025-03-24 at 17:47 By Maddisson White Learn the Essentials of Operational Resilience: Discover what operational resilience means, why it’s a regulatory focus, and how it impacts your organization. Identify and Manage Risks Effectively: Understand your organization’s risk environment and apply proactive strategies to minimize […]

React to this headline:

Loading spinner

Creating Operational Resilience: How to Align Compliance and Risk Management for Operational Success Read More »

Moving beyond checkbox security for true resilience

CISO, Compliance, cybersecurity, Don't miss, Features, Hot stuff, MITRE, News, opinion, strategy, threats /

Moving beyond checkbox security for true resilience 2025-03-19 at 08:13 By Mirko Zorz In this Help Net Security interview, William Booth, director, ATT&CK Evaluations at MITRE, discusses how CISOs can integrate regulatory compliance with proactive risk management, prioritize spending based on threat-informed assessments, and address overlooked vulnerabilities like shadow IT and software supply chain risks.

React to this headline:

Loading spinner

Moving beyond checkbox security for true resilience Read More »

Q&A with TGS President Bill Rucker on Trustwave’s FedRAMP Authorization

Compliance, Government, Managed Detection and Response, SIEM/SOC /

Q&A with TGS President Bill Rucker on Trustwave’s FedRAMP Authorization 2025-03-14 at 15:03 By Trustwave’s recent completion of the FedRAMP authorization process increases our ability to provide exceptional service to the federal government, the defense industrial base, and those with Cybersecurity Maturity Model Certification (CMMC) requirements, especially with a cloud service offering. This article is an excerpt

React to this headline:

Loading spinner

Q&A with TGS President Bill Rucker on Trustwave’s FedRAMP Authorization Read More »

Understanding the AI Act and its compliance challenges

Artificial Intelligence, Compliance, cybersecurity, Don't miss, EU, Features, GDPR, Hot stuff, Hunton Andrews Kurth, legislation, News, opinion, regulation, strategy /

Understanding the AI Act and its compliance challenges 2025-02-28 at 08:03 By Mirko Zorz In this Help Net Security interview, David Dumont, Partner at Hunton Andrews Kurth, discusses the implications of the EU AI Act and how organizations can leverage existing GDPR frameworks while addressing new obligations such as conformity assessments and transparency requirements. Dumont

React to this headline:

Loading spinner

Understanding the AI Act and its compliance challenges Read More »

The Hidden Cost of Compliance: When Regulations Weaken Security

Compliance, Government, Privacy & Compliance, Regulations /

The Hidden Cost of Compliance: When Regulations Weaken Security 2025-02-27 at 16:02 By Mike Lennon The current state of regulation and the overwhelming burden it brings to most enterprises is a discussion worth having The post The Hidden Cost of Compliance: When Regulations Weaken Security appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

The Hidden Cost of Compliance: When Regulations Weaken Security Read More »

The compliance illusion: Why your company might be at risk despite passing audits

auditing, CISO, Compliance, CXO, cybersecurity, Don't miss, Fortra, Hot stuff, how-to, ISO 27001, News, NIST, PCI DSS, regulation, strategy, tips /

The compliance illusion: Why your company might be at risk despite passing audits 2025-02-26 at 08:20 By Mirko Zorz For many CISOs, compliance can feel like a necessary evil and a false sense of security. While frameworks like ISO 27001, SOC 2, and PCI DSS offer structured guidelines, they don’t automatically equate to strong cybersecurity.

React to this headline:

Loading spinner

The compliance illusion: Why your company might be at risk despite passing audits Read More »

How the Trustwave NIS2 Maturity Accelerator Can Help Navigate NIS2 Compliance

Compliance, News, Tips & Tricks /

How the Trustwave NIS2 Maturity Accelerator Can Help Navigate NIS2 Compliance 2025-02-25 at 16:15 By The European Union (EU) Network and Information Security Directive 2 (NIS2) introduces stricter cybersecurity requirements than its predecessor, the original NIS Directive. With the compliance deadline fast approaching, in-scope organizations must take proactive steps to ensure they have enacted NIS2

React to this headline:

Loading spinner

How the Trustwave NIS2 Maturity Accelerator Can Help Navigate NIS2 Compliance Read More »

Avoiding vendor lock-in when using managed cloud security services

access control, Artificial Intelligence, CISO, cloud security, Compliance, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, Tamnoon /

Avoiding vendor lock-in when using managed cloud security services 2025-02-25 at 08:05 By Mirko Zorz In this Help Net Security interview, Marina Segal, CEO at Tamnoon, discusses the most significant obstacles when implementing managed cloud security in hybrid and multi-cloud environments. She shares insights on long onboarding times, legacy security gaps, vendor lock-in, and overlooked

React to this headline:

Loading spinner

Avoiding vendor lock-in when using managed cloud security services Read More »

US Military Health Provider HNFS Pays $11M in Settlement Over Cybersecurity Failures

Compliance, DoD, Government, settlement /

US Military Health Provider HNFS Pays $11M in Settlement Over Cybersecurity Failures 2025-02-20 at 13:16 By Ionut Arghire US military health benefits program administrator HNFS to pay $11 million in settlement over its false claims of cybersecurity compliance. The post US Military Health Provider HNFS Pays $11M in Settlement Over Cybersecurity Failures appeared first on

React to this headline:

Loading spinner

US Military Health Provider HNFS Pays $11M in Settlement Over Cybersecurity Failures Read More »

Building a Sustainable PCI DSS 4.0 Compliance Culture

Compliance, News, Tips & Tricks /

Building a Sustainable PCI DSS 4.0 Compliance Culture 2025-02-18 at 23:34 By Craig Searle PCI DSS 4.0: Mastering Targeted Risk Analysis (TRA) for Sustainable Compliance: This title highlights the key update (4.0) and a core concept (TRA), making it clear what the blog post is about. It also emphasizes the importance of long-term compliance. Navigating PCI

React to this headline:

Loading spinner

Building a Sustainable PCI DSS 4.0 Compliance Culture Read More »

6 considerations for 2025 cybersecurity investment decisions

Artificial Intelligence, Compliance, credentials, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, Industry news, investment, opinion, social engineering, Sphere /

6 considerations for 2025 cybersecurity investment decisions 2025-02-18 at 18:33 By Help Net Security Cybersecurity professionals may be concerned about the constantly shifting threat landscape. From the increased use of artificial intelligence (AI) by malicious actors to the expanding attack surface, cybersecurity risks evolve, and defenders need to mitigate them. Despite a period of cybersecurity

React to this headline:

Loading spinner

6 considerations for 2025 cybersecurity investment decisions Read More »

CISOs and boards see things differently

Artificial Intelligence, boardroom, CISO, Compliance, cybersecurity, Don't miss, Hot stuff, Splunk, threat, Video /

CISOs and boards see things differently 2025-02-13 at 06:35 By Help Net Security Splunk’s latest CISO Report reveals critical insights into cybersecurity priorities, threat trends, and strategies for resilience. In this Help Net Security video, Kirsty Paine, Field CTO & Strategic Advisor at Splunk, discusses the key findings and what they mean for security teams.

React to this headline:

Loading spinner

CISOs and boards see things differently Read More »

QuSecure Banks $28M Series A for Post-Quantum Cryptography Tech

Compliance, Funding/M&A, Post quantum cryptography, PQC, QuProtect, QuSecure, Security Infrastructure, Series A, Two Bear Capital /

QuSecure Banks $28M Series A for Post-Quantum Cryptography Tech 2025-02-12 at 21:31 By Ryan Naraine QuSecure is pitching a software-based security architecture that overlays onto current networks to help businesses with PQC migration. The post QuSecure Banks $28M Series A for Post-Quantum Cryptography Tech appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Loading spinner

QuSecure Banks $28M Series A for Post-Quantum Cryptography Tech Read More »

Drata to Acquire SafeBase in $250 Million Deal

Acquisition, Compliance, Drata, M&A Tracker, merger., SafeBase /

Drata to Acquire SafeBase in $250 Million Deal 2025-02-12 at 16:01 By Eduard Kovacs Security and compliance automation firm Drata has acquired trust center platform SafeBase in a quarter billion dollar deal. The post Drata to Acquire SafeBase in $250 Million Deal appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

Drata to Acquire SafeBase in $250 Million Deal Read More »

Evolving uses of tokenization to protect data

Bluefin, Compliance, cybersecurity, Data Protection, Don't miss, Hot stuff, Privacy, standards, strategy, tokenization, Video /

Evolving uses of tokenization to protect data 2025-02-10 at 06:04 By Help Net Security Tokenization replaces sensitive data, such as credit card numbers or personal identifiers, with unique, non-sensitive tokens with no exploitable value. This method helps protect sensitive information by ensuring that the actual data is never stored or transmitted, reducing the risk of

React to this headline:

Loading spinner

Evolving uses of tokenization to protect data Read More »

Infosec pros struggle under growing compliance

AuditBoard, Compliance, cybersecurity, EU, News, regulation, report, survey /

Infosec pros struggle under growing compliance 2025-02-07 at 07:07 By Help Net Security The implementation of new regulatory measures that impact the UK, EU, and beyond are driving organizations to enhance vigilance in addressing evolving cybersecurity and operational risks, according to AuditBoard. The research showed 91% of respondents report feeling concerned about cybersecurity threats to

React to this headline:

Loading spinner

Infosec pros struggle under growing compliance Read More »

SEC and FCA fines: Issues jump

communication, Compliance, cybersecurity, Don't miss, financial industry, Hot stuff, MirrorWeb, Video /

SEC and FCA fines: Issues jump 2025-01-29 at 06:33 By Help Net Security The financial sector faces communication compliance challenges as organizations struggle to maintain oversight across communication channels. Adding to the complexity is the unexpected rise of unconventional platforms, such as Snapchat, used for business operations. In this Help Net Security video, David Clee,

React to this headline:

Loading spinner

SEC and FCA fines: Issues jump Read More »

Privacy professionals feel more stressed than ever

Compliance, ISACA, News, Privacy, report, survey /

Privacy professionals feel more stressed than ever 2025-01-22 at 06:38 By Help Net Security Despite progress made in privacy staffing and strategy alignment, privacy professionals are feeling increasingly stressed on the job within a complex compliance and risk landscape, according to new research from ISACA. Top three obstacles facing privacy programs ISACA’s State of Privacy

React to this headline:

Loading spinner

Privacy professionals feel more stressed than ever Read More »

Addressing the intersection of cyber and physical security threats

Artificial Intelligence, Bitdefender, Compliance, critical infrastructure, cybersecurity, Don't miss, Features, Hot stuff, IoT, News, opinion, quantum computing, standards, strategy, threats, tips /

Addressing the intersection of cyber and physical security threats 2025-01-21 at 07:05 By Mirko Zorz In this Help Net Security, Nicholas Jackson, Director of Cyber Operations at Bitdefender, discusses how technologies like AI, quantum computing, and IoT are reshaping cybersecurity. He shares his perspective on the new threats these advancements bring and offers practical advice

React to this headline:

Loading spinner

Addressing the intersection of cyber and physical security threats Read More »

How CISOs can elevate cybersecurity in boardroom discussions

boardroom, CISO, Compliance, cybersecurity, Don't miss, Features, Hot stuff, investment, News, opinion, strategy, Team8, tips /

How CISOs can elevate cybersecurity in boardroom discussions 2025-01-16 at 07:01 By Mirko Zorz Ross Young is the CISO in residence at Team8 and the creator of the OWASP Threat and Safeguard Matrix (TaSM). In this interview, he shares his perspective on how cybersecurity professionals can tailor their presentations to the board, aligning security strategies

React to this headline:

Loading spinner

How CISOs can elevate cybersecurity in boardroom discussions Read More »

Scroll to Top