Compliance

Bringing governance and visibility to machine and AI identities

Bringing governance and visibility to machine and AI identities 2026-04-13 at 07:32 By Mirko Zorz In this Help Net Security interview, Archit Lohokare, CEO of AppViewX, explains how the rise of AI marked a turning point where machine and AI agent identities began converging into a single problem. Drawing on his experience across IBM and […]

Bringing governance and visibility to machine and AI identities Read More »

Comp AI: The open-source way to get compliant with SOC 2, ISO 27001, HIPAA and GDPR

Comp AI: The open-source way to get compliant with SOC 2, ISO 27001, HIPAA and GDPR 2026-04-07 at 12:01 By Anamarija Pogorelec Getting a startup through a SOC 2 audit has long meant months of manual evidence collection, policy writing, and repeated back-and-forth with auditors. A growing number of compliance platforms have moved to automate

Comp AI: The open-source way to get compliant with SOC 2, ISO 27001, HIPAA and GDPR Read More »

Trust, friction, and ROI: A CISO’s take on making security work for the business

Trust, friction, and ROI: A CISO’s take on making security work for the business 2026-04-02 at 08:42 By Mirko Zorz In this Help Net Security interview, John O’Rourke, CISO at PPG, talks about what it means for security to drive business value. He explains how mature security programs reduce friction in sales cycles and M&A

Trust, friction, and ROI: A CISO’s take on making security work for the business Read More »

How LevelBlue’s FedRAMP Authorization Removes the Burden of CMMC Federal Compliance from Clients

How LevelBlue’s FedRAMP Authorization Removes the Burden of CMMC Federal Compliance from Clients 2026-03-30 at 20:37 By Navigating the labyrinth of the U.S. federal procurement system, especially for Defense Industrial Base (DIB) companies, can be challenging, particularly when trying to meet stringent cybersecurity compliance standards like theCybersecurity Maturity Model Certification (CMMC).   This article is

How LevelBlue’s FedRAMP Authorization Removes the Burden of CMMC Federal Compliance from Clients Read More »

Simplify Compliance with LevelBlue MDR Solutions: A Guide to Managed Detection and Response

Simplify Compliance with LevelBlue MDR Solutions: A Guide to Managed Detection and Response 2026-03-20 at 16:00 By Simplify Complex Compliance:Discover how MDR solutions help you navigate the “alphabet soup” of regulations like HIPAA, GDPR, and CMMC with ease. 24/7 Expert Protection: Learn why leading managed detection and response providers are essential for continuous threat hunting

Simplify Compliance with LevelBlue MDR Solutions: A Guide to Managed Detection and Response Read More »

Executive Tabletop Exercises: From Compliance Exercise to Revenue Protection Strategy

Executive Tabletop Exercises: From Compliance Exercise to Revenue Protection Strategy 2026-03-19 at 16:56 By Anthony Abell Executive tabletop exercises are commonly positioned as cyber incident rehearsals. They tend to focus on breach containment decisions, regulatory notification timelines, and communications planning. Those elements are necessary; however, they are not what ultimately defines the true risk to

Executive Tabletop Exercises: From Compliance Exercise to Revenue Protection Strategy Read More »

What to do in the first 24 hours of a breach

What to do in the first 24 hours of a breach 2026-03-17 at 07:59 By Help Net Security In this Help Net Security video, Arvind Parthasarathi, CEO of CYGNVS, walks through a 10-step process for handling a cybersecurity breach. The first five steps cover preparation: setting up an out-of-band communication platform, identifying internal stakeholders, selecting

What to do in the first 24 hours of a breach Read More »

Does Anthropic deserve the trust of the cybersecurity community?

Does Anthropic deserve the trust of the cybersecurity community? 2026-03-12 at 08:35 By Help Net Security The cybersecurity industry runs on trust. The belief that when a vendor says they will behave a certain way, they will, that critical CVEs are in fact critical, or when companies say they’re GDPR compliant, they really are. But

Does Anthropic deserve the trust of the cybersecurity community? Read More »

Airbus CSO on supply chain blind spots, space threats, and the limits of AI red-teaming

Airbus CSO on supply chain blind spots, space threats, and the limits of AI red-teaming 2026-03-10 at 08:30 By Mirko Zorz Pascal Andrei, CSO at Airbus, knows that the aerospace and defense sector is facing a threat environment that is evolving faster than most organizations can track. From sub-tier suppliers quietly becoming entry points for

Airbus CSO on supply chain blind spots, space threats, and the limits of AI red-teaming Read More »

Apple iPhone and iPad Cleared for Classified NATO Use

Apple iPhone and iPad Cleared for Classified NATO Use 2026-02-26 at 23:18 By Eduard Kovacs The devices have been added to the NATO Information Assurance Product Catalogue (NIAPC). The post Apple iPhone and iPad Cleared for Classified NATO Use appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Apple iPhone and iPad Cleared for Classified NATO Use Read More »

AI-driven DAST reduces manual setup and surfaces exploitable vulnerabilities

AI-driven DAST reduces manual setup and surfaces exploitable vulnerabilities 2026-02-26 at 07:35 By Mirko Zorz In this Help Net Security interview, Joni Klippert, CEO at StackHawk, discusses what defines DAST coverage in 2026 and why scan completion does not equal security. She explains how AI-driven DAST testing automates attack surface discovery, supports business-logic testing in

AI-driven DAST reduces manual setup and surfaces exploitable vulnerabilities Read More »

AI’s appetite for data is testing enterprise guardrails

AI’s appetite for data is testing enterprise guardrails 2026-01-27 at 08:18 By Anamarija Pogorelec Privacy programs are taking on more operational responsibility across the enterprise. A new Cisco global benchmark study shows expanding mandates, rising investment, and sustained pressure around data quality, accountability, and cross-border data management tied to AI systems. Privacy programs grow with

AI’s appetite for data is testing enterprise guardrails Read More »

TikTok Finalizes a Deal to Form a New American Entity

TikTok Finalizes a Deal to Form a New American Entity 2026-01-26 at 14:37 By Associated Press TikTok has finalized a deal to create a new American entity, avoiding the looming threat of a ban in the United States. The post TikTok Finalizes a Deal to Form a New American Entity appeared first on SecurityWeek. This

TikTok Finalizes a Deal to Form a New American Entity Read More »

AWS releases updated PCI PIN compliance report for payment cryptography

AWS releases updated PCI PIN compliance report for payment cryptography 2026-01-26 at 07:05 By Anamarija Pogorelec Amazon Web Services has published an updated Payment Card Industry Personal Identification Number (PCI PIN) compliance package for its AWS Payment Cryptography service, confirming a recent third-party audit of the platform. The report package is now accessible through AWS’s

AWS releases updated PCI PIN compliance report for payment cryptography Read More »

Cyber Insights 2026: Regulations and the Tangled Mess of Compliance Requirements

Cyber Insights 2026: Regulations and the Tangled Mess of Compliance Requirements 2026-01-23 at 15:31 By Kevin Townsend Cyber regulations are where politics meets business – where business becomes subject to political realities. The post Cyber Insights 2026: Regulations and the Tangled Mess of Compliance Requirements appeared first on SecurityWeek. This article is an excerpt from

Cyber Insights 2026: Regulations and the Tangled Mess of Compliance Requirements Read More »

Security leaders push for continuous controls as audits stay manual

Security leaders push for continuous controls as audits stay manual 2026-01-21 at 07:03 By Anamarija Pogorelec Security teams say they want real-time insight into controls, but still rely on periodic checks that trail daily operations. New RegScale research shows how wide that gap remains and where organizations are directing time, staff, and budget to manage

Security leaders push for continuous controls as audits stay manual Read More »

Privacy teams feel the strain as AI, breaches, and budgets collide

Privacy teams feel the strain as AI, breaches, and budgets collide 2026-01-20 at 07:31 By Anamarija Pogorelec Privacy programs are under strain as organizations manage breach risk, new technology, and limited resources. A global study from ISACA shows that AI is gaining ground in privacy work, with use shaped by governance, funding, and how consistently

Privacy teams feel the strain as AI, breaches, and budgets collide Read More »

Investor Lawsuit Over CrowdStrike Outage Dismissed

Investor Lawsuit Over CrowdStrike Outage Dismissed 2026-01-14 at 19:20 By Eduard Kovacs A judge has ruled that the plaintiffs failed to demonstrate intent to defraud investors.  The post Investor Lawsuit Over CrowdStrike Outage Dismissed appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Investor Lawsuit Over CrowdStrike Outage Dismissed Read More »

CISO Assistant: Open-source cybersecurity management and GRC

CISO Assistant: Open-source cybersecurity management and GRC 2026-01-14 at 13:25 By Mirko Zorz CISO Assistant is an open-source governance, risk, and compliance (GRC) platform designed to help security teams document risks, controls, and framework alignment in a structured system. The community edition is maintained as a self-hosted tool for organizations that want direct access to

CISO Assistant: Open-source cybersecurity management and GRC Read More »

Passwords are where PCI DSS compliance often breaks down

Passwords are where PCI DSS compliance often breaks down 2026-01-08 at 07:36 By Sinisa Markovic Most PCI DSS failures do not start with malware or a targeted attack. They start with everyday behavior. Reused passwords. Credentials stored in spreadsheets. Shared logins are passed around during busy periods. For CISOs, password hygiene remains one of the

Passwords are where PCI DSS compliance often breaks down Read More »

Scroll to Top