Compliance

CISOs are spending big and still losing ground

CISOs are spending big and still losing ground 2025-12-08 at 07:31 By Anamarija Pogorelec Security leaders are entering another budget cycle with more money to work with, but many still feel no safer. A new benchmark study from Wiz shows a widening gap between investment and impact. Budgets keep rising, cloud programs keep expanding, and […]

CISOs are spending big and still losing ground Read More »

What security leaders should watch for when companies buy or sell a business

What security leaders should watch for when companies buy or sell a business 2025-12-05 at 08:59 By Help Net Security In this Help Net Security video, Lane Sullivan SVP, CISO and Strategy Officer at Concentric AI, explains what security leaders should think about during mergers, acquisitions, and divestitures. Sullivan talks about the types of risk

What security leaders should watch for when companies buy or sell a business Read More »

Threat intelligence programs are broken, here is how to fix them

Threat intelligence programs are broken, here is how to fix them 2025-12-03 at 07:12 By Anamarija Pogorelec Security teams often gather large amounts of threat data but still struggle to improve detection or response. Analysts work through long lists of alerts, leaders get unclear insights, and executives see costs that do not lead to better

Threat intelligence programs are broken, here is how to fix them Read More »

Creative cybersecurity strategies for resource-constrained institutions

Creative cybersecurity strategies for resource-constrained institutions 2025-12-02 at 09:33 By Mirko Zorz In this Help Net Security interview, Dennis Pickett, CISO at RTI International, talks about how research institutions can approach cybersecurity with limited resources and still build resilience. He discusses the tension between open research and the need to protect sensitive information, noting that

Creative cybersecurity strategies for resource-constrained institutions Read More »

Treating MCP like an API creates security blind spots

Treating MCP like an API creates security blind spots 2025-12-01 at 09:06 By Mirko Zorz In this Help Net Security interview, Michael Yaroshefsky, CEO at MCP Manager, discusses how Model Context Protocol’s (MCP) trust model creates security gaps that many teams overlook and why MCP must not be treated like a standard API. He explains how

Treating MCP like an API creates security blind spots Read More »

Why password management defines PCI DSS success

Why password management defines PCI DSS success 2025-11-28 at 08:03 By Sinisa Markovic Most CISOs spend their days dealing with noisy dashboards and vendor pitches that all promise a shortcut to compliance. It can be overwhelming to sort out what matters. When you dig into real incidents involving payment data, a surprising number come down to

Why password management defines PCI DSS success Read More »

Heineken CISO champions a new risk mindset to unlock innovation

Heineken CISO champions a new risk mindset to unlock innovation 2025-11-26 at 09:16 By Mirko Zorz In this Help Net Security interview, Marina Marceta, CISO at Heineken, discusses what it takes for CISOs to be seen as business-aligned leaders rather than technical overseers. She shares how connecting security to business impact can shift perceptions and

Heineken CISO champions a new risk mindset to unlock innovation Read More »

Why your security strategy is failing before it even starts

Why your security strategy is failing before it even starts 2025-11-14 at 09:25 By Mirko Zorz In this Help Net Security interview, Adnan Ahmed, CISO at Ornua, discusses how organizations can build a cybersecurity strategy that aligns with business goals. He explains why many companies stumble by focusing on technology before understanding risk and shares

Why your security strategy is failing before it even starts Read More »

Healthcare security is broken because its systems can’t talk to each other

Healthcare security is broken because its systems can’t talk to each other 2025-11-13 at 09:39 By Mirko Zorz In this Help Net Security interview, Cameron Kracke, CISO at Prime Therapeutics, discusses how the healthcare ecosystem can achieve cohesive security visibility. With hospitals, clinics, telehealth, and cloud partners all in the mix, maintaining visibility remains a

Healthcare security is broken because its systems can’t talk to each other Read More »

CMMC Live: Pentagon Demands Verified Cybersecurity From Contractors

CMMC Live: Pentagon Demands Verified Cybersecurity From Contractors 2025-11-11 at 16:59 By Eduard Kovacs Enforcement of the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) requirements started on November 10, 2025. The post CMMC Live: Pentagon Demands Verified Cybersecurity From Contractors appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

CMMC Live: Pentagon Demands Verified Cybersecurity From Contractors Read More »

Metrics don’t lie, but they can be misleading when they only tell IT’s side of the story

Metrics don’t lie, but they can be misleading when they only tell IT’s side of the story 2025-11-07 at 13:28 By Mirko Zorz In this Help Net Security interview, Rik Mistry, Managing Partner at Interval Group, discusses how to align IT strategy with business goals. He explains how security, governance, and orchestration shape IT operations

Metrics don’t lie, but they can be misleading when they only tell IT’s side of the story Read More »

AI can flag the risk, but only humans can close the loop

AI can flag the risk, but only humans can close the loop 2025-11-05 at 09:07 By Mirko Zorz In this Help Net Security interview, Dilek Çilingir, Global Forensic & Integrity Services Leader at EY, discusses how AI is transforming third-party assessments and due diligence. She explains how machine learning and behavioral analytics help organizations detect

AI can flag the risk, but only humans can close the loop Read More »

Managing legacy medical devices that can no longer be patched

Managing legacy medical devices that can no longer be patched 2025-10-28 at 10:22 By Mirko Zorz In this Help Net Security interview, Patty Ryan, Senior Director and CISO at QuidelOrtho, discusses how the long lifecycles of medical devices impact cybersecurity in healthcare environments. She explains how organizations can protect legacy systems, collaborate with vendors, and

Managing legacy medical devices that can no longer be patched Read More »

NSO Ordered to Stop Hacking WhatsApp, but Damages Cut to $4 Million

NSO Ordered to Stop Hacking WhatsApp, but Damages Cut to $4 Million 2025-10-20 at 12:42 By Eduard Kovacs The judge ruled that punitive damages of $167 million awarded by a jury were excessive. The post NSO Ordered to Stop Hacking WhatsApp, but Damages Cut to $4 Million appeared first on SecurityWeek. This article is an

NSO Ordered to Stop Hacking WhatsApp, but Damages Cut to $4 Million Read More »

Inside healthcare’s quiet cybersecurity breakdown

Inside healthcare’s quiet cybersecurity breakdown 2025-10-17 at 08:52 By Anamarija Pogorelec Hospitals, clinics, and care networks continue to treat cybersecurity as a back-office issue, according to the 2025 Healthcare IT Landscape Report from Omega Systems. Security takes a back seat Healthcare IT leaders are juggling competing demands. Rising costs, new privacy regulations, and expanding digital

Inside healthcare’s quiet cybersecurity breakdown Read More »

What Chat Control means for your privacy

What Chat Control means for your privacy 2025-10-14 at 08:00 By Mirko Zorz The EU’s proposed Chat Control (CSAM Regulation) aims to combat child sexual abuse material by requiring digital platforms to detect, report, and remove illegal content, including grooming behaviors. Cybersecurity experts warn that such measures could undermine encryption, create new attack surfaces, and

What Chat Control means for your privacy Read More »

Oneleet Raises $33 Million for Security Compliance Platform

Oneleet Raises $33 Million for Security Compliance Platform 2025-10-03 at 15:55 By Ionut Arghire The cybersecurity startup will expand its engineering team, add more AI capabilities, and invest in go-to-market efforts. The post Oneleet Raises $33 Million for Security Compliance Platform appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Oneleet Raises $33 Million for Security Compliance Platform Read More »

Zania Raises $18 Million for AI-Powered GRC Platform

Zania Raises $18 Million for AI-Powered GRC Platform 2025-10-02 at 12:54 By Ionut Arghire The company plans to triple its engineering and go‑to‑market teams and to accelerate its agentic AI platform. The post Zania Raises $18 Million for AI-Powered GRC Platform appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Zania Raises $18 Million for AI-Powered GRC Platform Read More »

Building a mature automotive cybersecurity program beyond checklists

Building a mature automotive cybersecurity program beyond checklists 2025-10-02 at 09:41 By Mirko Zorz In this Help Net Security interview, Robert Sullivan, CIO & CISO at Agero, shares his perspective on automotive cybersecurity. He discusses strategies for developing mature security programs, meeting regulatory requirements, and addressing supply chain risks. Sullivan also looks ahead to how

Building a mature automotive cybersecurity program beyond checklists Read More »

Mycroft Raises $3.5 Million for AI-Powered Security and Compliance Platform

Mycroft Raises $3.5 Million for AI-Powered Security and Compliance Platform 2025-09-22 at 16:11 By Eduard Kovacs The Canada-based company has emerged from stealth with autonomous AI agents designed to manage and operate the security and IT stack. The post Mycroft Raises $3.5 Million for AI-Powered Security and Compliance Platform appeared first on SecurityWeek. This article

Mycroft Raises $3.5 Million for AI-Powered Security and Compliance Platform Read More »

Scroll to Top