policy

Employees keep feeding AI tools secrets they can’t take back

Artificial Intelligence, CISO, Compliance, cybersecurity, Kiteworks, News, policy, regulation, security controls /

Employees keep feeding AI tools secrets they can’t take back 2025-09-09 at 08:03 By Anamarija Pogorelec Employees are putting sensitive data into public AI tools, and many organizations don’t have the controls to stop it. A new report from Kiteworks finds that most companies are missing basic safeguards to manage this data. Security control maturity […]

React to this headline:

Loading spinner

Employees keep feeding AI tools secrets they can’t take back Read More »

What a mature OT security program looks like in practice

cyber resilience, cybersecurity, Don't miss, Features, Hot stuff, monitoring, News, policy, Risk Management, security standard, strategy, Yokogawa /

What a mature OT security program looks like in practice 2025-07-17 at 09:08 By Mirko Zorz In this Help Net Security interview, Cindy Segond von Banchet CC, Cybersecurity Lead at Yokogawa Europe, shares her insights on what defines a sustainable OT security program. She outlines the key differences between short-term fixes and long-term resilience, and

React to this headline:

Loading spinner

What a mature OT security program looks like in practice Read More »

Product showcase: Enzoic for Active Directory

Active Directory, credentials, cybersecurity, Don't miss, Enzoic, Hot stuff, monitoring, News, passwords, policy, Product showcase /

Product showcase: Enzoic for Active Directory 2025-07-16 at 08:19 By Help Net Security Enzoic for Active Directory is an easy-to-install plugin that integrates with Microsoft Active Directory (AD) to set, monitor, and remediate unsafe passwords and credentials. In essence, it serves as an always-on sentinel for AD, preventing users from choosing compromised or weak passwords

React to this headline:

Loading spinner

Product showcase: Enzoic for Active Directory Read More »

Stop settling for check-the-box cybersecurity policies

cybersecurity, Don't miss, News, Optiv Security, policy, Snow Software, strategy, Stytch /

Stop settling for check-the-box cybersecurity policies 2025-07-15 at 07:43 By Sinisa Markovic After every breach, people ask: How did this happen if there were cybersecurity policies in place? The truth is, just having them doesn’t stop attacks. They only work if people know them and follow them when it matters. That’s where things often break

React to this headline:

Loading spinner

Stop settling for check-the-box cybersecurity policies Read More »

Where policy meets profit: Navigating the new frontier of defense tech startups

cybersecurity, Don't miss, Features, Government, Hot stuff, News, policy, regulation, resilience, Ventures.eu /

Where policy meets profit: Navigating the new frontier of defense tech startups 2025-07-11 at 08:33 By Mirko Zorz In this Help Net Security interview, Thijs Povel, Managing Partner at Ventures.eu, discusses how the firm evaluates emerging technologies through the lens of defense and resilience. He explains how founders from both defense and adjacent sectors are

React to this headline:

Loading spinner

Where policy meets profit: Navigating the new frontier of defense tech startups Read More »

90% aren’t ready for AI attacks, are you?

Accenture, Artificial Intelligence, cyber resilience, cybersecurity, generative AI, News, policy, report, strategy, threats /

90% aren’t ready for AI attacks, are you? 2025-07-03 at 07:32 By Help Net Security As AI reshapes business, 90% of organizations are not adequately prepared to secure their AI-driven future, according to a new report from Accenture. Globally, 63% of companies are in the “Exposed Zone,” indicating they lack both a cohesive cybersecurity strategy

React to this headline:

Loading spinner

90% aren’t ready for AI attacks, are you? Read More »

GenAI is everywhere, but security policies haven’t caught up

Artificial Intelligence, deepfakes, Europe, generative AI, ISACA, News, policy, regulation, report, skill development /

GenAI is everywhere, but security policies haven’t caught up 2025-07-01 at 08:07 By Help Net Security Nearly three out of four European IT and cybersecurity professionals say staff are already using generative AI at work, up ten points in a year, but just under a third of organizations have put formal policies in place, according

React to this headline:

Loading spinner

GenAI is everywhere, but security policies haven’t caught up Read More »

Before scaling GenAI, map your LLM usage and risk zones

Application Security, ArmorCode, Artificial Intelligence, cybersecurity, Don't miss, Features, generative AI, Hot stuff, Lakera, LLMs, News, OWASP, policy, Straiker, The Motley Fool /

Before scaling GenAI, map your LLM usage and risk zones 2025-06-17 at 08:46 By Mirko Zorz In this Help Net Security interview, Paolo del Mundo, Director of Application and Cloud Security at The Motley Fool, discusses how organizations can scale their AI usage by implementing guardrails to mitigate GenAI-specific risks like prompt injection, insecure outputs,

React to this headline:

Loading spinner

Before scaling GenAI, map your LLM usage and risk zones Read More »

Trump Cybersecurity Executive Order Targets Digital Identity, Sanctions Policies

executive order, Featured, Government, Government Policy, policy, Trump, White House /

Trump Cybersecurity Executive Order Targets Digital Identity, Sanctions Policies 2025-06-09 at 10:23 By Eduard Kovacs President Trump says his new cybersecurity executive order amends problematic elements of Biden- and Obama-era executive orders. The post Trump Cybersecurity Executive Order Targets Digital Identity, Sanctions Policies appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Trump Cybersecurity Executive Order Targets Digital Identity, Sanctions Policies Read More »

Agentic AI and the risks of unpredictable autonomy

Artificial Intelligence, cybersecurity, Don't miss, Features, generative AI, Hot stuff, News, policy, Thoughtworks /

Agentic AI and the risks of unpredictable autonomy 2025-06-04 at 08:00 By Mirko Zorz In this Help Net Security interview, Thomas Squeo, CTO for the Americas at Thoughtworks, discusses why traditional security architectures often fail when applied to autonomous AI systems. He explains why conventional threat modeling needs to adapt to address autonomous decision-making and

React to this headline:

Loading spinner

Agentic AI and the risks of unpredictable autonomy Read More »

Deepfake attacks could cost you more than money

Artificial Intelligence, cybersecurity, deepfakes, Don't miss, Features, Hot stuff, Incident Response, News, policy, X-PHY /

Deepfake attacks could cost you more than money 2025-05-16 at 09:04 By Mirko Zorz In this Help Net Security interview, Camellia Chan, CEO at X-PHY, discusses the dangers of deepfakes in real-world incidents, including their use in financial fraud and political disinformation. She explains AI-driven defense strategies and recommends updating incident response plans and internal

React to this headline:

Loading spinner

Deepfake attacks could cost you more than money Read More »

AI is challenging the geopolitical status quo

Armis, cybersecurity, News, policy, report /

AI is challenging the geopolitical status quo 2025-04-09 at 07:06 By Help Net Security AI-powered cyberattacks are becoming powerful new weapons. Organizations need to act fast to close the gap between today’s defenses and tomorrow’s threats. These attacks are only going to grow. New data from Armis Labs shows that the threat of AI in

React to this headline:

Loading spinner

AI is challenging the geopolitical status quo Read More »

Two things you need in place to successfully adopt AI

Artificial Intelligence, code, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, LLMs, News, opinion, policy, Security Journey /

Two things you need in place to successfully adopt AI 2025-03-31 at 08:32 By Help Net Security Organizations should not shy away from taking advantage of AI tools, but they need to find the right balance between maximizing efficiency and mitigating organizational risk. They need to put in place: 1. A seamless AI security policy

React to this headline:

Loading spinner

Two things you need in place to successfully adopt AI Read More »

Cybersecurity needs a leader, so let’s stop debating and start deciding

boardroom, CIO, CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, policy, Rapid7, strategy /

Cybersecurity needs a leader, so let’s stop debating and start deciding 2025-02-25 at 18:09 By Help Net Security Have you ever heard anyone earnestly ask in a business, “Who owns legal?” or “Who sets the financial strategy?” Probably not – it should be obvious, right? Yet, when it comes to cybersecurity, the question of ownership

React to this headline:

Loading spinner

Cybersecurity needs a leader, so let’s stop debating and start deciding Read More »

Product showcase: Securing Active Directory passwords with Specops Password Policy

Active Directory, Don't miss, Hot stuff, News, passwords, policy, Product showcase, Specops Software /

Product showcase: Securing Active Directory passwords with Specops Password Policy 2024-12-04 at 15:03 By Help Net Security Password policies are a cornerstone of cybersecurity for any organization. A good password policy ensures every end user has a strong and unique password, significantly reducing the risk of unauthorized access and data breaches. These policies not only

React to this headline:

Loading spinner

Product showcase: Securing Active Directory passwords with Specops Password Policy Read More »

How to make Infrastructure as Code secure by default

code, cybersecurity, DevOps, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, policy, remediation, security standard, StackGen, threat detection /

How to make Infrastructure as Code secure by default 2024-09-13 at 07:46 By Help Net Security Infrastructure as Code (IaC) has become a widely adopted practice in modern DevOps, automating the management and provisioning of technology infrastructure through machine-readable definition files. What can we to do make IaC secure by default? Security workflows for IaC

React to this headline:

Loading spinner

How to make Infrastructure as Code secure by default Read More »

Best practices for implementing the Principle of Least Privilege

access management, Artificial Intelligence, cybersecurity, Don't miss, Features, Hot stuff, machine learning, News, Opal Security, opinion, policy /

Best practices for implementing the Principle of Least Privilege 2024-09-09 at 07:02 By Mirko Zorz In this Help Net Security interview, Umaimah Khan, CEO of Opal Security, shares her insights on implementing the Principle of Least Privilege (PoLP). She discusses best practices for effective integration, benefits for operational efficiency and audit readiness, and how to

React to this headline:

Loading spinner

Best practices for implementing the Principle of Least Privilege Read More »

Key metrics for monitoring and improving ZTNA implementations

Artificial Intelligence, cybersecurity, Don't miss, Features, Hot stuff, human error, News, opinion, policy, strategy, supply chain attacks, Wilson Perumal & Company, zero trust /

Key metrics for monitoring and improving ZTNA implementations 2024-08-13 at 07:01 By Mirko Zorz In this Help Net Security interview, Dean Hamilton, CTO at Wilson Perumal & Company, discusses the complexities of zero trust network access (ZTNA) implementation, focusing on balancing security with operational efficiency. Hamilton highlights strategic planning, collaboration between IT and business leaders,

React to this headline:

Loading spinner

Key metrics for monitoring and improving ZTNA implementations Read More »

The CISO’s approach to AI: Balancing transformation with trust

access control, Artificial Intelligence, CISO, cybersecurity, Devo Technology, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, policy, risk, Risk Management /

The CISO’s approach to AI: Balancing transformation with trust 2024-07-23 at 07:31 By Help Net Security As organizations increasingly adopt third-party AI tools to streamline operations and gain a competitive edge, they also invite a host of new risks. Many companies are unprepared, lacking clear policies and adequate employee training to mitigate these new dangers.

React to this headline:

Loading spinner

The CISO’s approach to AI: Balancing transformation with trust Read More »

Laying the groundwork for zero trust in the military

Artificial Intelligence, Core4ce, cybersecurity, Department of Defense, Don't miss, Features, Hot stuff, machine learning, network, News, opinion, policy, training, zero trust /

Laying the groundwork for zero trust in the military 2024-07-18 at 07:01 By Mirko Zorz In this Help Net Security interview, Curtis Arnold, VP and Chief Scientist at Core4ce, discusses the starting points for military training in zero trust principles, emphasizing foundational technologies and a unified taxonomy. Arnold provides insights into the DoD’s Zero Trust

React to this headline:

Loading spinner

Laying the groundwork for zero trust in the military Read More »

Scroll to Top