policy

The checklist problem behind critical infrastructure cyber safety

asset discovery, Compliance, critical infrastructure, cyber resilience, cyber risk, cybersecurity, Don't miss, Government, ICS/SCADA, News, policy, regulation, research, USA /

The checklist problem behind critical infrastructure cyber safety 2026-06-17 at 07:00 By Anamarija Pogorelec An asset owner can meet major federal cyber compliance standards and still run equipment that lacks the engineering to withstand an attack or a failure. New research from George Mason University examines how United States cyber policy defines reasonable care for […]

The checklist problem behind critical infrastructure cyber safety Read More »

Trump Signs Executive Order That Invites Vetting of Top AI Models for National Security Risks

AI, Artificial Intelligence, Featured, Government, policy /

Trump Signs Executive Order That Invites Vetting of Top AI Models for National Security Risks 2026-06-02 at 23:10 By Associated Press The order establishes a framework for the federal government to vet the national security risks of the most advanced AI systems for up to a month before their public release. The post Trump Signs

Trump Signs Executive Order That Invites Vetting of Top AI Models for National Security Risks Read More »

145 AI laws passed in 2025 and privacy teams aren’t catching a break

AI, CCPA, cybersecurity, DataGrail, GDPR, News, policy, Privacy, regulation, report, Risk Management, security auditing /

145 AI laws passed in 2025 and privacy teams aren’t catching a break 2026-06-01 at 08:19 By Anamarija Pogorelec 145 AI-related laws were enacted by state legislatures in 2025, and more than 1,000 additional bills were introduced or revised, according to DataGrail’s Privacy and AI Trends Report 2026. Average cost of manual data subject request

145 AI laws passed in 2025 and privacy teams aren’t catching a break Read More »

Lawmakers Gathered Quietly to Talk About AI. Angst and Fears of ‘Destruction’ Followed

AI, Artificial Intelligence, Government, policy /

Lawmakers Gathered Quietly to Talk About AI. Angst and Fears of ‘Destruction’ Followed 2026-04-17 at 14:32 By Associated Press Thursday’s discussion comes as leaders on Capitol Hill grapple with the dizzying pace of global developments in which technology plays a central role. The post Lawmakers Gathered Quietly to Talk About AI. Angst and Fears of

Lawmakers Gathered Quietly to Talk About AI. Angst and Fears of ‘Destruction’ Followed Read More »

Google Play is changing how Android apps access your contacts and location

Android, Google, Google Play, News, policy, Privacy /

Google Play is changing how Android apps access your contacts and location 2026-04-16 at 15:03 By Anamarija Pogorelec Google’s new set of Google Play policy updates and account transfer feature strengthen user privacy and protect businesses from fraud. Google is also expanding features for managing new contact and location policy changes to support a smoother,

Google Play is changing how Android apps access your contacts and location Read More »

Google to penalize sites that hijack the back button

Google, Google Search, News, policy, spam /

Google to penalize sites that hijack the back button 2026-04-14 at 13:32 By Anamarija Pogorelec Google is broadening its spam policies to crack down on “back button hijacking,” a deceptive practice where websites interfere with browser navigation, blocking users from returning to the page they came from. Instead, users are usually redirected to pages they

Google to penalize sites that hijack the back button Read More »

Silent Drift: How LLMs Are Quietly Breaking Organizational Access Control

AI, Artificial Intelligence, code, Identity & Access, LLM, policy /

Silent Drift: How LLMs Are Quietly Breaking Organizational Access Control 2026-03-30 at 17:30 By Kevin Townsend LLMs can write complex Rego and Cedar code in seconds, but a single missing condition or hallucinated attribute can quietly dismantle your organization’s least-privilege security model. The post Silent Drift: How LLMs Are Quietly Breaking Organizational Access Control appeared

Silent Drift: How LLMs Are Quietly Breaking Organizational Access Control Read More »

US Cyber Strategy Targets Adversaries, Critical Infrastructure, and Emerging Technologies

AI, Cyberwarfare, Featured, Government, policy, strategy, Trump /

US Cyber Strategy Targets Adversaries, Critical Infrastructure, and Emerging Technologies 2026-03-07 at 18:02 By Mike Lennon Trump’s Cyber Strategy calls for stronger deterrence against cyber adversaries, modernization of federal networks, protection of critical infrastructure, and investment in technologies such as AI and post-quantum cryptography. The post US Cyber Strategy Targets Adversaries, Critical Infrastructure, and Emerging

US Cyber Strategy Targets Adversaries, Critical Infrastructure, and Emerging Technologies Read More »

OpenAI updates Europe privacy policy, adding new data categories

EU, Europe, News, OpenAI, policy, Privacy /

OpenAI updates Europe privacy policy, adding new data categories 2026-02-09 at 13:17 By Anamarija Pogorelec OpenAI has updated its Europe-facing privacy policy following the November 2024 EU revision, clarifying scope, expanding coverage, and detailing user controls. The updated document is longer, with dedicated sections for data controls and practical resources. It explains key controls and

OpenAI updates Europe privacy policy, adding new data categories Read More »

Conditional Access enforcement change coming to Microsoft Entra

Microsoft, Microsoft Entra ID, News, policy /

Conditional Access enforcement change coming to Microsoft Entra 2026-01-29 at 14:05 By Sinisa Markovic Microsoft will change how Conditional Access policies are enforced in Microsoft Entra starting March 27, 2026, with a phased rollout continuing through June 2026. The change affects sign-ins through client applications that request only OIDC scopes or a limited set of

Conditional Access enforcement change coming to Microsoft Entra Read More »

What consumers expect from data security

access control, cybersecurity, Data Protection, News, policy, Privacy, regulation, report, SIIA /

What consumers expect from data security 2025-12-31 at 08:50 By Anamarija Pogorelec Security teams spend years building controls around data protection, then a survey asks consumers a simple question about responsibility and the answer lands close to home. Most people believe they are in charge of their own data privacy, and they want systems that

What consumers expect from data security Read More »

Your critical infrastructure is running out of time

Cisco, critical infrastructure, cyber resilience, cybersecurity, News, patching, policy, report /

Your critical infrastructure is running out of time 2025-11-27 at 08:05 By Anamarija Pogorelec Cyber attackers often succeed not because they are inventive, but because the systems they target are old. A new report by Cisco shows how unsupported technology inside national infrastructure creates openings that attackers can exploit repeatedly. The findings show how widespread

Your critical infrastructure is running out of time Read More »

How one quick AI check can leak your company’s secrets

Artificial Intelligence, cybersecurity, Data Protection, Don't miss, generative AI, IBM, News, policy, Video /

How one quick AI check can leak your company’s secrets 2025-11-21 at 08:30 By Help Net Security In this Help Net Security video, Dinesh Nagarajan, Global Partner, Cyber Security Services at IBM Consulting, walks through a situation in which an employee shared production source code with a public AI tool. The tool learned from the

How one quick AI check can leak your company’s secrets Read More »

How to cut security tool sprawl without losing control

CISO, cybersecurity, Don't miss, News, policy, strategy, threats, tips, Versa Networks, Video, zero trust /

How to cut security tool sprawl without losing control 2025-11-19 at 07:58 By Help Net Security In this Help Net Security video, Jon Taylor, Director and Principal of Security at Versa Networks, talks about how organizations can deal with security tool sprawl. He explains why many teams end up with too many tools, especially as

How to cut security tool sprawl without losing control Read More »

Employees keep finding new ways around company access controls

1Password, access control, Artificial Intelligence, cybersecurity, News, passwords, policy, report, SaaS, shadow IT /

Employees keep finding new ways around company access controls 2025-11-03 at 07:30 By Anamarija Pogorelec AI, SaaS, and personal devices are changing how people get work done, but the tools that protect company systems have not kept up, according to 1Password. Tools like SSO, MDM, and IAM no longer align with how employees and AI

Employees keep finding new ways around company access controls Read More »

Six metrics policymakers need to track cyber resilience

cyber insurance, cyber resilience, cyber risk, cybersecurity, Europe, Government, News, policy, report, security metrics, Zurich Insurance Group /

Six metrics policymakers need to track cyber resilience 2025-10-09 at 07:48 By Anamarija Pogorelec Most countries are still making national cyber policy decisions without reliable numbers. Regulations often focus on incident reporting after damage is done, but they fail to give governments a forward-looking picture of resilience. A new report from Zurich Insurance Group argues

Six metrics policymakers need to track cyber resilience Read More »

Employees keep feeding AI tools secrets they can’t take back

Artificial Intelligence, CISO, Compliance, cybersecurity, Kiteworks, News, policy, regulation, security controls /

Employees keep feeding AI tools secrets they can’t take back 2025-09-09 at 08:03 By Anamarija Pogorelec Employees are putting sensitive data into public AI tools, and many organizations don’t have the controls to stop it. A new report from Kiteworks finds that most companies are missing basic safeguards to manage this data. Security control maturity

Employees keep feeding AI tools secrets they can’t take back Read More »

What a mature OT security program looks like in practice

cyber resilience, cybersecurity, Don't miss, Features, Hot stuff, monitoring, News, policy, Risk Management, security standard, strategy, Yokogawa /

What a mature OT security program looks like in practice 2025-07-17 at 09:08 By Mirko Zorz In this Help Net Security interview, Cindy Segond von Banchet CC, Cybersecurity Lead at Yokogawa Europe, shares her insights on what defines a sustainable OT security program. She outlines the key differences between short-term fixes and long-term resilience, and

What a mature OT security program looks like in practice Read More »

Product showcase: Enzoic for Active Directory

Active Directory, credentials, cybersecurity, Don't miss, Enzoic, Hot stuff, monitoring, News, passwords, policy, Product showcase /

Product showcase: Enzoic for Active Directory 2025-07-16 at 08:19 By Help Net Security Enzoic for Active Directory is an easy-to-install plugin that integrates with Microsoft Active Directory (AD) to set, monitor, and remediate unsafe passwords and credentials. In essence, it serves as an always-on sentinel for AD, preventing users from choosing compromised or weak passwords

Product showcase: Enzoic for Active Directory Read More »

Stop settling for check-the-box cybersecurity policies

cybersecurity, Don't miss, News, Optiv Security, policy, Snow Software, strategy, Stytch /

Stop settling for check-the-box cybersecurity policies 2025-07-15 at 07:43 By Sinisa Markovic After every breach, people ask: How did this happen if there were cybersecurity policies in place? The truth is, just having them doesn’t stop attacks. They only work if people know them and follow them when it matters. That’s where things often break

Stop settling for check-the-box cybersecurity policies Read More »

Scroll to Top