policy

GenAI is everywhere, but security policies haven’t caught up

Artificial Intelligence, deepfakes, Europe, generative AI, ISACA, News, policy, regulation, report, skill development /

GenAI is everywhere, but security policies haven’t caught up 2025-07-01 at 08:07 By Help Net Security Nearly three out of four European IT and cybersecurity professionals say staff are already using generative AI at work, up ten points in a year, but just under a third of organizations have put formal policies in place, according […]

React to this headline:

Loading spinner

GenAI is everywhere, but security policies haven’t caught up Read More »

Before scaling GenAI, map your LLM usage and risk zones

Application Security, ArmorCode, Artificial Intelligence, cybersecurity, Don't miss, Features, generative AI, Hot stuff, Lakera, LLMs, News, OWASP, policy, Straiker, The Motley Fool /

Before scaling GenAI, map your LLM usage and risk zones 2025-06-17 at 08:46 By Mirko Zorz In this Help Net Security interview, Paolo del Mundo, Director of Application and Cloud Security at The Motley Fool, discusses how organizations can scale their AI usage by implementing guardrails to mitigate GenAI-specific risks like prompt injection, insecure outputs,

React to this headline:

Loading spinner

Before scaling GenAI, map your LLM usage and risk zones Read More »

Trump Cybersecurity Executive Order Targets Digital Identity, Sanctions Policies

executive order, Featured, Government, Government Policy, policy, Trump, White House /

Trump Cybersecurity Executive Order Targets Digital Identity, Sanctions Policies 2025-06-09 at 10:23 By Eduard Kovacs President Trump says his new cybersecurity executive order amends problematic elements of Biden- and Obama-era executive orders. The post Trump Cybersecurity Executive Order Targets Digital Identity, Sanctions Policies appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Loading spinner

Trump Cybersecurity Executive Order Targets Digital Identity, Sanctions Policies Read More »

Agentic AI and the risks of unpredictable autonomy

Artificial Intelligence, cybersecurity, Don't miss, Features, generative AI, Hot stuff, News, policy, Thoughtworks /

Agentic AI and the risks of unpredictable autonomy 2025-06-04 at 08:00 By Mirko Zorz In this Help Net Security interview, Thomas Squeo, CTO for the Americas at Thoughtworks, discusses why traditional security architectures often fail when applied to autonomous AI systems. He explains why conventional threat modeling needs to adapt to address autonomous decision-making and

React to this headline:

Loading spinner

Agentic AI and the risks of unpredictable autonomy Read More »

Deepfake attacks could cost you more than money

Artificial Intelligence, cybersecurity, deepfakes, Don't miss, Features, Hot stuff, Incident Response, News, policy, X-PHY /

Deepfake attacks could cost you more than money 2025-05-16 at 09:04 By Mirko Zorz In this Help Net Security interview, Camellia Chan, CEO at X-PHY, discusses the dangers of deepfakes in real-world incidents, including their use in financial fraud and political disinformation. She explains AI-driven defense strategies and recommends updating incident response plans and internal

React to this headline:

Loading spinner

Deepfake attacks could cost you more than money Read More »

AI is challenging the geopolitical status quo

Armis, cybersecurity, News, policy, report /

AI is challenging the geopolitical status quo 2025-04-09 at 07:06 By Help Net Security AI-powered cyberattacks are becoming powerful new weapons. Organizations need to act fast to close the gap between today’s defenses and tomorrow’s threats. These attacks are only going to grow. New data from Armis Labs shows that the threat of AI in

React to this headline:

Loading spinner

AI is challenging the geopolitical status quo Read More »

Two things you need in place to successfully adopt AI

Artificial Intelligence, code, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, LLMs, News, opinion, policy, Security Journey /

Two things you need in place to successfully adopt AI 2025-03-31 at 08:32 By Help Net Security Organizations should not shy away from taking advantage of AI tools, but they need to find the right balance between maximizing efficiency and mitigating organizational risk. They need to put in place: 1. A seamless AI security policy

React to this headline:

Loading spinner

Two things you need in place to successfully adopt AI Read More »

Cybersecurity needs a leader, so let’s stop debating and start deciding

boardroom, CIO, CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, policy, Rapid7, strategy /

Cybersecurity needs a leader, so let’s stop debating and start deciding 2025-02-25 at 18:09 By Help Net Security Have you ever heard anyone earnestly ask in a business, “Who owns legal?” or “Who sets the financial strategy?” Probably not – it should be obvious, right? Yet, when it comes to cybersecurity, the question of ownership

React to this headline:

Loading spinner

Cybersecurity needs a leader, so let’s stop debating and start deciding Read More »

Product showcase: Securing Active Directory passwords with Specops Password Policy

Active Directory, Don't miss, Hot stuff, News, passwords, policy, Product showcase, Specops Software /

Product showcase: Securing Active Directory passwords with Specops Password Policy 2024-12-04 at 15:03 By Help Net Security Password policies are a cornerstone of cybersecurity for any organization. A good password policy ensures every end user has a strong and unique password, significantly reducing the risk of unauthorized access and data breaches. These policies not only

React to this headline:

Loading spinner

Product showcase: Securing Active Directory passwords with Specops Password Policy Read More »

How to make Infrastructure as Code secure by default

code, cybersecurity, DevOps, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, policy, remediation, security standard, StackGen, threat detection /

How to make Infrastructure as Code secure by default 2024-09-13 at 07:46 By Help Net Security Infrastructure as Code (IaC) has become a widely adopted practice in modern DevOps, automating the management and provisioning of technology infrastructure through machine-readable definition files. What can we to do make IaC secure by default? Security workflows for IaC

React to this headline:

Loading spinner

How to make Infrastructure as Code secure by default Read More »

Best practices for implementing the Principle of Least Privilege

access management, Artificial Intelligence, cybersecurity, Don't miss, Features, Hot stuff, machine learning, News, Opal Security, opinion, policy /

Best practices for implementing the Principle of Least Privilege 2024-09-09 at 07:02 By Mirko Zorz In this Help Net Security interview, Umaimah Khan, CEO of Opal Security, shares her insights on implementing the Principle of Least Privilege (PoLP). She discusses best practices for effective integration, benefits for operational efficiency and audit readiness, and how to

React to this headline:

Loading spinner

Best practices for implementing the Principle of Least Privilege Read More »

Key metrics for monitoring and improving ZTNA implementations

Artificial Intelligence, cybersecurity, Don't miss, Features, Hot stuff, human error, News, opinion, policy, strategy, supply chain attacks, Wilson Perumal & Company, zero trust /

Key metrics for monitoring and improving ZTNA implementations 2024-08-13 at 07:01 By Mirko Zorz In this Help Net Security interview, Dean Hamilton, CTO at Wilson Perumal & Company, discusses the complexities of zero trust network access (ZTNA) implementation, focusing on balancing security with operational efficiency. Hamilton highlights strategic planning, collaboration between IT and business leaders,

React to this headline:

Loading spinner

Key metrics for monitoring and improving ZTNA implementations Read More »

The CISO’s approach to AI: Balancing transformation with trust

access control, Artificial Intelligence, CISO, cybersecurity, Devo Technology, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, policy, risk, Risk Management /

The CISO’s approach to AI: Balancing transformation with trust 2024-07-23 at 07:31 By Help Net Security As organizations increasingly adopt third-party AI tools to streamline operations and gain a competitive edge, they also invite a host of new risks. Many companies are unprepared, lacking clear policies and adequate employee training to mitigate these new dangers.

React to this headline:

Loading spinner

The CISO’s approach to AI: Balancing transformation with trust Read More »

Laying the groundwork for zero trust in the military

Artificial Intelligence, Core4ce, cybersecurity, Department of Defense, Don't miss, Features, Hot stuff, machine learning, network, News, opinion, policy, training, zero trust /

Laying the groundwork for zero trust in the military 2024-07-18 at 07:01 By Mirko Zorz In this Help Net Security interview, Curtis Arnold, VP and Chief Scientist at Core4ce, discusses the starting points for military training in zero trust principles, emphasizing foundational technologies and a unified taxonomy. Arnold provides insights into the DoD’s Zero Trust

React to this headline:

Loading spinner

Laying the groundwork for zero trust in the military Read More »

Overlooked essentials: API security best practices

access control, Akto, API security, authentication, cybersecurity, Don't miss, Encryption, Features, Hot stuff, News, opinion, policy /

Overlooked essentials: API security best practices 2024-07-17 at 07:31 By Mirko Zorz In this Help Net Security, Ankita Gupta, CEO at Akto, discusses API security best practices, advocating for authentication protocols like OAuth 2.0 and OpenID Connect, strict HTTPS encryption, and the use of JWTs for stateless authentication. Gupta recommends role-based access control (RBAC) and

React to this headline:

Loading spinner

Overlooked essentials: API security best practices Read More »

GDPR turns six: Expert discusses AI impact

Artificial Intelligence, Compliance, cybersecurity, Data Protection, Don't miss, EU, framework, GDPR, Hot stuff, Next DLP, policy, Video /

GDPR turns six: Expert discusses AI impact 2024-06-11 at 06:31 By Help Net Security The European Union’s GDPR policy came into effect six years ago. Since then, it has become widely regarded as the standard for data sharing, but the rise of new technology has questioned its suitability and relevance. In this Help Net Security

React to this headline:

Loading spinner

GDPR turns six: Expert discusses AI impact Read More »

Unpacking CISA’s AI guidelines

Artificial Intelligence, Axonius, CISA, cybersecurity, Don't miss, Government, guidelines, Hot stuff, policy, Video /

Unpacking CISA’s AI guidelines 2024-06-07 at 07:01 By Help Net Security CISA’s late April AI and infrastructure guidelines address 16 sectors along with their cybersecurity needs and operations concerning the growth of AI as a tool to build both federal and vendor cybersecurity infrastructure in the federal marketplace. In this Help Net Security video, Tom

React to this headline:

Loading spinner

Unpacking CISA’s AI guidelines Read More »

Avoiding the cybersecurity blame game

cybersecurity, Data Protection, Don't miss, Expert analysis, Expert corner, Hot stuff, human error, News, opinion, policy, Praxis Security Labs, Risk Management /

Avoiding the cybersecurity blame game 2024-05-29 at 07:31 By Help Net Security Cyber risk management has many components. Those who do it well will conduct comprehensive risk assessments, enact well-documented and well-communicated processes and controls, and fully implemented monitoring and review requirements. Processes and controls typically comprise policies, which will include detailed explanations of the

React to this headline:

Loading spinner

Avoiding the cybersecurity blame game Read More »

CISOs pursuing AI readiness should start by updating the org’s email security policy

Artificial Intelligence, CISO, cybersecurity, Don't miss, email security, Expert analysis, Expert corner, generative AI, Hot stuff, Ironscales, News, opinion, policy /

CISOs pursuing AI readiness should start by updating the org’s email security policy 2024-05-23 at 08:03 By Anamarija Pogorelec Over the past few years, traditional phishing messages — with their pervasive linguistic errors, thinly-veiled malicious payloads, and often outlandish pretexts — have been on the decline. Easily detected by most of today’s standard email security

React to this headline:

Loading spinner

CISOs pursuing AI readiness should start by updating the org’s email security policy Read More »

Are you meeting your cyber insurance requirements?

attacks, backup, Clumio, cyber insurance, cybersecurity, Don't miss, Hot stuff, patching, policy, security controls, strategy, tips, Video /

Are you meeting your cyber insurance requirements? 2024-05-14 at 06:31 By Help Net Security Cyber insurance policies are specifically designed to offer financial protection to organizations in the face of cyber attacks, data breaches, or other cybersecurity incidents. While they can provide a sense of security, it’s crucial to be aware of their limitations. In

React to this headline:

Loading spinner

Are you meeting your cyber insurance requirements? Read More »

Scroll to Top