EU cybersecurity standards are at risk if supplier ban passes 2026-04-16 at 10:16 By Mirko Zorz Today, the European standards body ETSI sent a formal position paper to the European Commission, calling for changes to the proposed Cybersecurity Act 2 (CSA2), the EU’s planned revision to its existing cybersecurity certification framework. The paper focuses on […]
EU cybersecurity standards are at risk if supplier ban passes Read More »
Audits for AI systems that keep changing 2026-01-28 at 07:28 By Anamarija Pogorelec Security and risk teams often rely on documentation and audit artifacts that reflect how an AI system worked months ago. ETSI’s continuous auditing based conformity assessment specification (ETSI TS 104 008) describes a different approach, where conformity is evaluated through recurring measurement
Audits for AI systems that keep changing Read More »
A new European standard outlines security requirements for AI 2026-01-19 at 09:19 By Anamarija Pogorelec The European Telecommunications Standards Institute (ETSI) has released a new European Standard that addresses a growing concern for security teams working with AI. The standard, ETSI EN 304 223, sets baseline cybersecurity requirements for AI models and systems intended for
A new European standard outlines security requirements for AI Read More »
Wi-Fi evolution tightens focus on access control 2026-01-09 at 07:33 By Anamarija Pogorelec Wi-Fi networks are taking on heavier workloads, more devices, and higher expectations from users who assume constant access everywhere. A new Wireless Broadband Alliance industry study shows that this expansion is reshaping priorities around security, identity, and trust, alongside adoption of new
Wi-Fi evolution tightens focus on access control Read More »
Life, death, and online identity: What happens to your online accounts after death? 2025-10-22 at 15:13 By Zeljka Zorz The rapid technological advances of recent decades have transformed nearly every aspect of our lives. One major shift is that many of us now maintain extensive digital footprints, spanning countless online accounts, from email and social
Life, death, and online identity: What happens to your online accounts after death? Read More »
OpenID Foundation sets new standards for real-time security event sharing 2025-09-22 at 08:09 By Help Net Security The OpenID Foundation (OIDF) has approved three Final Specifications, establishing the first global standards for real-time security event sharing across digital identity systems. The approved Final Specifications are: OpenID Shared Signals Framework 1.0 – Enables secure, real-time delivery
OpenID Foundation sets new standards for real-time security event sharing Read More »
NIST finalizes lightweight cryptography standard for small devices 2025-08-13 at 17:24 By Anamarija Pogorelec The National Institute of Standards and Technology (NIST) has finalized a lightweight cryptography standard to protect even the smallest networked devices from cyberattacks. Published as Ascon-Based Lightweight Cryptography Standards for Constrained Devices (NIST Special Publication 800-232), the standard offers tools for
NIST finalizes lightweight cryptography standard for small devices Read More »
FAPI 2.0: How the OpenID Foundation is enabling scalable interoperability in global healthcare 2025-07-14 at 09:32 By Mirko Zorz In this Help Net Security interview, Gail Hodges, Executive Director at the OpenID Foundation, discusses how the Foundation ensures global consistency in FAPI 2.0 implementations and helps different industries, including healthcare, adopt secure and interoperable identity
What EU’s PQC roadmap means on the ground 2025-07-10 at 09:11 By Mirko Zorz In this Help Net Security interview, David Warburton, Director at F5 Labs, discusses how the EU’s Post-Quantum Cryptography (PQC) roadmap aligns with global efforts and addresses both the technical and regulatory challenges of migrating to PQC. Warburton also outlines practical steps
What EU’s PQC roadmap means on the ground Read More »
The hidden risks of LLM autonomy 2025-06-04 at 08:42 By Help Net Security Large language models (LLMs) have come a long way from the once passive and simple chatbots that could respond to basic user prompts or look up the internet to generate content. Today, they can access databases and business applications, interact with external
The hidden risks of LLM autonomy Read More »
How AI agents reshape industrial automation and risk management 2025-05-27 at 08:33 By Mirko Zorz In this Help Net Security interview, Michael Metzler, Vice President Horizontal Management Cybersecurity for Digital Industries at Siemens, discusses the cybersecurity implications of deploying AI agents in industrial environments. He talks about the risks that come with AI agents making
How AI agents reshape industrial automation and risk management Read More »
Building cybersecurity culture in science-driven organizations 2025-05-15 at 08:31 By Mirko Zorz In this Help Net Security interview, Anne Sofie Roed Rasmussen, CISO at Novonesis, discusses how a science-driven organization approaches cybersecurity, aligning innovation with protection, measuring cultural progress, managing shadow IT, and earning trust from scientific leaders. How do you measure progress when it
Building cybersecurity culture in science-driven organizations Read More »
New blockchain security standards target safer ecosystems 2025-05-15 at 07:01 By Help Net Security The Blockchain Security Standards Council (BSSC) launched its first four security standards, marking a significant milestone in the journey towards a more secure and trustworthy blockchain ecosystem. These standards are designed to address critical aspects of blockchain security, elevating trust in
New blockchain security standards target safer ecosystems Read More »
13 core principles to strengthen AI cybersecurity 2025-04-25 at 07:55 By Help Net Security The new ETSI TS 104 223 specification for securing AI provides reliable and actionable cybersecurity guidance aimed at protecting end users. Adopting a whole-lifecycle approach, the framework outlines 13 core principles that expand into 72 detailed, trackable principles across five key
13 core principles to strengthen AI cybersecurity Read More »
Evolving uses of tokenization to protect data 2025-02-10 at 06:04 By Help Net Security Tokenization replaces sensitive data, such as credit card numbers or personal identifiers, with unique, non-sensitive tokens with no exploitable value. This method helps protect sensitive information by ensuring that the actual data is never stored or transmitted, reducing the risk of
Evolving uses of tokenization to protect data Read More »
Aim for crypto-agility, prepare for the long haul 2025-02-04 at 07:33 By Help Net Security While organizations have long experimented with various facets of digital transformation, the journey toward crypto-agility is one of the most significant technological transitions of our time. Success in the emerging quantum era will require technical expertise, strategic foresight, careful planning,
Aim for crypto-agility, prepare for the long haul Read More »
Addressing the intersection of cyber and physical security threats 2025-01-21 at 07:05 By Mirko Zorz In this Help Net Security, Nicholas Jackson, Director of Cyber Operations at Bitdefender, discusses how technologies like AI, quantum computing, and IoT are reshaping cybersecurity. He shares his perspective on the new threats these advancements bring and offers practical advice
Addressing the intersection of cyber and physical security threats Read More »
A humble proposal: The InfoSec CIA triad should be expanded 2025-01-16 at 06:35 By Help Net Security The inconsistent and incomplete definitions of essential properties in information security create confusion within the InfoSec community, gaps in security controls, and may elevate the costs of incidents. In this article, I will analyze the CIA triad, point
A humble proposal: The InfoSec CIA triad should be expanded Read More »
eBay CISO on managing long-term cybersecurity planning and ROI 2025-01-07 at 07:33 By Mirko Zorz In this Help Net Security interview, Sean Embry, CISO at eBay, discusses key aspects of cybersecurity leadership. He shares insights on balancing long-term strategic planning with immediate threat response, evaluating the ROI of new technologies, and addressing employee cybersecurity fatigue.
eBay CISO on managing long-term cybersecurity planning and ROI Read More »
Why cybersecurity is critical to energy modernization 2024-12-20 at 07:53 By Mirko Zorz In this Help Net Security interview, Anjos Nijk, Managing Director of the European Network for Cyber security (ENCS), discusses cybersecurity in the energy sector as it modernizes with renewable sources and smart grid technologies. Nijk also addresses the need for international collaboration,
Why cybersecurity is critical to energy modernization Read More »