Compliance, Exercises and Security

Personal liability: A new trend in cybersecurity compliance?

CIO

OCTOBER 29, 2024

Compliance is becoming personal — personal in the sense that cybersecurity compliance regulations increasingly include provisions that make it possible to hold individuals personally liable for oversights that lead to issues like cybersecurity breaches. This means that the stakes of noncompliance are becoming steeper.

Security

Security Compliance Trends Linux

Protecting content in the digital age: Navigating the evolving threat landscape in media publishing

CIO

AUGUST 28, 2024

In this exclusive interview, we sit down with Anoop Kumar, Head of Information Security Governance Risk and Compliance at GulfNews, Al Nisr Publishing, to discuss the evolving challenges of cybersecurity in the media industry. What are the most prevalent types of threats to network security in recent years?

Security

Security Media Technical Review Education

Optimizing PCI compliance in financial institutions

CIO

JANUARY 4, 2024

In the fast-evolving world of finance, data security is of paramount importance. Financial institutions must ensure the protection of sensitive personal information, most commonly payment card data, to maintain, trust and meet various regulatory requirements. This is where a Common Controls Assessment (CCA) can play a pivotal role.

Compliance

Compliance Architecture Resources Authentication

Webinars

Business Intelligence 101: How To Make The Best Solution Decision For Your Organization

Improving the Accuracy of Generative AI Systems: A Structured Approach

Prepare Now: 2025s Must-Know Trends For Product And Data Leaders

MORE WEBINARS

4 Elements That Balance Security and Resiliency

CIO

SEPTEMBER 14, 2022

Does your organization need to improve security and upgrade its IT infrastructure? These priorities are in response to an ever-evolving business and security landscape. How to balance security with resiliency. These implementations have also led to security gaps and vulnerabilities. If so, you’re not alone.

Compliance

Compliance Policies Exercises Cloud

Cybersecurity Snapshot: 6 Best Practices for Implementing AI Securely and Ethically

Tenable

MAY 31, 2024

But how can you ensure you use it securely, responsibly, ethically and in compliance with regulations? Check out best practices, guidelines and tips in this special edition of the Tenable Cybersecurity Snapshot! How can the security team contribute to these efforts? We look at best practices for secure use of AI.

Security

Security Artificial Inteligence Generative AI Artificial Intelligence

Why Is It Necessary to Run Cybersecurity Evaluation Exercises?

Altexsoft

FEBRUARY 6, 2021

The rapidly growing volume and sophistication of attacks entail the need for greater preparedness, especially through regular security exercises. Here’s a question related to the field of security: Why do military organizations ceaselessly conduct combat exercises or drills? Reason 1: Knowing if the system works.

Exercises

Exercises Weak Development Team Testing Malware

The rising software supply chain threat: Mounting a unified defense

CIO

JUNE 26, 2024

Enterprises have been hampered in fighting back by lack of internal consensus on their security capabilities and practices. Executives tended to have a comparatively rosier picture of their organization’s security posture. The research findings revealed region-specific concerns over SSC security as well.

Software Review

Software Review Artificial Inteligence Software Artificial Intelligence

Stripe has laid off employees behind TaxJar, a tax compliance startup it acquired last year

TechCrunch

AUGUST 19, 2022

Stripe has laid off some of the employees who support TaxJar, a tax compliance startup that it acquired last year, TechCrunch has learned from multiple sources and firsthand documentation. techcrunch.com, or Signal, a secure messaging app, at (925) 271 0912. Stripe’s new and lower internal valuation, explained.

Compliance

Compliance Fintech Technical Review Exercises

Learning to Love Audit and Compliance - It’s Possible

Tenable

JANUARY 8, 2024

Securing running workloads in the public cloud and meeting compliance standards are non-negotiable for most organizations. As a result, audits and compliance exercises can cause delays and anxiety for security and compliance teams.

Compliance

Compliance Weak Development Team Guidelines Lambda

Architect defense-in-depth security for generative AI applications using the OWASP Top 10 for LLMs

AWS Machine Learning - AI

JANUARY 26, 2024

Many customers are looking for guidance on how to manage security, privacy, and compliance as they develop generative AI applications. We then discuss how building on a secure foundation is essential for generative AI.

Artificial Inteligence

Artificial Inteligence Generative AI Security Applications

You’ve Achieved GDPR Compliance—Now What?

Ivanti

NOVEMBER 22, 2021

We did whatever needed to be done to achieve compliance. As you continue creating your day-to-day compliance strategy, you might find that the tactics that got you to the finish line were more short-term solutions that won’t necessarily stand long-term. Compliance Framework. Now it seems like a distant memory.

Compliance

Compliance Sustainability Government Systems Review

4 remedies to avoid cloud app migration headaches

CIO

NOVEMBER 29, 2023

But if you do your planning exercise properly, you shouldn’t have to move your applications around,” he says. Pablo Del Giudice, cloudops and cybersecurity studio partner at professional services firm Globant, adds that migration is possible if you position your organization correctly. Security is a good example. “If

Cloud

Cloud Technical Review Software Review Systems Review

Due diligence is ever more critical as the battle for cloud sovereignty intensifies

CIO

DECEMBER 21, 2022

These initiatives reinforce the growing potential of sovereign cloud services in a world increasingly dominated by questions of cloud choice and control, and complex compliance requirements. After Google’s cooperation with T-Systems and the “ Delos ” offer from Microsoft, SAP, and Arvato, AWS now follows suit. So, what does a pledge mean?

Systems Review

Systems Review Technical Review Cloud Compliance

6 Reasons Financial Institutions Are Embracing Risk and Regulation Tactics

Perficient

DECEMBER 18, 2023

In the fast-paced realm of finance, the significance of regulatory risk and compliance management practices cannot be overstated. The Role of Regulatory Risk and Compliance 1. Compliance with these legal obligations is not only mandated by regulatory authorities but also necessary for maintaining an institution’s reputation.

Compliance

Compliance Banking Insurance Guidelines

Ketch raises another $20M as demand grows for its privacy data control platform

TechCrunch

SEPTEMBER 17, 2021

Six months after securing a $23 million Series A round, Ketch , a startup providing online privacy regulation and data compliance, brought in an additional $20 million in A1 funding, this time led by Acrew Capital. In 2020, Ketch introduced its data control platform for programmatic privacy, governance and security.

Data

Data Compliance Malware Exercises

Cybersecurity Snapshot: 6 Things That Matter Right Now

Tenable

AUGUST 26, 2022

26 | The “platformization” of hybrid cloud security. Tackling IT/OT cybersecurity challenges. Tips for complying with HIPAA’s cybersecurity rule. 1 - IDC sees shift to “platformization” of hybrid cloud security. That’s according to IDC’s “Worldwide Cloud Workload Security Forecast, 2022-2026.” . And much more!

Weak Development Team

Weak Development Team Software Review Technical Review Budget

7 common IT training mistakes to avoid

CIO

APRIL 26, 2023

It’s widely recognized that introducing IT teams to the latest technology, business, and security advancements is essential for maximum performance and productivity. Ryan points to security training as an example. Is your organization giving its teams the training they need to keep pace with the latest industry developments?

Training

Training Technical Advisors Artificial Inteligence Fractional CTO

Cybersecurity Snapshot: Curb Your Enthusiasm Over ChatGPT-type Tools at Work, Says U.K.’s NCSC

Tenable

SEPTEMBER 1, 2023

1 – NCSC: Be careful when deploying AI chatbots at work When adopting AI chatbots powered by large language models (LLMs), like ChatGPT, organizations should go slow and make sure they understand these tools’ cybersecurity risks. National Cyber Security Centre. That’s the advice dispensed this week in a pair of blogs by the U.K.

ChatGPT

ChatGPT Artificial Inteligence Tools Malware

Automating compliance in software delivery

CircleCI

JULY 18, 2022

One emerging challenge that developers and IT leaders face is the need to stay compliant with regulations and control frameworks that stipulate comprehensive data security, incident response, and monitoring and reporting requirements. Compliance requirements can add significant overhead to an organization.

Compliance

Compliance Software Review Software Policies

DEI MIA in new Meta AI advisory group

CIO

MAY 27, 2024

We need to see compliance, legal, HR, procurement and technology teams and they have to be diverse in the type of function they do and definitely diverse in perspectives. We need to see a balance of perspectives from race, gender and all those types of things, and it also has to be a thoughtful exercise.”

Groups

Groups Technical Review Systems Review Generative AI

How to create an effective business continuity plan

CIO

DECEMBER 7, 2023

“Every business should have the mindset that they will face a disaster, and every business needs a plan to address the different potential scenarios,” says Goh Ser Yoong, head of compliance at Advance.AI Moreover, there are increasing consumer and regulatory expectations for both enterprise security and continuity today.

Business Continuity

Business Continuity Disaster Recovery How To Systems Review

From Solar Sunrise to Solar Winds: The Questionable Value of Two Decades of Cybersecurity Advice

Haft of the Spear

MARCH 8, 2021

While the Ware Report of 1970 codified the foundations of the computer security discipline, it was the President’s Commission on Critical Infrastructure Protection report of 1997 that expanded those requirements into recommendations for both discrete entities as well as the nascent communities that were growing in and around the Internet.

Security

Security Government Policies Report

The big speed bump on the road to GenAI

CIO

SEPTEMBER 14, 2023

Another hurdle to building the data foundation is getting all the compliance, security and regulatory issues resolved. This isn’t a trivial exercise. Artificial Intelligence, Events, Security And it’s a bit invisible. It doesn’t show up as a cool new feature on your website. 11, click here.

Generative AI

Generative AI Artificial Inteligence Artificial Intelligence Exercises

Why enterprise CIOs need to plan for Microsoft gen AI

CIO

AUGUST 14, 2024

It’s embedded in the applications we use every day and the security model overall is pretty airtight. Using Azure for both data and gen AI means both Copilot and any applications organizations build themselves inherit the security, permissions, and data access already in place. That’s risky.”

Enterprise

Enterprise Azure ChatGPT Generative AI

OnPoint Insights: Taking Security Seriously – OnPoint, DCSA, and Protecting Our National Security

Dots and Bridges

SEPTEMBER 2, 2021

WEBINAR: OnPoint Insights: “Taking Security Seriously – OnPoint, DCSA, and Protecting Our National Security” Episode 2. Abney is currently serving as an Industrial Security Representative assigned to the Alexandria 1 Field Office, Defense Counterintelligence and Security Agency. OnPoint Consulting, Inc.

Fractional CTO

Fractional CTO CTO Exercises Programming

OnPoint Insights: Taking Security Seriously – OnPoint, DCSA, and Protecting Our National Security

Dots and Bridges

SEPTEMBER 2, 2021

WEBINAR: OnPoint Insights: “Taking Security Seriously – OnPoint, DCSA, and Protecting Our National Security” Episode 2. Abney is currently serving as an Industrial Security Representative assigned to the Alexandria 1 Field Office, Defense Counterintelligence and Security Agency. OnPoint Consulting, Inc.

Fractional CTO

Fractional CTO CTO Exercises Programming

Balancing Innovation and Governance: The CDO’s Dilemma

N2Growth Blog

MAY 13, 2024

Balancing these numerous responsibilities requires constant collaboration with other executives, honing a delicate balance between data innovation, security, and compliance. The Intersection of Creativity and Regulatory Compliance In the 21st century, businesses are primarily driven by data-centric operations.

Government

Government Innovation Compliance Artificial Inteligence

Due diligence is Ever More Critical as the Battle for Cloud Sovereignty Intensifies

CIO

APRIL 28, 2023

The IT industry has recently seen some interesting activity from global hyperscale cloud providers surrounding their cloud sovereignty ambitions, and their scrutiny by the regulators covering some basics compliance requirements, like the European Union’s (EU) General Data Protection Regulation (GDPR). So, what does a pledge mean?

Systems Review

Systems Review Technical Review Cloud Compliance

2021 Cybersecurity Predictions for Europe, the Middle East and Africa

Palo Alto Networks

JANUARY 7, 2021

We’ve taken a moment to make cybersecurity predictions for Europe, the Middle East and Africa (EMEA) in 2021, and to consider the upcoming challenges and opportunities. The consumer hop: With so many working from home, the weak point becomes what else could act as a bridge to the secured business device.

IoT

IoT Software Review Cloud Systems Review

Patient Portal Puts a Spotlight on Secure Messaging

CTOvision

AUGUST 15, 2014

For healthcare professionals participating in the Centers for Medicare & Medicaid Services electronic health record (EHR) incentive program, you’ll soon need to demonstrate compliance with the Stage 2 Meaningful Use requirements in order to continue receiving incentive payments.

Healthcare

Healthcare Authentication Insurance Policies

The Perfect and Continuous Storm: Understanding the Cyber Implications of the Regulatory Governance For Security Advisors

CTOvision

OCTOBER 21, 2015

Founder and Chief Security Strategist at eSentire Eldon Sprickerhoff recently penned a blog post titled " The Perfect Storm: Understanding the Implications of the Regulatory Governance Spotlight." This is a field we encourage all technology professionals to track, even if your current duties are far from the investment advice world.

CTO Coach

CTO Coach Government Firewall Compliance

Operate Efficiently and Securely: Rotating Prisma Cloud Access Keys

Prisma Clud

MAY 21, 2024

Ensuring appropriate access management is a critical component of any effective cloud security strategy. Prisma Cloud Access Keys are a secure way to enable programmatic access to the Prisma Cloud API, if you are setting up an external integration or automation. Take this real-world scenario, for example. Instead, they use access keys.

Cloud

Cloud Lambda AWS Azure

Why Finding the Perfect Provider Credentialing System is Crucial to Your Health Plan’s Operational Success?

Newgen Software

JULY 31, 2024

Members exercise due diligence by checking qualifications and experiences and gain deeper insights into ratings and reviews. In this blog, let’s explore how provider credentialing does more than ensuring compliance and how does an ideal system help enhance quality, creates significant value, and builds trust. First Things First!

Systems Review

Systems Review Software Review System Healthcare

The Compliance Connection: The Role Of Identity Governance

Sailpoint

APRIL 3, 2019

In January, France’s data regulator fined Google almost $60 million, the biggest penalty issued by a European agency and the first instance of Europe’s General Data Protection Regulation (GDPR) being exercised. It’s unlikely to be the last, though, as governments and individuals increasingly expect stronger data security and privacy policies.

Compliance

Compliance Government Survey IoT

Are You Ready for the Next Log4Shell? Tenable’s CSO and CIO Offer Their Advice

Tenable

DECEMBER 6, 2022

Tenable CIO Patricia Grant and CSO Robert Huber share insights and best practices to help IT and cybersecurity leaders and their teams weather the next cyber crisis of Log4j proportions. Now, the one-year anniversary of the earth-shaking Log4j event offers an opportunity to take stock and ponder key questions, such as: “What did we learn?”

Policies

Policies Software Exercises Organization

From Solar Sunrise to Solar Winds: The Questionable Value of Three Decades of Cybersecurity Advice

Haft of the Spear

FEBRUARY 8, 2021

While the Ware Report of 1970 codified the foundations of the computer security discipline, it was the President’s Commission on Critical Infrastructure Protection report of 1997 that expanded those requirements into recommendations for both discrete entities as well as the nascent communities that were growing in and around the Internet.

Policies

Policies Government Report Infrastructure

Cloud Security Alliance Federal Summit 5 May in DC

CTOvision

MAY 1, 2015

The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure and highly functional cloud computing environment. Presenting: Jim Reavis, CEO, Cloud Security Alliance. Cognitio has tracked and supported the CSA since the beginning.

Cloud

Cloud Compliance Government Architecture

What Is Vulnerability Management?

Kaseya

JANUARY 12, 2023

Vulnerability management is a process that enables organizations to identify, assess and prioritize security risks across their IT systems and develop plans to mitigate those risks. It is a critical component of any cybersecurity strategy. What is a vulnerability in cybersecurity? By then, the damage has been done.

Software Review

Software Review Hardware Systems Review Network

What high-performance IT teams look like today — and how to build one

CIO

AUGUST 20, 2024

CIOs should articulate a technology vision that includes agile principles around self-organization and other non-negotiables around security, data governance, reporting, deployment readiness, and other compliance areas.

Performance

Performance How To Culture Agile

Four Cloud Security Concerns (and How to Address Them)

Palo Alto Networks

MAY 16, 2019

Penetration tests are so out of date by the time they’re done that CISOs and their teams are left wondering if they actually gained anything from the exercise. But along with this transition comes new security concerns and a bit of fear to top it off. Terraform and Ansible are both great options for automating your security stack.

Cloud

Cloud How To Compliance Data Center

Myth #4: Real-Time Visibility Is Impossible

Firemon

OCTOBER 26, 2020

This is part 4 of a 4-part series addressing compliance myths and what you need to know about uniting compliance and security in a hybrid environment. With little to no visibility into their network, they fail to discover hidden threats that could lead to the next data breach or uncover compliance failures.

Compliance

Compliance Weak Development Team Policies eBook

Unity Catalog and the Well-Architected Lakehouse in Databricks

Perficient

AUGUST 31, 2024

Any migration exercise implies movement from a current to a future state. Security keeps the lights on. Pillar Four: Security, Compliance and Privacy This fourth pillar will be directly impacted by Unity Catalog around identity and access control. Reliability is what happens when the lights go off. Preferably automated.

Disaster Recovery

Disaster Recovery Artificial Inteligence Weak Development Team Machine Learning

Getting specific with GenAI: How to fine-tune large language models for highly specialized functions

CIO

JULY 24, 2024

Historically, such a migration would have been a multi-year, multi-million-dollar exercise. The path to balancing the demands of cost, accuracy, speed, and data security is filled with critical steps and considerations that need to be factored into the process. To learn more, visit us here.

Artificial Inteligence

Artificial Inteligence Off-The-Shelf Insurance How To

Avoid IT Heartbreak This Valentine’s Day With Ransomware Detection

Kaseya

FEBRUARY 10, 2023

Let’s patch things up Although the cornerstone of any security exercise is patching, many companies fail to implement a robust patch strategy. It supports fire-and-forget and risk-based patching for windows and macOS devices so you can sit back and secure all your endpoints on time.

Insurance

Insurance Systems Review Firewall Backup

Personal liability: A new trend in cybersecurity compliance?

Protecting content in the digital age: Navigating the evolving threat landscape in media publishing

Webinars

Trending Sources

Optimizing PCI compliance in financial institutions

Webinars

4 Elements That Balance Security and Resiliency

Cybersecurity Snapshot: 6 Best Practices for Implementing AI Securely and Ethically

Why Is It Necessary to Run Cybersecurity Evaluation Exercises?

The rising software supply chain threat: Mounting a unified defense

Stripe has laid off employees behind TaxJar, a tax compliance startup it acquired last year

Learning to Love Audit and Compliance - It’s Possible

Architect defense-in-depth security for generative AI applications using the OWASP Top 10 for LLMs

You’ve Achieved GDPR Compliance—Now What?

4 remedies to avoid cloud app migration headaches

Due diligence is ever more critical as the battle for cloud sovereignty intensifies

6 Reasons Financial Institutions Are Embracing Risk and Regulation Tactics

Ketch raises another $20M as demand grows for its privacy data control platform

Cybersecurity Snapshot: 6 Things That Matter Right Now

7 common IT training mistakes to avoid

Cybersecurity Snapshot: Curb Your Enthusiasm Over ChatGPT-type Tools at Work, Says U.K.’s NCSC

Automating compliance in software delivery

DEI MIA in new Meta AI advisory group

How to create an effective business continuity plan

From Solar Sunrise to Solar Winds: The Questionable Value of Two Decades of Cybersecurity Advice

The big speed bump on the road to GenAI

Why enterprise CIOs need to plan for Microsoft gen AI

OnPoint Insights: Taking Security Seriously – OnPoint, DCSA, and Protecting Our National Security

OnPoint Insights: Taking Security Seriously – OnPoint, DCSA, and Protecting Our National Security

Balancing Innovation and Governance: The CDO’s Dilemma

Due diligence is Ever More Critical as the Battle for Cloud Sovereignty Intensifies

2021 Cybersecurity Predictions for Europe, the Middle East and Africa

Patient Portal Puts a Spotlight on Secure Messaging

The Perfect and Continuous Storm: Understanding the Cyber Implications of the Regulatory Governance For Security Advisors

Operate Efficiently and Securely: Rotating Prisma Cloud Access Keys

Why Finding the Perfect Provider Credentialing System is Crucial to Your Health Plan’s Operational Success?

The Compliance Connection: The Role Of Identity Governance

Are You Ready for the Next Log4Shell? Tenable’s CSO and CIO Offer Their Advice

From Solar Sunrise to Solar Winds: The Questionable Value of Three Decades of Cybersecurity Advice

Cloud Security Alliance Federal Summit 5 May in DC

What Is Vulnerability Management?

What high-performance IT teams look like today — and how to build one

Four Cloud Security Concerns (and How to Address Them)

Myth #4: Real-Time Visibility Is Impossible

Unity Catalog and the Well-Architected Lakehouse in Databricks

Getting specific with GenAI: How to fine-tune large language models for highly specialized functions

Avoid IT Heartbreak This Valentine’s Day With Ransomware Detection

Stay Connected