featureHow a digital design firm navigated its SOC 2 auditL+R's pursuit of SOC 2 certification was complicated by hardware inadequacies and its early adoption of AI, but a successful audit has provided security and business benefits.By Alex LevinNov 28, 202311 minsCertificationsCompliance feature Rise of the cyber CPA: What it means for CISOsBy Evan SchumanNov 27, 20237 minsCSO and CISOCSO and CISOC-Suitenews analysis Ransomware gang files SEC complaint against company that refused to negotiateBy Lucian ConstantinNov 17, 20234 minsRansomwareComplianceCybercrime featureHow US SEC legal actions put CISOs at risk and what to do about itBy Evan Schuman Nov 16, 20238 minsCSO and CISOComplianceRisk Management newsGenerative AI could erode customer trust, half of business leaders sayBy Michael Hill Nov 08, 20234 minsCSO and CISOGenerative AICompliance newsUS launches “Shields Ready” campaign to secure critical infrastructureBy Michael Hill Nov 08, 20233 minsGovernmentGovernmentGovernment newsAuditBoard adds new AI and analytics capabilities for compliance and risk maBy Shweta Sharma Oct 18, 20233 minsGenerative AIComplianceRisk Management newsVanta bakes generative AI into core security and compliance productBy Jon Gold Oct 10, 20233 minsGenerative AIComplianceRisk Management newsCybersecurity experts raise concerns over EU Cyber Resilience Act’s vulnerability disclosure requirementsBy Michael Hill Oct 03, 20234 minsRegulationComplianceVulnerabilities ArticlesnewsTrustCloud adds new tools to automate GRC frameworksThe suite of new capabilities includes framework customization with AI, new APIs, and evidence-collection integrations. By Shweta Sharma Jul 06, 2023 3 minsIT Governance FrameworksIT Governance FrameworksIT Governancenews analysisResilience at the core of the current and future Biden administration cybersecurity plans The Biden administration's cybersecurity initiatives broadly aim to improve cybersecurity resilience, with recent regulations and other actions designed to foster a "defensible, resilient ecosystem."By Cynthia Brumfield Jul 05, 2023 7 minsGovernmentCompliancenews analysisNo consensus on creating a unified US cyber incident reporting frameworkComments submitted to CISA regarding its creation of cyber incident and ransom payment reporting requirements underscore how tough it will be for the agency to create a one-size-fits-all framework.By Cynthia Brumfield Jun 29, 2023 10 minsRegulationRansomwareCompliancenewsVanta adds new SaaS capability to address growing concerns over vendor securityVanta’s new offering aims to help customers streamline third-party security with automated workflows for vendor security reviews and compliance. By Shweta Sharma May 03, 2023 3 minsVendor ManagementVendor ManagementVendor Managementnews analysisBattle could be brewing over new FCC data breach reporting rulesAn expanded data breach definition and the telcos’ desire to link notifications to “concrete harm” are among the most controversial aspects of the proposed FCC data breach reporting rules.By Cynthia Brumfield Apr 11, 2023 8 minsRegulationData BreachCompliancenewsObsidian launches new SaaS security and compliance toolsObsidian’s multimodule security posture management offering comes with tools to secure SaaS interactions and ensure associated compliances.By Shweta Sharma Apr 05, 2023 4 minsComplianceRisk ManagementSaaSnewsUK fines TikTok $15.8 million for GDPR violation of children’s privacyChinese-owned social media sensation TikTok has been fined almost $16 million for violating provisions of the UK’s General Data Protection Regulation.By Jon Gold Apr 04, 2023 3 minsRegulationData PrivacyComplianceopinionSoftware liability reform is liable to push us off a cliffRegulatory mandates for software security like those in the Biden Administration's National Cybersecurity Strategy could cause more problems than they solve.By Andy Ellis Mar 02, 2023 6 minsApplication SecurityComplianceOpen SourcenewsAt least one open source vulnerability found in 84% of code bases: ReportAlmost all applications contain at least some open source code, and 48% of all code bases examined by Synopsys researchers contained high-risk vulnerabilities.By Apurva Venkat Feb 23, 2023 4 minsComplianceComplianceCompliancenewsDNA Diagnostic Center fined $400,000 for 2021 data breachThe DNA testing lab said it was not even aware that the legacy databases existed in its systems at the time of the breach. By Apurva Venkat Feb 21, 2023 4 minsData BreachData BreachCyberattacksnewsEvolving cyberattacks, alert fatigue creating DFIR burnout, regulatory riskDigital forensics and incident response teams face increasing workloads amid evolving cyberattacks, recruiting and hiring challenges, and a lack of effective automation.By Michael Hill Feb 16, 2023 5 minsIncident ResponseIncident ResponseIncident ResponsenewsEuropean data protection authorities issue record EUR1.65 billion in GDPR finesDLA Piper’s GDPR and Data Breach survey shows a 50% increase in fines in the last 12 months. Data protection authorities turning their focus to artificial intelligence.By Michael Hill Jan 17, 2023 4 minsRegulationRegulationRegulation Show more Show less View all Resources whitepaper Automate to Accelerate: Overcoming Staffing and Compliance Challenges in Cyber Risk Management Eliminating unnecessary, time-consuming tasks can free up security departments and elevate them as advisors to the business. The post Automate to Accelerate: Overcoming Staffing and Compliance Challenges in Cyber Risk Management appeared first on Whitepaper Repository. By LogicGate 02 Nov 2023Application Performance ManagementComplianceSecurity whitepaper The Challenge of Software Compliance At-Scale By Puppet 31 Oct 2023Business OperationsComplianceDevops whitepaper Accelerate Secure Digital Transformation with Zero Trust Exchange: The one true zero trust platform By Zscaler 26 Oct 2023Business OperationsComplianceSecurity View all Video on demand videoAligning security, compliance and privacy across inventory trackingBrad Wells, Executive Director, Information Security, and Kandice Samuelson, Senior Director, IT Governance at PPD lead a team enhancing PPD’s inventory tracking system that identifies PPD's most valuable assets. Join us to learn how they distribute security resources for appropriate levels of protection, maintain compliance with government regulations and industry standards, and leverage information security controls aligned with client requirements, industry frameworks and privacy regulations. May 28, 2021 20 minsComplianceData and Information SecurityPrivacy See all videos Explore a topic Application Security Business Continuity Business Operations Careers Cloud Security Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security View all topics All topics Close Application Security Business Continuity Business Operations Careers Cloud Security Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security Security Infrastructure Software Development Vulnerabilities Generative AI Show me morePopularArticlesPodcastsVideos news analysis P2Pinfect Redis worm targets IoT with version for MIPS devices By Lucian Constantin Dec 04, 20235 mins BotnetsBotnetsBotnets news Hackers book profit by scamming Booking.com customers By Gagandeep Kaur Dec 04, 20234 mins Cyberattacks opinion Proactive, not reactive: the path to ensuring operational resilience in cybersecurity By Cameron Dicker Dec 04, 20236 mins Financial Services IndustryFinancial Services IndustryFinancial Services Industry podcast CSO Executive Sessions Australia with Sunil Sale, CISO at MinterEllison Nov 20, 202315 mins CSO and CISO podcast CSO Executive Sessions Australia with Robbie Whittome, CISO at Curtin University Oct 16, 202315 mins CSO and CISO podcast CSO Executive Sessions / ASEAN: Cisco's Anthony Grieco on opportunities in Southeast Asia's cybersecurity landscape Oct 10, 202316 mins CSO and CISO video CSO Executive Sessions Australia with Sunil Sale, CISO at MinterEllison Nov 20, 202315 mins CSO and CISO video AI and Cybersecurity: Speed Bumps, Training, and Communication Nov 06, 202317 mins CyberattacksGenerative AI video CSO Executive Sessions Australia with Robbie Whittome Oct 16, 202315 mins CSO and CISO