Americas

Asia

Europe

  • United Kingdom

Oceania

Popular Topics

Topics

About

Policies

Our Network

More

HomeCompliance

Compliance

Compliance | News, how-tos, features, reviews, and videos

Jump to
Latest Articles Events Resources Podcasts
feature
Image

How a digital design firm navigated its SOC 2 audit

L+R's pursuit of SOC 2 certification was complicated by hardware inadequacies and its early adoption of AI, but a successful audit has provided security and business benefits.

By Alex Levin
28 Nov 202311 mins
CertificationsCompliance
feature
Image

Rise of the cyber CPA: What it means for CISOs

By Evan Schuman
27 Nov 20237 mins
CSO and CISOCompliance
news analysis
Image

Ransomware gang files SEC complaint against company that refused to negotiate

By Lucian Constantin
17 Nov 20234 mins
RansomwareComplianceCybercrime
feature

How US SEC legal actions put CISOs at risk and what to do about it

By Evan Schuman
16 Nov 20238 mins
CSO and CISOComplianceRisk Management
news

Generative AI could erode customer trust, half of business leaders say

By Michael Hill
08 Nov 20234 mins
CSO and CISOGenerative AICompliance
news

US launches “Shields Ready” campaign to secure critical infrastructure

By Michael Hill
08 Nov 20233 mins
GovernmentComplianceCritical Infrastructure
news

AuditBoard adds new AI and analytics capabilities for compliance and risk ma

By Shweta Sharma
18 Oct 20233 mins
Generative AIComplianceRisk Management
news

Vanta bakes generative AI into core security and compliance product

By Jon Gold
10 Oct 20233 mins
Generative AIComplianceRisk Management
news

Cybersecurity experts raise concerns over EU Cyber Resilience Act’s vulnerability disclosure requirements

By Michael Hill
03 Oct 20234 mins
RegulationComplianceVulnerabilities

Articles

news

Industry groups call for changes to EU Cyber Resiliency Act

Recommendations aim to improve cybersecurity and resilience while addressing key concerns about the current EU Cyber Resiliency Act proposal.

By Michael Hill
13 Jul 2023 6 mins
RegulationComplianceSecurity
news

TrustCloud adds new tools to automate GRC frameworks

The suite of new capabilities includes framework customization with AI, new APIs, and evidence-collection integrations.

By Shweta Sharma
06 Jul 2023 3 mins
IT Governance FrameworksCompliance
news analysis

Resilience at the core of the current and future Biden administration cybersecurity plans

The Biden administration's cybersecurity initiatives broadly aim to improve cybersecurity resilience, with recent regulations and other actions designed to foster a "defensible, resilient ecosystem."

By Cynthia Brumfield
05 Jul 2023 7 mins
GovernmentCompliance
news analysis

No consensus on creating a unified US cyber incident reporting framework

Comments submitted to CISA regarding its creation of cyber incident and ransom payment reporting requirements underscore how tough it will be for the agency to create a one-size-fits-all framework.

By Cynthia Brumfield
29 Jun 2023 10 mins
RegulationRansomwareCompliance
news

Vanta adds new SaaS capability to address growing concerns over vendor security

Vanta’s new offering aims to help customers streamline third-party security with automated workflows for vendor security reviews and compliance.

By Shweta Sharma
03 May 2023 3 mins
ComplianceRisk ManagementVendor Management
news

UK launches GovAssure cybersecurity scheme to protect government IT functions

Under new rules, all central government departments will have their cyber health reviewed annually, introducing key changes in how the government protects itself from cyberthreats.

By Michael Hill
21 Apr 2023 2 mins
GovernmentIT Governance FrameworksCompliance
news

UK NCSC fully launches Cyber Advisors to help SMEs meet cybersecurity standards

The Cyber Advisors program is ready to get to work with 20 accredited providers offering services to help businesses enhance baseline security posture.

By Michael Hill
18 Apr 2023 2 mins
IT SkillsIT SkillsIT Skills
news analysis

Battle could be brewing over new FCC data breach reporting rules

An expanded data breach definition and the telcos’ desire to link notifications to “concrete harm” are among the most controversial aspects of the proposed FCC data breach reporting rules.

By Cynthia Brumfield
11 Apr 2023 8 mins
RegulationData BreachCompliance
news

Obsidian launches new SaaS security and compliance tools

Obsidian’s multimodule security posture management offering comes with tools to secure SaaS interactions and ensure associated compliances.

By Shweta Sharma
05 Apr 2023 4 mins
ComplianceRisk ManagementSaaS
news

UK fines TikTok $15.8 million for GDPR violation of children’s privacy

Chinese-owned social media sensation TikTok has been fined almost $16 million for violating provisions of the UK’s General Data Protection Regulation.

By Jon Gold
04 Apr 2023 3 mins
RegulationData PrivacyCompliance
news analysis

UK Data Protection and Digital Information Bill introduced in Parliament

Bill seeks to help UK businesses take advantage of post-Brexit data sharing and protection opportunities. Experts say divergence from EU GDPR only increases compliance complexity and cost.

By Michael Hill
08 Mar 2023 5 mins
RegulationData PrivacyCompliance
opinion

Software liability reform is liable to push us off a cliff

Regulatory mandates for software security like those in the Biden Administration's National Cybersecurity Strategy could cause more problems than they solve.

By Andy Ellis
02 Mar 2023 6 mins
Application SecurityComplianceOpen Source
View all

Resources

whitepaper

The shift to a security approach for the full application stack

This whitepaper discusses how technologists can optimize security for modern application stacks.

The post The shift to a security approach for the full application stack appeared first on Whitepaper Repository.

By WWT & AppDynamics
05 May 2023
Application Performance ManagementEmerging TechnologyIT Management
Image
View all

Video on demand

video

Aligning security, compliance and privacy across inventory tracking

Brad Wells, Executive Director, Information Security, and Kandice Samuelson, Senior Director, IT Governance at PPD lead a team enhancing PPD’s inventory tracking system that identifies PPD's most valuable assets. Join us to learn how they distribute security resources for appropriate levels of protection, maintain compliance with government regulations and industry standards, and leverage information security controls aligned with client requirements, industry frameworks and privacy regulations.

28 May 2021 20 mins
ComplianceData and Information SecurityPrivacy
    See all videos

    Explore a topic

    Show me more

    news

    GE investigates alleged data breach into confidential projects: Report

    By Shweta Sharma
    27 Nov 20233 mins
    Data Breach
    Image
    opinion

    A year after ChatGPT’s debut, is GenAI a boon or the bane of the CISO’s existence?

    By Christopher Burgess
    27 Nov 20236 mins
    Generative AIData and Information SecuritySecurity Practices
    Image
    feature

    Cybersecurity startups to watch in 2023

    By CSO Staff
    24 Nov 202323 mins
    CSO and CISOSecurity
    Image
    podcast

    CSO Executive Sessions Australia with Sunil Sale, CISO at MinterEllison

    20 Nov 202315 mins
    CSO and CISO
    Image
    podcast

    CSO Executive Sessions Australia with Robbie Whittome, CISO at Curtin University

    16 Oct 202315 mins
    CSO and CISO
    Image
    podcast

    CSO Executive Sessions / ASEAN: Cisco's Anthony Grieco on opportunities in Southeast Asia's cybersecurity landscape

    10 Oct 202316 mins
    CSO and CISO
    Image
    video

    CSO Executive Sessions Australia with Sunil Sale, CISO at MinterEllison

    20 Nov 202315 mins
    CSO and CISO
    Image
    video

    AI and Cybersecurity: Speed Bumps, Training, and Communication

    06 Nov 202317 mins
    CyberattacksGenerative AI
    Image
    video

    CSO Executive Sessions Australia with Robbie Whittome

    16 Oct 202315 mins
    CSO and CISO
    Image