All Cybersecurity articles
-
PremiumHow compliance monitoring can create a stronger foundation for AI, emerging technologies
The era of artificial intelligence adoption is testing the old ways of doing compliance, underscoring the need for continuous monitoring. Compliance isn’t a one-and-done activity, but sometimes organizational incentives and goals fail to prioritize the importance of this.
-
ResourceWhite paper: Constructing a Cohesive Cybersecurity Foundation
The individual requirements for your security and risk operations are increasingly complex—and interconnected. Yet despite this increased interconnectivity, many organizations still manage their security operations (SecOps) and integrated risk management (IRM) functions in silos.
-
News BriefFCC teams up with CPPA to enforce privacy rules
In an effort to streamline the enforcement of California’s stringent privacy rules, the Federal Communications Commission has signed a memorandum of understanding (MOU) with the California Privacy Protection Agency.
-
News BriefUnisys, three other firms fined a combined $7M for underplaying damage from SolarWinds hack
Four current or former public companies will pay a total of nearly $7 million in fines to settle charges by the Securities and Exchange Commission that they underplayed or failed to disclose material information about how the SolarWinds Orion hack affected them.
-
PremiumKeys to a successful GenAI use policy: Clear roles, training, vendor management
For all the hype surrounding generative artificial intelligence, the technology has been met with a healthy skepticism in the compliance community. Compliance practitioners want to know: Is it safe? Can it be deployed ethically? Are the risks greater than the rewards? And what should an AI acceptable use policy contain?
-
News BriefNYDFS expects banks, firms to cut risks posed by AI, according to new guidance
New York financial institutions are expected to address cybersecurity risks posed by artificial intelligence, and new guidance from the New York Department of Financial Services is aimed at helping firms do just that.
-
PremiumPace of innovation will make EU AI Act hard to enforce, experts say
Concerns about how robustly European member states may enforce the EU AI Act, which took effect on Aug. 1, are divided between if regulators will take a “light touch” approach or a sledgehammer for noncompliance. One thing’s for sure, the pace of AI innovation will make enforcement very difficult.
-
News BriefGovernment contractor fined $307K after third-party hack compromised personal data
It was a double whammy of cybersecurity no-nos for a federal contractor hit with a data breach: The personal data of Medicare beneficiaries contained in unencrypted screenshots were allegedly compromised when their third-party vendor’s server was hacked.
-
WebcastCPE Webcast: Trust and Technology: Cyber compliance in finance
In today’s rapidly evolving digital landscape, the stakes are high–protecting customer data, ensuring operational resilience, and maintaining trust are critical considerations for regulated industries.
-
News BriefAmerican Water Works discloses probe into cybersecurity breach
American Water Works Company, which supplies drinking water and wastewater to 14 million customers, disclosed a breach of its computer networks and system due to a cybersecurity incident.
-
PremiumCompanies are slowing AI launches in Europe, some say European Union regulations are why
The European Union’s Digital Markets Act is forcing many Big Tech companies to postpone the launch of artificial intelligence-powered features, like Apple Intelligence, over user privacy and data security concerns.
-
News BriefT-Mobile reaches $31.5M settlement with FCC over multiple data breaches
T-Mobile, which experienced three huge data breaches in the past three years, agreed to pay $31.5 million in penalties and remediation for failing to protect millions of its customers’ personal information as part of a settlement with the Federal Communications Commission.
-
PremiumDeloitte survey: AI adoption raising concerns about trust, reputational damage, ethics
As the artificial intelligence boom sweeps into the business world, employees are increasingly concerned about ethics questions and data privacy, a new Deloitte survey found, leading them to increasingly lose trust in their organizations.
-
WebcastWebcast: Five automation trends to modernize InfoSec compliance
In this session, we’ll introduce a new approach to enterprise-wide program development and automation that can meet the modern complexity of businesses today.
-
News BriefCISA creates new portal for businesses to file cyber incident reports
The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency has created a new online portal for organizations to voluntarily report cybersecurity incidents, including ransomware attacks.
-
News BriefDOJ joins compliance officers in lawsuit over Georgia Tech cyber lapses
The Department of Justice joined a whistleblower lawsuit filed by two former Georgia Tech compliance officers who alleged that the institute violated the False Claims Act by knowingly failing to meet cybersecurity requirements in a Department of Defense contract.
-
PremiumHow are you keeping up? The adoption of AI in compliance
Artificial intelligence is rapidly transforming the business landscape, and this is especially true for anyone working in compliance. But while AI offers immense potential to streamline processes, enhance decision-making, and mitigate risks, it also introduces a new set of challenges that compliance professionals must navigate.
-
News BriefSEC orders Equiniti to pay $850K over alleged lax cybersecurity
Equiniti Trust Company has agreed to pay $850,000 to the Securities and Exchange Commission to settle allegations that its failed security measures allowed millions in client funds to be stolen in two cyber incidents.
-
PremiumSolarWinds partial dismissal casts doubt on SEC Cybersecurity Rule
A partial dismissal of charges levied by the Securities and Exchange Commission against Solarwinds has cast doubt about the breadth of the SEC's Cybersecurity Rule.
-
PremiumDORA set to enhance cyber resilience requirements for EU financial firms
The European Union’s Digital Operational Resilience Act, which is set to take effect next year, will require financial services firms to implement stronger measures to protect not only themselves from disruption caused by cyberattacks but also the sector as a whole.