Security News

Loads of governance issues to worry about, and the chance it might spout utter garbage Microsoft has published a Transparency Note for Copilot for Microsoft 365, warning enterprises to ensure user...

67% of CISOs report feeling unprepared for these new compliance regulations, while 52% admit to needing more knowledge on reporting cyber attacks to the government. "As cyber threats escalate and regulations impose heavy penalties for non-compliance, it's imperative for CISOs to reassess and strengthen their security programs in a data-driven way. Our survey reveals critical industry benchmarks, highlighting areas of strength and significant gaps that need urgent attention," said Sivan Tehila, CEO of Onyxia.

Organizations need to perform regular user access reviews on applications in scope to determine who still has access, verify that they need continued access, and remove access from anyone who doesn't. Recent supply chain attacks have underscored the fact that the modern attack surface is the SaaS attack surface, which means organizations preparing for these certifications need to account for their organization's SaaS sprawl and shadow IT. The secret to simplifying user access reviews? Automation.

Legal, compliance and privacy leaders list strengthening their personal impact on company strategy as their top priority for 2024, according to Gartner. Improving third party risk management, and ensuring compliance programs can keep pace with fast-moving regulatory requirements are the top three priorities for this year.

If you're ready to learn how GRC software can enhance your business's risk and compliance operations, you've come to the right place. This article compares the top GRC tools available in 2024.

Cloud adoption is not slowing down, and neither is the cloud threat landscape. Despite delivering many goodies, API endpoints hosted in the cloud can be susceptible to at least 12 security issues.

85% of managed service and security providers face significant challenges maintaining compliance for customers, with lack of resources, expertise, or technology cited as the most common roadblocks to offering managed compliance, according to Apptega. While 80% of the surveyed providers provide some form of compliance offering, many only offer compliance in an advisory capacity and only 15% offer compliance primarily as a managed service.

Only 40% of organizations feel fully prepared to meet the compliance demands of rising cybersecurity regulations, according to a new Swimlane report. Organizations still feel unprepared for new...

The European Union's General Data Protection Regulation requires every business enterprise and public authority that collects personal data from EU customers and clients to protect that data from unauthorized access. Finding ideal candidates for the GDPR data protection compliance officer position will require thorough vetting, and potential candidates may be difficult to find.

File Integrity Monitoring (FIM) is an IT security control that monitors and detects file changes in computer systems. It helps organizations audit important files and system configurations by...