Articles about compliance

Cloud adoption is at the heart of digital transformation, providing organizations with the agility and flexibility they need to stay competitive in today's rapidly changing marketplace.

A new report from Fortinet looks at the latest trends, challenges, and strategies shaping cloud security, include safeguarding sensitive data, ensuring regulatory compliance, and maintaining visibility and control across increasingly complex hybrid and multi-cloud environments.

Continue reading →

Newly released usage data from the O'Reilly online learning platform reveals that interest in AI-related skills has surged dramatically, with the most pronounced usage increases seen in topics like prompt engineering (456 percent increase), AI principles (386 percent increase), and generative AI (289 percent increase).

Use of content about GitHub Copilot has seen a dramatic increase too, by an impressive 471 percent, reflecting developers’ enthusiasm for tools that enhance productivity.

Continue reading →

Compliance automation software company Secureframe has launched its free Gap Assessment Tool to help service partners including MSPs, MSSPs, vCISOs, and IT security consultants identify gaps in security posture or compliance status.

It's designed to address a common challenge faced by IT service providers -- uncovering areas of non-compliance and potential risk while demonstrating value to clients.

Continue reading →

A new survey of over 200 CISOs across a wide range of industries in the United States reveals that many are unprepared for tough new regulations including the SEC's cybersecurity disclosure rules in the USA and the Digital Operational Resilience Act (DORA) in the EU.

The study from Onyxia Cyber shows 67 percent of CISOs report feeling unprepared for these new compliance regulations, while 52 percent admit to lacking sufficient knowledge about how to report cyberattacks to the government.

Continue reading →

Enterprise IT leaders are grappling with unprecedented challenges in data protection and governance, driven by the rapid adoption of cloud applications and generative AI, according to a new report.

The study from backup and recovery platform Keepit finds that although 70 percent of respondents report that their financial applications are covered by data protection strategies, a significant portion of other key systems and custom applications remain vulnerable.

Continue reading →

Artificial Intelligence is dramatically transforming the business landscape. It streamlines operations, provides critical insights, and empowers businesses to make data-driven decisions efficiently. Through machine learning, predictive analytics, and automation, AI assists in identifying trends, forecasting sales, and streamlining supply chains, leading to increased productivity and improved business outcomes. It isn't, unfortunately, without problems.

We talked to Matt Hillary, Vice President of Security and CISO at Drata, about the issues surrounding AI when it comes to critical security and compliance.

Continue reading →

The job of the CISO is becoming increasingly complex, with new rules around security and compliance, disclosure requirements following incidents, and more.

We spoke to John Morello, CTO of Gutsy, a company which was the first to apply process mining to security, to find out how things are changing and how CISOs should respond.

Continue reading →

For banks, know-your-customer (KYC) measures amount to 40 percent of all anti money laundering (AML) compliance costs, totaling $5.7 million each year. This sum is tiny, however, compared to what is paid for non-compliance. In 2022, global fines for inadequate AML grew by 50 percent, almost reaching $5 billion.

We spoke to Vaidotas Šedys, head of risk management at web intelligence platform Oxylabs, to discover that KYC-related challenges are not just faced by banks but are an issue for proxy and web scraping service providers too.

Continue reading →

A new report shows 246 percent boost in privacy requests since 2021 as consumers seek to clear personal data online.

The report from DataGrail shows Data Subject Requests (DSRs) -- formal requests made to a company by a person to access, delete or request not to sell/share the personal data that the company holds on them -- increased by 32 percent from 2022 to 2023.

Continue reading →

As numbers and severity of third-party breaches grow, companies are scrutinizing not just how they handle data, but how their vendors do as well. Trust management platform Vanta is launching a new addition to its Trust Center to allow enterprises to automate security questionnaires

Questionnaire Automation in Trust Centers uses Vanta AI to save time by generating suggested responses for security teams to review and approve, rather than starting from scratch each time. This will make it easier for enterprises to proactively and reactively demonstrate their security and compliance.

Continue reading →

A new report from Thales reveals that 43 percent of enterprises failed a compliance audit last year, with those companies 10 times more likely to suffer a data breach.

Based on a survey of almost 3,000 IT and security professionals it also finds that 93 percent of IT professionals believe security threats are increasing in volume or severity, a significant rise from 47 percent last year.

Continue reading →

Around half of organizations have experienced a significant increase in their audit budget expenditures due to poor IT asset inventory data.

Research carried out by YouGov for Oomnitza shows 56 percent of companies report that the data accuracy of their configuration management database (CMDB) is only 85 percent or less with insufficient levels of process automation.

Continue reading →

The Payment Card Industry Data Security Standard (PCI DSS) turns 20 next year and has remained largely unchanged during that time. But version 4.0, due to become mandatory from April 2024, will bring the standard bang up-to-date and usher in a number of big changes.

We spoke to Phil Robinson, principal consultant and QSA at Prism Infosec, to explore what's changing and how organizations can prepare to meet the new requirements.

Continue reading →

Just as cybersecurity threats are constantly evolving, so are the compliance regulations that organizations must follow. And as these regulations tighten so the risks of non-compliance become higher.

Cam Roberson, VP at Beachhead Solutions, a provider of cloud-managed PC and mobile device encryption, security, and data access control, sat down with us to discuss what enterprises need to know about the current state of cybersecurity compliance.

Continue reading →

Enterprises are dealing with ever greater volumes of data and that brings with it added risk as well as compliance issues and management costs.

In particular, it's important for security and compliance to be able to securely dispose of data that's no longer required. This is why data erasure specialist Blancco Technology Group is announcing a global collaboration with Lenovo to provide secure data erasure as part of the Lenovo ThinkShield security solution.

Continue reading →