A new report shows 90 percent of professionals surveyed report that complying with DORA, the NIS2 Directive, and/or the EU AI Act will impact their workload.

The study, from cloud-based risk and compliance platform AuditBoard, shows information security professionals feel the weight of compliance efforts most, with 38 percent expecting to be impacted to a great extent, compared to 29 percent of risk management professionals and 28 percent of IT professionals. Increased workloads could potentially lead to a greater risk of non-compliance as teams struggle to keep up with daily tasks.

Continue reading →

According to a new report from RegScale and The CISO Society, 94.2 percent of CISOs believe continuous controls monitoring (CCM) has the potential to significantly enhance both compliance and security outcomes.

As organizations struggle with manual workflows, data silos, and limited integrations, CCM provides an effective way to improve visibility, automate processes, and better align security and compliance efforts.

Continue reading →

The EU's Digital Operational Resilience Act (DORA) comes into force tomorrow (Jan 17th) but new research shows that 43 percent of the UK's financial organizations are set to miss the deadline for compliance, with 20 percent expecting to do so by at least four months.

Although the UK is outside the EU its strong financial ties with Europe mean firms operating in or interacting with EU markets will need to align with DORA standards to continue their business relationships.

Continue reading →

Cloud adoption is at the heart of digital transformation, providing organizations with the agility and flexibility they need to stay competitive in today's rapidly changing marketplace.

A new report from Fortinet looks at the latest trends, challenges, and strategies shaping cloud security, include safeguarding sensitive data, ensuring regulatory compliance, and maintaining visibility and control across increasingly complex hybrid and multi-cloud environments.

Continue reading →

Newly released usage data from the O'Reilly online learning platform reveals that interest in AI-related skills has surged dramatically, with the most pronounced usage increases seen in topics like prompt engineering (456 percent increase), AI principles (386 percent increase), and generative AI (289 percent increase).

Use of content about GitHub Copilot has seen a dramatic increase too, by an impressive 471 percent, reflecting developers’ enthusiasm for tools that enhance productivity.

Continue reading →

Compliance automation software company Secureframe has launched its free Gap Assessment Tool to help service partners including MSPs, MSSPs, vCISOs, and IT security consultants identify gaps in security posture or compliance status.

It's designed to address a common challenge faced by IT service providers -- uncovering areas of non-compliance and potential risk while demonstrating value to clients.

Continue reading →

A new survey of over 200 CISOs across a wide range of industries in the United States reveals that many are unprepared for tough new regulations including the SEC's cybersecurity disclosure rules in the USA and the Digital Operational Resilience Act (DORA) in the EU.

The study from Onyxia Cyber shows 67 percent of CISOs report feeling unprepared for these new compliance regulations, while 52 percent admit to lacking sufficient knowledge about how to report cyberattacks to the government.

Continue reading →

Enterprise IT leaders are grappling with unprecedented challenges in data protection and governance, driven by the rapid adoption of cloud applications and generative AI, according to a new report.

The study from backup and recovery platform Keepit finds that although 70 percent of respondents report that their financial applications are covered by data protection strategies, a significant portion of other key systems and custom applications remain vulnerable.

Continue reading →

Artificial Intelligence is dramatically transforming the business landscape. It streamlines operations, provides critical insights, and empowers businesses to make data-driven decisions efficiently. Through machine learning, predictive analytics, and automation, AI assists in identifying trends, forecasting sales, and streamlining supply chains, leading to increased productivity and improved business outcomes. It isn't, unfortunately, without problems.

We talked to Matt Hillary, Vice President of Security and CISO at Drata, about the issues surrounding AI when it comes to critical security and compliance.

Continue reading →

The job of the CISO is becoming increasingly complex, with new rules around security and compliance, disclosure requirements following incidents, and more.

We spoke to John Morello, CTO of Gutsy, a company which was the first to apply process mining to security, to find out how things are changing and how CISOs should respond.

Continue reading →

For banks, know-your-customer (KYC) measures amount to 40 percent of all anti money laundering (AML) compliance costs, totaling $5.7 million each year. This sum is tiny, however, compared to what is paid for non-compliance. In 2022, global fines for inadequate AML grew by 50 percent, almost reaching $5 billion.

We spoke to Vaidotas Šedys, head of risk management at web intelligence platform Oxylabs, to discover that KYC-related challenges are not just faced by banks but are an issue for proxy and web scraping service providers too.

Continue reading →

A new report shows 246 percent boost in privacy requests since 2021 as consumers seek to clear personal data online.

The report from DataGrail shows Data Subject Requests (DSRs) -- formal requests made to a company by a person to access, delete or request not to sell/share the personal data that the company holds on them -- increased by 32 percent from 2022 to 2023.

Continue reading →

As numbers and severity of third-party breaches grow, companies are scrutinizing not just how they handle data, but how their vendors do as well. Trust management platform Vanta is launching a new addition to its Trust Center to allow enterprises to automate security questionnaires

Questionnaire Automation in Trust Centers uses Vanta AI to save time by generating suggested responses for security teams to review and approve, rather than starting from scratch each time. This will make it easier for enterprises to proactively and reactively demonstrate their security and compliance.

Continue reading →

A new report from Thales reveals that 43 percent of enterprises failed a compliance audit last year, with those companies 10 times more likely to suffer a data breach.

Based on a survey of almost 3,000 IT and security professionals it also finds that 93 percent of IT professionals believe security threats are increasing in volume or severity, a significant rise from 47 percent last year.

Continue reading →

Around half of organizations have experienced a significant increase in their audit budget expenditures due to poor IT asset inventory data.

Research carried out by YouGov for Oomnitza shows 56 percent of companies report that the data accuracy of their configuration management database (CMDB) is only 85 percent or less with insufficient levels of process automation.

Continue reading →