news analysisUS DoD finalizes CMMC cyber rules for suppliersThe Cybersecurity Maturity Model Certification (CMMC) is a US Department of Defense program outlining tough requirements for Defense Industrial Base contractors to ensure the protection of sensitive data. It is expected to take effect by year-end.By John P. Mello Jr.15 Oct 20245 minsGovernment ITRegulationSupply Chain news Star Health Insurance CISO sold customer data, hacker claimsBy Gyana Swain10 Oct 20244 minsData BreachComplianceSecurityfeature EU's DORA regulation explained: New risk management requirements for financial firmsBy Dan Swinhoe08 Aug 20247 minsComplianceRisk ManagementSecurity newsChina takes steps to implement digital ID initiativeBy Paul Barker 30 Jul 20244 minsFederated IdentityData PrivacyCompliance news analysisUnderstanding CISA's proposed cyber incident reporting rulesBy Cynthia Brumfield 17 Apr 202410 minsRegulationRansomwareCyberattacks featureGeneral Data Protection Regulation (GDPR): What you need to know to stay compliantBy Michael Nadeau 04 Apr 202421 minsComplianceData and Information SecurityPrivacy featureWhy governance, risk, and compliance must be integrated with cybersecurityBy Rosalyn Page 29 Feb 202410 minsComplianceRisk Management newsBigID adds access governance targeted at sensitive data and privilegesBy Shweta Sharma 15 Feb 20244 minsComplianceIT Governance featureCyber Trust Mark concept gains momentum with smart device and IoT manufacturersBy Chris Hughes 06 Feb 20249 minsSecurity HardwareComplianceSecurity Practices ArticlesfeatureNew risk management framework helps with SEC mandate complianceThe authors of the new Cyber Risk Management Program framework explain how it can set an organization up to better comply with SEC and other disclosure and reporting regulations.By Brian Allen and Brandon Bapst 04 Jan 2024 10 minsRegulationComplianceRisk ManagementfeatureHow the EU AI Act regulates artificial intelligence: What it means for cybersecurityCritical infrastructure and other high-risk organizations will need to do AI risk assessments and adhere to cybersecurity standards.By Andrada Fiscutean 13 Dec 2023 12 minsRegulationGenerative AICompliancefeatureThe SEC action against SolarWinds highlights how tough it can get for CISOsExamining what went wrong with SolarWinds’ handling of cyberattack reporting provides a cautionary tale for aspiring and incumbent security leaders alike.By Susan Bradley 12 Dec 2023 6 minsCSO and CISORegulationCyberattacksfeatureAccenture takes an industrialized approach to safeguarding its cloud controlsSecurity was once a hindrance for Accenture developers. But since centralizing the company's compliance controls, the process has never been simpler.By Aimee Chanthadavong 11 Dec 2023 8 minsApplication SecurityCloud SecurityCompliancefeatureHow a digital design firm navigated its SOC 2 auditL+R's pursuit of SOC 2 certification was complicated by hardware inadequacies and its early adoption of AI, but a successful audit has provided security and business benefits.By Alex Levin 28 Nov 2023 11 minsCertificationsCompliancefeatureRise of the cyber CPA: What it means for CISOsNew accountant certification rules starting January 2024 could deliver many new cybersecurity-trained accountants. Is this good or bad news for CISOs?By Evan Schuman 27 Nov 2023 7 minsCSO and CISOCompliancenews analysisRansomware gang files SEC complaint against company that refused to negotiateNew US Securities and Exchange Commission rules require reporting of breaches that are material, giving cyber extortionists a new tactic to coerce payments.By Lucian Constantin 17 Nov 2023 4 minsRansomwareComplianceCybercrimefeatureHow US SEC legal actions put CISOs at risk and what to do about itCISOs could find themselves in a painful Catch-22 situation when the US Securities and Exchange Commission’s new cybersecurity rules are enacted in December. By Evan Schuman 16 Nov 2023 8 minsCSO and CISOComplianceRisk ManagementnewsGenerative AI could erode customer trust, half of business leaders sayBusinesses leaders admit their company needs to improve security and compliance measures as demands of customers, investors, and suppliers increase.By Michael Hill 08 Nov 2023 4 minsCSO and CISOGenerative AICompliancenewsUS launches “Shields Ready” campaign to secure critical infrastructureShields Ready initiative outlines strategies for preparing critical infrastructure organizations for potential disruption and building more resilience into systems, facilities, and processes.By Michael Hill 08 Nov 2023 3 minsGovernmentComplianceCritical InfrastructurenewsAuditBoard adds new AI and analytics capabilities for compliance and risk maWith the new AI algorithms, organizations will be able to streamline audit workflows and automate various risk management and compliance programs.By Shweta Sharma 18 Oct 2023 3 minsGenerative AIComplianceRisk ManagementnewsVanta bakes generative AI into core security and compliance productNew generative AI capabilities are coming to security and compliance vendor Vanta’s main platform, adding a layer of automation to compliance tasks.By Jon Gold 10 Oct 2023 3 minsGenerative AIComplianceRisk Management Show more Show less View all Resources whitepaper Fax to the future: The key to digital transformation across industries Read this paper to learn more about: Securing information exchange Streamlining fax workflows Increasing costs savings and efficiency Supporting compliance and minimizing risk The post Fax to the future: The key to digital transformation across industries appeared first on Whitepaper Repository –. By OpenText 17 Oct 2024Business OperationsComplianceDigital Transformation whitepaper E-invoicing: A Must-Have for Cash Flow and to Remain Compliant By Vertex Inc 16 Sep 2024Business ContinuityComplianceIT Operations whitepaper E-invoicing: A Must-Have for Cash Flow and to Remain Compliant By Vertex Inc 16 Sep 2024Business ContinuityComplianceIT Operations View all Video on demand videoAligning security, compliance and privacy across inventory trackingBrad Wells, Executive Director, Information Security, and Kandice Samuelson, Senior Director, IT Governance at PPD lead a team enhancing PPD’s inventory tracking system that identifies PPD’s most valuable assets. Join us to learn how they distribute security resources for appropriate levels of protection, maintain compliance with government regulations and industry standards, and leverage information security controls aligned with client requirements, industry frameworks and privacy regulations. 28 May 2021 20 minsComplianceData and Information SecurityPrivacy See all videos Explore a topic Application Security Business Continuity Business Operations Careers Cloud Security Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management View all topics All topics Close Application Security Business Continuity Business Operations Careers Cloud Security Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security Security Infrastructure Software Development Vulnerabilities Generative AI Show me morePopularArticlesPodcastsVideos news Get details right to safely implement DANE in Exchange Online, warn experts By Howard Solomon 01 Nov 20244 mins Email Security how-to Download the AI in the Enterprise (for Real) Spotlight By CIO.com and InfoWorld contributors 01 Nov 20241 min Machine LearningIT GovernanceIT Leadership news analysis Nation state actors increasingly hide behind cybercriminal tactics and malware By Lucian Constantin 01 Nov 20248 mins Advanced Persistent ThreatsCyberattacksThreat and Vulnerability Management podcast CSO Executive Sessions: Guardians of the Games – How to keep the Olympics and other major events cyber safe 07 Aug 202417 mins CSO and CISO podcast CSO Executive Session India with Dr Susil Kumar Meher, Head Health IT, AIIMS (New Delhi) 17 Jul 202417 mins CSO and CISO podcast CSO Executive Session India with Charanjit Bhatia, Head of Cybersecurity, COE, Bata Brands 08 Jul 202418 mins CSO and CISO video CSO Executive Sessions: Standard Chartered’s Alvaro Garrido on cybersecurity in the financial services industry 23 Oct 202410 mins Financial Services IndustrySecurity video CSO Executive Sessions: New World Development’s Dicky Wong on securing critical infrastructure 16 Oct 202412 mins Critical InfrastructureSecurity video CSO Executive Sessions: DocDoc’s Rubaiyyaat Aakbar on security technology 12 Sep 202419 mins Healthcare IndustryArtificial IntelligenceSecurity