New CISA Guide Helps Agencies Adopt SASE For Zero Trust
New CISA guidance shows federal agencies how to use SASE to move from legacy TIC 2.0 to zero trust
Adoption of new technologies can alter an organisation’s attack surface, requiring security controls, testing, and risk management to change.
Search across headline titles and summaries.
Background for this topic.
Adoption is the extent to which people and organizations begin using a security technology, control, policy, or practice and incorporate it into routine work. In cybersecurity, adoption is more than purchasing or deploying a capability: it includes correct configuration, user participation, and continued use. Examples include enabling multifactor authentication, applying security patches, using secure coding practices, and collecting logs from systems that require monitoring.
Adoption matters because uneven or incomplete use leaves exploitable gaps. A partially deployed authentication control may protect some accounts while others remain exposed; delayed patch adoption can leave known vulnerabilities available to attackers; and missing or poorly configured logging can limit detection and investigation. Practitioners therefore assess coverage, exceptions, configuration quality, and whether controls operate as intended. Training, usable workflows, staged rollout, and measured policy compliance can improve adoption without encouraging insecure workarounds or unnecessary collection of personal data.
Weekly headline count for the current query.
New CISA guidance shows federal agencies how to use SASE to move from legacy TIC 2.0 to zero trust
SANS Institute study finds few SOCs have built AI into defined workflows, despite widespread adoption
Most dev teams use AI coding assistants but only 30% have full governance in place
The OWASP agentic AI security framework helps organizations assess governance maturity vs adoption and adjust governance as needed
Microsoft Detection and Response Team (DART) details how it has uncovered malicious AI applications as cyber criminals manipulate organizations adopting AI tools
Cybermindz warns that cybersecurity burnout is a growing risk, urging organizations to move beyond wellness initiatives and adopt a measurable, risk-based approach to workforce stress
UK firms plan higher cyber spending as AI adoption raises security concerns
Traditional network security tools are undermining data protection, with Forrester and Capital One Software research warning AI adoption is impossible without rethinking data security
ISACA report warns that while AI has become the norm, many organizations are yet to formally apply safety or security policies around its use
Despite the seemingly widespread adoption of AI for security operations, security leaders primarily use it for “relatively basic use cases,” said a Sumo Logic study
Gartner predicts 50% of organizations will adopt zero trust data governance by 2028
The financial sector should finalize its post-quantum cryptography transition circa 2034, G7 cyber experts said
The joint guidance is a welcome first step towards a common, global adoption of SBOMs, experts argued
A new report has mapped the tactical evolution of mule operators in the META region from VPNs to advanced fraud networks
Experts, including Allan Friedman, CISA's leading voice on SBOMs until July 2025, emphasized that AI BOMs should be standardized before being implemented
Abnormal AI found that 96% of security leaders have no plans to reduce the headcount in SOC teams as a result of AI adoption, instead focusing on reallocating roles
The latest report from AppOmni has revealed 91% confidence in SaaS security while 75% of organizations have faced incidents
NSA and CISA are urging developers to adopt memory safe languages (MSLs) to combat vulnerabilities in software
A joint advisory from the US, UK, Australia and others highlights the importance of SIEM/SOAR platforms and overcoming implementation challenges
The tech giant has released its second Secure Future Initiative (SFI) progress report, showcasing its ongoing efforts to improve cybersecurity