75% of Firms Deploy Vulnerable Code Amid Pressure on CISOs, Report Finds
Checkmarx report warns that business pressure is among the reason security leaders let security compliance slip
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Checkmarx report warns that business pressure is among the reason security leaders let security compliance slip
The acting CISO said that AI is reshaping how the service measures and tracks cyber compliance, moving it from a box-checking exercise to something nimbler and more substantive. The post Space Force official touts AI’s impact on cyber compliance appeared first on CyberScoop.
Attorney Jonathan Armstrong on Governance, Due Diligence and Shadow AI RiskThe OpenClaw incident highlights how experimental agentic AI tools can create hidden security and compliance risks. Attorney Jonathan Armstrong explains why CISOs must address shadow AI, strengthen oversight of developer experimentation and rethink how they assess AI vendor risk.
CISO Sean Atkinson on Moving From 'GRC Theater' to Continuous GRC EngineeringAs NIST, ISO, SOC 2, NIS2 and DORA expand compliance pressure, many organizations are optimizing for audit success instead of risk reduction. Sean Atkinson warns that “GRC theater” creates false confidence. Adversaries operate continuously and so should GRC engineering, he said.
UK Rollout to Link Arco's Cybersecurity Assurance With Sophos's Threat IntelligenceSophos acquired Arco to expand into cybersecurity assurance and compliance, launching a new CISO Advantage capability. The company plans a phased rollout starting in the U.K., integrating Arco’s risk and regulatory mapping platform with Sophos Central and its global threat intelligence operations.
How Consolidation Is Forcing CISOs and CIOs to Rethink Security ArchitectureFor more than a decade, enterprise security has relied on point solutions. Companies invested in separate tools - endpoint detection, firewalls, cloud security and IAM - each designed to address a specific threat or compliance requirement. But that approach is starting to break down.
AI agents are now executing regulated actions, reshaping how compliance controls actually work. Token Security explains why CISOs must rethink identity, access, and auditability as AI becomes a digital employee. [...]
How Consolidation Is Forcing CISOs and CIOs to Rethink Security ArchitectureFor more than a decade, enterprise security has relied on point solutions. Companies invested in separate tools - endpoint detection, firewalls, cloud security and IAM - each designed to address a specific threat or compliance requirement. But that approach is starting to break down.
Security professionals are moving on up the executive ranks as enterprises face rising regulatory and compliance standards.
Cyber Leaders Address AI Threats, Compliance Resilience, Zero TrustFrom AI‑driven fraud schemes to tightening regulations and identity threats, ISMG's New York Fraud Prevention and Financial Cybersecurity Summits brought together CISOs, investigators and risk leaders to share practical strategies for strengthening defenses and building true resilience.
OTsec Canada Chairman on Balancing Wellness, Collaboration and ComplianceOrganizations defending critical infrastructure must shift from compliance-focused strategies to holistic resilience. Ahead of the OTsec Canada Summit, Énergir CISO Martin Laberge outlines why people-first leadership and national coordination are essential for OT security resilience.
Car makers don’t trust blueprints. They smash prototypes into walls. Again and again. In controlled conditions
CISOs, Regulators, Innovators Unite to Strengthen Resilience in Financial ServicesThe London Financial Services Summit tackled today's most urgent issues, from AI-powered fraud and third-party risks to compliance mandate, equipping participants with insights to secure finance in an era of volatility and disruption.
CISOs know their field. They understand the threat landscape. They understand how to build a strong and cost-effective security stack. They understand how to staff out their organization. They understand the intricacies of compliance. They understand what it takes to reduce risk. Yet one question comes up again and again in our conversations with these security leaders: how do I make the impact
Gartner's Pete Redshaw on Why the CISO or CRO Should Take the LeadCybersecurity, IAM, fraud and compliance will converge across financial institutions in the next five to six years. This transformation will follow a phased path, beginning with data integration, followed by tool alignment and eventually team restructuring.
AI holds the promise to revolutionize all sectors of enterpriseーfrom fraud detection and content personalization to customer service and security operations. Yet, despite its potential, implementation often stalls behind a wall of security, legal, and compliance hurdles
AICD's Figueroa on Business-Focused Communication for Authentication ProgressModern phishing tactics now leverage voice, SMS and AI-powered impersonation, yet many Asia-Pacific organizations continue relying on vulnerable single-factor authentication, said Marco Figueroa, senior manager of cyber security, risk and compliance at the Australian Institute of Company Directors.
Attorney Jonathan Armstrong on AI Security, Legal Risks Related to EU AI ActAI regulation is evolving fast, and many businesses may already be violating key provisions without realizing it. Jonathan Armstrong, partner at Punter Southall Law, warns that companies may be using high-risk AI applications without security teams even knowing.
In this case study, a CISO helps a B2B marketing automation company straighten out its manual compliance process by automating it.