Security news aggregator

Latest coverage for Compliance

Stay updated on the latest Compliance trends in infosec, ensuring your data practices meet legal and regulatory standards with our expert insights.

154 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Compliance in information security means following specific laws, standards, and regulations that govern how organizations protect sensitive data. These rules, such as GDPR, HIPAA, and PCI DSS, set requirements for data handling, access controls, encryption, and breach notification. Compliance frameworks often mandate regular audits and documented security practices to verify that organizations meet these requirements.

Meeting compliance obligations helps reduce risks like unauthorized data access, data leakage, and inadequate incident response. It also shapes security architecture by enforcing controls on data storage, transmission, and user privileges. For security teams, compliance drives the implementation of measurable safeguards and continuous monitoring, ensuring that security measures align with legal and industry expectations rather than relying solely on voluntary best practices.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 154 Filtered view

CEO David Primor Says AI Has Boosted Engineering Productivity up to ThreefoldCynomi CEO David Primor says AI has increased engineering productivity by up to threefold while the company develops autonomous security agents capable of generating remediation plans, managing compliance workflows and executing predefined security tasks with human oversight only when needed.

Mark McClain on Why Governance Is the Foundation for Managing Non-Human IdentitiesSailPoint CEO Mark McClain says AI agents should be governed through human identity policies rather than managed independently, arguing that credential visibility, access governance and regulatory compliance will become foundational as enterprises scale up AI adoption.

Threat Actor Silently Forwarded Sensitive Emails Matching Strategic TopicsGoogle says Chinese espionage group UNC6508 compromised REDCap environments at North American research institutions, deployed custom malware, stole credentials and covertly forwarded strategically relevant emails through abused compliance rules to support long-term intelligence collection.

AI Governance, Compliance and Workforce Challenges Top GovSec AgendaGovSec Summit USA 2026 explored how federal agencies are balancing AI adoption, regulatory complexity and national security priorities. Discussions centered on cyber resilience, AI governance, workforce challenges and public-private collaboration as critical pillars of modern government defense.

Policy as Code Turns Static Compliance Documents Into Enforceable, Auditable PolicyFor decades, policies, standards and procedures have anchored security and compliance governance. But static documents can no longer keep pace with dynamic regulations and frontier technology. Policy as Code transforms them into machine-readable, enforceable, continuously verifiable rules that drive real business decisions.

Bank Info Security 1 month, 2 weeks ago

CISA Town Halls Set Final Stage for CIRCIA Debate

June Meetings Could Shape Which Entities Must Report Cyber IncidentsThe Cybersecurity and Infrastructure Security Agency's June town halls will give critical infrastructure operators a final opportunity to influence how the agency defines covered entities, reportable incidents and compliance requirements before issuing long-awaited CIRCIA regulations.

Bank Info Security 1 month, 3 weeks ago

Everyone Suddenly Wants Claude's Audit Logs

27 Enterprises Integrate Claude's Compliance APIMore than two dozen enterprise security vendors, including Microsoft, CrowdStrike and Palo Alto Networks, have built integrations with Anthropic's Claude Compliance API, an interface the company launched months ago to give corporate security teams access to Claude activity data.

New White EOs Tighten Know Your Customer Rules While Easing Fintech OversightBoth the White House's recent executive orders deal with the financial services industry and discuss the importance of integrity and innovation in combatting fraud. But read them together and another picture emerges that could confuse seasoned fraud and compliance practitioners.

Josephine Wolff on Why Healthcare Must Scrutinize Cyber and AI CoverageHealthcare organizations face growing pressure to reassess cyber insurance policies as cyberattacks disrupt patient care and AI tools introduce new liability risks. Josephine Wolff of Tufts University discusses how exclusions, compliance demands and AI-related uncertainty shape insurance decisions.

Bank Info Security 2 months, 1 week ago

Global Push for Digital KYC Faces a Trust Problem

Portable KYC Remains Elusive Despite Digital Identity Growth in UAE, Europe, AsiaThe United Arab Emirates recently launched a national digital Know Your Customer platform under the oversight of the UAE Central Bank, aiming to standardize customer onboarding, streamline compliance checks and strengthen anti-money laundering enforcement.

Also: NY State Regs Test Resilience vs Compliance, OT Security Nears Breaking PointIn this week's panel, four ISMG editors explore the industry's response to Anthropic's Mythos AI breakthrough, whether tighter New York state cybersecurity rules are driving real resilience or simply compliance, and why operational technology security is fast becoming a critical frontline concern.

HHS OCR Director Says Cost of Inaction May Outweigh Compliance BurdensThe Trump administration has yet to decide whether to continue a proposed overhaul of the HIPAA Security Rule floated by its predecessor administration. But the nation's top federal enforcer of health regulation provided some insight into what regulators are thinking.

Bank Info Security 3 months, 4 weeks ago

Rethinking AML for Real-Time Payments

Datos Insights' Serpil Hall on Using Predictive AML Tools to Support ComplianceInstant payments are reshaping financial crime controls as speed and the irreversibility of transactions strain anti-money laundering compliance programs. While many assume real-time AML means faster processing, this approach can increase risk, said Serpil Hall, strategic advisor at Datos Insights.

Bank Info Security 4 months ago

OpenClaw Exposes Hidden Risks in Agentic AI

Attorney Jonathan Armstrong on Governance, Due Diligence and Shadow AI RiskThe OpenClaw incident highlights how experimental agentic AI tools can create hidden security and compliance risks. Attorney Jonathan Armstrong explains why CISOs must address shadow AI, strengthen oversight of developer experimentation and rethink how they assess AI vendor risk.

Bank Info Security 5 months ago

Is Your GRC Program Really Reducing Risk?

CISO Sean Atkinson on Moving From 'GRC Theater' to Continuous GRC EngineeringAs NIST, ISO, SOC 2, NIS2 and DORA expand compliance pressure, many organizations are optimizing for audit success instead of risk reduction. Sean Atkinson warns that “GRC theater” creates false confidence. Adversaries operate continuously and so should GRC engineering, he said.

Loading more headlines...