75% of Firms Deploy Vulnerable Code Amid Pressure on CISOs, Report Finds
Checkmarx report warns that business pressure is among the reason security leaders let security compliance slip
Stay updated on the latest Compliance trends in infosec, ensuring your data practices meet legal and regulatory standards with our expert insights.
Search across headline titles and summaries.
Background for this topic.
Compliance in information security means following specific laws, standards, and regulations that govern how organizations protect sensitive data. These rules, such as GDPR, HIPAA, and PCI DSS, set requirements for data handling, access controls, encryption, and breach notification. Compliance frameworks often mandate regular audits and documented security practices to verify that organizations meet these requirements.
Meeting compliance obligations helps reduce risks like unauthorized data access, data leakage, and inadequate incident response. It also shapes security architecture by enforcing controls on data storage, transmission, and user privileges. For security teams, compliance drives the implementation of measurable safeguards and continuous monitoring, ensuring that security measures align with legal and industry expectations rather than relying solely on voluntary best practices.
Weekly headline count for the current query.
Checkmarx report warns that business pressure is among the reason security leaders let security compliance slip
Microsoft researchers warn of a large-scale phishing campaign using fake compliance emails to steal credentials, targeting 35,000 users across 13,000 organizations worldwide
UK firms face confluence of cyber-related risks in 2026, says Nardello & Co
Gartner predicts that two-fifths of organizations will suffer security and compliance incidents due to shadow AI by 2030
A Veeam survey found that 96% of financial services organizations believe their current levels of data resilience falls short of DORA compliance, citing major challenges
Regulatory compliance and data protection were the biggest cybersecurity challenges cited by UK financial organizations, according to a Bridewell survey
Google is set to roll out end-to-end encryption for all Gmail users, boosting security, compliance and data sovereignty efforts
Enisa identifies six sectors that it says must improve on NIS2 compliance
The EU’s DORA regulation is in effect as of January 17, with mixed evidence around compliance levels among financial firms
Compliance with the Digital Operational Resilience Act (DORA) has cost many businesses over €1 million, according to research from Rubrik
The UK's ICO has published its findings following a two-year trial of its Public Sector Approach, which aimed to improve data protection compliance and deter data breaches
Over a fifth of large UK businesses aren’t sure of their compliance responsibilities under the new NIS2 directive
A Veeam report found that businesses are prioritizing NIS2 compliance, with 95% of applicable firms diverting funds from other areas of the business
Increasingly complex regulations are stretching governance and compliance in organizations, warns the IAPP
The US-based facial recognition data company may even have to pay up to €5.1m in penalties for non-compliance
Australia’s data protection watchdog has decided to stop its investigation into US facial recognition company Clearview AI
The UK’s National Cyber Security Centre wants prospective auditors to check compliance with its Cyber Assessment Framework
The move follows a series of reported compliance failures and lack of progress in addressing publicly disclosed incidents
Infosecurity Europe research highlights significant challenges faced by organisations in staying up to speed with increasing compliance requirements
According to ISACA, two-thirds of professionals don’t fully understand the privacy regulations their organization needs to comply with