Tenable Tackles AI Governance, Shadow AI Risks, Data Exposure
The Tenable One AI Exposure add-on discovers unsanctioned AI use in the organization and enforces policy compliance with approved tools.
Stay updated on the latest Compliance trends in infosec, ensuring your data practices meet legal and regulatory standards with our expert insights.
Search across headline titles and summaries.
Background for this topic.
Compliance in information security means following specific laws, standards, and regulations that govern how organizations protect sensitive data. These rules, such as GDPR, HIPAA, and PCI DSS, set requirements for data handling, access controls, encryption, and breach notification. Compliance frameworks often mandate regular audits and documented security practices to verify that organizations meet these requirements.
Meeting compliance obligations helps reduce risks like unauthorized data access, data leakage, and inadequate incident response. It also shapes security architecture by enforcing controls on data storage, transmission, and user privileges. For security teams, compliance drives the implementation of measurable safeguards and continuous monitoring, ensuring that security measures align with legal and industry expectations rather than relying solely on voluntary best practices.
The Tenable One AI Exposure add-on discovers unsanctioned AI use in the organization and enforces policy compliance with approved tools.
CISA Defends Director’s Use of AI Tool Despite Internal Compliance ReviewCybersecurity and Infrastructure Security Agency Acting Director Madhu Gottumukkala uploaded sensitive documents to ChatGPT under a temporary, approved exception, prompting internal alerts and reigniting concerns over the agency's AI governance and leadership judgement.
Revisions to 42 CFR Part 2 that go into effect soon to better align federal regulations for the confidentiality of substance use disorder records with HIPAA require entities to adjust their compliance programs. But the changes aren't easy, said attorney David Holtzman, founder of HITprivacy LLC.
AI agents are now executing regulated actions, reshaping how compliance controls actually work. Token Security explains why CISOs must rethink identity, access, and auditability as AI becomes a digital employee. [...]
How Consolidation Is Forcing CISOs and CIOs to Rethink Security ArchitectureFor more than a decade, enterprise security has relied on point solutions. Companies invested in separate tools - endpoint detection, firewalls, cloud security and IAM - each designed to address a specific threat or compliance requirement. But that approach is starting to break down.