Security news aggregator

Latest coverage for Compliance

Stay updated on the latest Compliance trends in infosec, ensuring your data practices meet legal and regulatory standards with our expert insights.

10 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Compliance in information security means following specific laws, standards, and regulations that govern how organizations protect sensitive data. These rules, such as GDPR, HIPAA, and PCI DSS, set requirements for data handling, access controls, encryption, and breach notification. Compliance frameworks often mandate regular audits and documented security practices to verify that organizations meet these requirements.

Meeting compliance obligations helps reduce risks like unauthorized data access, data leakage, and inadequate incident response. It also shapes security architecture by enforcing controls on data storage, transmission, and user privileges. For security teams, compliance drives the implementation of measurable safeguards and continuous monitoring, ensuring that security measures align with legal and industry expectations rather than relying solely on voluntary best practices.

Showing 10 most recent headlines Filtered view
Bank Info Security 1 year, 4 months ago

Balancing AI Ethics, Regulation and Compliance

EIT Oxford's Dr. Laura Gilbert on AI Accountability and Responsible AI AdoptionAI adoption demands a balance between ethics, regulation and compliance. Dr. Laura Gilbert, head of AI for government at EIT Oxford and Tony Blair Institute for Global Change, and AI expert advisor for the British government, discusses how AI can enhance decision-making in public and private sectors.

The Hacker News 1 year, 4 months ago

PCI DSS 4.0 Mandates DMARC By 31st March 2025

The payment card industry has set a critical deadline for businesses handling cardholder data or processing payments- by March 31, 2025, DMARC implementation will be mandatory! This requirement highlights the importance of preventative measures against email fraud, domain spoofing, and phishing in the financial space. This is not an optional requirement as non-compliance may result in monetary

For decades, Microsoft Exchange has been the backbone of business communications, powering emailing, scheduling and collaboration for organizations worldwide. Whether deployed on-premises or in hybrid environments, companies of all sizes rely on Exchange for seamless internal and external communication, often integrating it deeply with their workflows, compliance policies and security frameworks

Bank Info Security 1 year, 4 months ago

South Korea Keeps DeepSeek AI Chatbot Off App Stores

Regulators Cite Privacy Concerns Over DeepSeek's Data Collection PracticesThe Personal Information Protection Commission, South Korea's data protection regulator, has directed Chinese artificial intelligence company DeepSeek AI to withdraw its chatbot application from official app stores pending an inquiry into the chatbot's compliance with data protection rules.

DOJ Says Contractor Falsely Claimed to Meet Critical Cyber RequirementsA military health benefits administrator has agreed to pay $11.2 million to settle allegations that the company falsely certified compliance with cybersecurity requirements - including patch management - for three years in a contract with the U.S. Department of Defense.

The growing demand for cybersecurity and compliance services presents a great opportunity for Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs) to offer virtual Chief Information Security Officer (vCISO) services—delivering high-level cybersecurity leadership without the cost of a full-time hire

If this makes you feel sick, knowing this happened before ransomware actors started targeting medical info may help An alleged security SNAFU that occurred during the Obama administration has finally been settled under the second Trump administration.…

Think you're safe because you're compliant? Think again. Recent studies continue to highlight the concerning trend that compliance with major security frameworks does not necessarily prevent data breaches. Learn more from Pentera on how automated security validation bridges the security gaps. [...]

Bank Info Security 1 year, 5 months ago

Deepwatch Buys Dassana for Agentic AI, Exposure Management

Acquisition Boosts Speed With Agentic AI for Analysts and Automated Risk ReportingDeepwatch’s acquisition of Dassana enhances its security offerings with agentic AI and automated threat exposure management. CEO John DiLullo highlights benefits including automated compliance reporting, faster detection capabilities for customers, and rapid integration with existing MDR services.