compliance
Half of red flags in third-party deals never reach compliance teams
Third-party risk management (TPRM) is compromised in many organizations because those holding the relationship with the third-party (relationship owners) don’t escalate red …
Compliance weighs heavily on security and GRC teams
Only 29% of all organizations say their compliance programs consistently meet internal and external standards, according to Swimlane. Their report reveals that fragmented …
Securing digital products under the Cyber Resilience Act
In this Help Net Security interview, Dr. Dag Flachet, co-founder at Codific, explains what the Cyber Resilience Act (CRA) means for companies and how it compares to GDPR in …
Strategic AI readiness for cybersecurity: From hype to reality
AI readiness in cybersecurity involves more than just possessing the latest tools and technologies; it is a strategic necessity. Many companies could encounter serious …
Organizations can’t afford to be non-compliant
Non-compliance can cost organizations 2.71 times more than maintaining compliance programs, according to Secureframe. That’s because non-compliance can result in business …
7 ways to get C-suite buy-in on that new cybersecurity tool
You’re in the middle of a sprint, juggling deadlines, debugging code, fine-tuning pipelines, and then it happens—you stumble across the perfect cybersecurity tool. It promises …
Moving beyond checkbox security for true resilience
In this Help Net Security interview, William Booth, director, ATT&CK Evaluations at MITRE, discusses how CISOs can integrate regulatory compliance with proactive risk …
Understanding the AI Act and its compliance challenges
In this Help Net Security interview, David Dumont, Partner at Hunton Andrews Kurth, discusses the implications of the EU AI Act and how organizations can leverage existing …
The compliance illusion: Why your company might be at risk despite passing audits
For many CISOs, compliance can feel like a necessary evil and a false sense of security. While frameworks like ISO 27001, SOC 2, and PCI DSS offer structured guidelines, they …
Avoiding vendor lock-in when using managed cloud security services
In this Help Net Security interview, Marina Segal, CEO at Tamnoon, discusses the most significant obstacles when implementing managed cloud security in hybrid and multi-cloud …
6 considerations for 2025 cybersecurity investment decisions
Cybersecurity professionals may be concerned about the constantly shifting threat landscape. From the increased use of artificial intelligence (AI) by malicious actors to the …
CISOs and boards see things differently
Splunk’s latest CISO Report reveals critical insights into cybersecurity priorities, threat trends, and strategies for resilience. In this Help Net Security video, Kirsty …
Featured news
Resources
Don't miss
- How agentic AI and non-human identities are transforming cybersecurity
- Even the best safeguards can’t stop LLMs from being fooled
- Wave of tech layoffs leads to more job scams
- PoC exploit for SysAid pre-auth RCE released, upgrade quickly!
- Actively exploited FreeType flaw fixed in Android (CVE-2025-27363)