compliance
GitHub’s new tool helps prevent costly open-source license violations
GitHub’s Open Source Program Office (OSPO) uses the new GitHub License Compliance feature, now in public preview, to manage thousands of open-source dependencies and …
Getting boards to fund ERM means speaking their currency
In this Help Net Security video, Greg Young, VP Cybersecurity and Corporate Development at TrendAI, explains how to build Enterprise Risk Management that a board will pay for. …
Healthcare leaders see a fatal cyber incident as inevitable
Healthcare practices run on a chain of outside vendors. An EMR system holds clinical records, a billing platform processes claims, a telehealth tool supports remote visits, …
Navigating SEC, NIS2, and DORA incident disclosure timelines under pressure
In this Help Net Security video, Rick Goud, Global Field CTO at Kiteworks, discusses how to handle SEC, NIS2, and DORA disclosure timelines during a security incident. He …
The checklist problem behind critical infrastructure cyber safety
An asset owner can meet major federal cyber compliance standards and still run equipment that lacks the engineering to withstand an attack or a failure. New research from …
Software supply chains are heading for a transparency test
Software supply chain visibility is becoming part of product security work as the EU Cyber Resilience Act (CRA) moves toward application in December 2027. ENISA’s SBOM …
EU Cybersecurity Act 2.0: When good regulation goes bad
Over recent years we’ve witnessed the EU becoming increasingly serious about cybersecurity. After years of watching high profile breaches, many resulting from supply chain …
Making the cloud prove it followed your privacy wishes
Companies that store personal data in cloud key-value databases should handle deletion requests by running the operation and confirming the job is complete. The people making …
Organizations can’t see much of their mobile AI activity
Organizations have limited visibility into AI activity on mobile devices despite security leaders expressing confidence in their AI governance, according to Lookout’s …
The modern-day business can learn a lot about risk from this year’s mega events
Every year brings its share of global events, but 2026 is proving to be a banner year for mega-scale entertainment. The year got off to a roaring start with the Winter …
Spotless compliance evidence can still hide a broken control
In this interview with Help Net Security, Marc Rubbinaccio, Head of Cybersecurity and Compliance at Secureframe, explains where security teams go wrong when preparing for CMMC …
EU organizations buckle under rising compliance pressure
Cybersecurity governance in the EU is shifting under expanding frameworks such as NIS2 and DORA, while AI raises new questions for security teams. What the future brings is …
Featured news
Resources
Don't miss
- July 2026 Patch Tuesday forecast: Is CVE tracking still practical?
- The open source library holding up your stack might have one maintainer
- Most data brokers won’t tell you what happened to your deletion request
- Microsoft is rewriting Windows patch guidance because of AI
- Extortion crew hijacks Microsoft 365 accounts via fake passkey setup