compliance
A humble proposal: The InfoSec CIA triad should be expanded
The inconsistent and incomplete definitions of essential properties in information security create confusion within the InfoSec community, gaps in security controls, and may …
Why an “all gas, no brakes” approach for AI use won’t work
Machine learning and generative AI are changing the way knowledge workers do their jobs. Every company is eager to be “an AI company,” but AI can often seem like a black box, …
Scaling penetration testing through smart automation
In this Help Net Security interview, Marko Simeonov, CEO of Plainsea, discusses how organizations can move beyond compliance-driven penetration testing toward a more …
eBay CISO on managing long-term cybersecurity planning and ROI
In this Help Net Security interview, Sean Embry, CISO at eBay, discusses key aspects of cybersecurity leadership. He shares insights on balancing long-term strategic planning …
The modern CISO is a cornerstone of organizational success
The chief information security officer (CISO) role has undergone a remarkable transformation, evolving from a purely technical position to a role that bridges business …
The future of data and AI: Seven trends shaping 2025 and beyond
In 2025, seven trends will shape the future of data and AI, offering advantages for those who see these changes not as challenges but as opportunities to innovate and excel.
Key steps to scaling automated compliance while maintaining security
In this Help Net Security interview, Vivek Agarwal, Privacy Program Manager at Meta Platforms, shares insights on strategies for reducing time to market, improving vendor …
With DORA approaching, financial institutions must strengthen their cyber resilience
The clock is ticking for financial institutions across the EU as the January 17, 2025, deadline for the Digital Operational Resilience Act (DORA) approaches. This regulation …
We must adjust expectations for the CISO role
Cybersecurity has become one of the most high-stakes facets of business operations in the past few years. The chief information security officer (CISO) role, once a …
Preventing data leakage in low-node/no-code environments
Low-code/no-code (LCNC) platforms enable application development by citizen developers, often generating “shadow engineering” projects that evade security oversight. While …
Strengthening security posture with comprehensive cybersecurity assessments
In this Help Net Security interview, Phani Dasari, CISO at HGS, discusses key aspects of cybersecurity assessments, including effective tools and methodologies, the role of AI …
Securing AI’s new frontier: Visibility, governance, and mitigating compliance risks
In this Help Net Security interview, Niv Braun, CEO at Noma Security, discusses the difficulties security teams face due to the fragmented nature of AI processes, tools, and …