risk management
Regulatory activity forces compliance leaders to spend more on GRC tools
Legal and compliance department investment in GRC (governance, risk, and compliance) tools will increase 50% by 2026, according to Gartner. Assurance leaders are seeking out …
Unimplemented controls could derail your ESG compliance efforts
Two-thirds of organizations have not implemented environmental, social and governance (ESG) controls, and 60% do not currently perform internal ESG audits, according to a …
Exploring the traits of effective chief audit executives
Chief audit executives (CAEs) have identified risk orientation, stakeholder management, and team leadership as the top three characteristics of the most effective individuals, …
Reinventing OT security for dynamic landscapes
From understanding the challenges of disparate OT protocols and the increasing convergence with IT to grappling with the monumental role of human error, our latest interview …
How CISOs break down complex security challenges
The role of the CISO has evolved into a critical position that encompasses many responsibilities aimed at safeguarding digital assets, preserving data integrity, and …
Navigating generative AI risks and regulatory challenges
The mass availability of generative AI, such as OpenAI’s ChatGPT and Google Bard, became a top concern for enterprise risk executives in the second quarter of 2023, according …
What to know about FedRAMP Rev. 5 Baselines
In this Help Net Security video, Kaus Phaltankar, CEO at Caveonix, discusses how the recent approval of the FedRAMP Rev. 5 Baselines is a significant step forward in the cloud …
US companies commit to safe, transparent AI development
Seven US artificial intelligence (AI) giants – Amazon, Anthropic, Google, Inflection, Meta, Microsoft, and OpenAI – have publicly committed to “help move …
Preparing health systems for cyber risks and insurance coverage
Our healthcare systems are at risk of infiltration by threat actors, potentially disrupting services, compromising sensitive data, and even jeopardizing patient outcomes. …
Why organizations should adopt a cloud cybersecurity framework
The cloud is the future of enterprise architecture. It’s economical (to a degree), it’s scalable, it’s flexible and – best of all – it’s someone else’s …
Organizations’ cyber resilience efforts fail to keep up with evolving threats
A steady increase in cyberattacks and evolving threat landscape are resulting in more organizations turning their attention to building long-term cyber resilience; however, …
Corporate boards pressure CISOs to step up risk mitigation efforts
While those working in InfoSec and GRC have high levels of confidence in their cyber/IT risk management systems, persistent problems may be making them less effective than …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility