Collaborate Disseminate
For many CISOs, compliance can feel like a necessary evil and a false sense of security. While frameworks like ISO 27001, SOC 2, and PCI DSS offer structured guidelines, they don’t automatically equate to strong cybersecurity. The challenge? Many organ… Continue reading The compliance illusion: Why your company might be at risk despite passing audits
The Wall Street Journal is reporting that the CEO of a still unnamed company has been indicted for creating a fake auditing company to falsify security certifications in order to win government business.
Continue reading Justice Department Indicts Tech CEO for Falsifying Security Certifications
In this Help Net Security interview, Andrius Buinovskis, Head of Product at NordLayer, discusses how organizations can assess their compliance management and ensure they meet regulatory requirements. Buinovskis also addresses the challenges of managing… Continue reading Compliance management strategies for protecting data in complex regulatory environments
Scout Suite is an open-source, multi-cloud security auditing tool designed to assess the security posture of cloud environments. By leveraging the APIs provided by cloud vendors, Scout Suite collects and organizes configuration data, making it easier t… Continue reading Scout Suite: Open-source cloud security auditing tool
Over half of key stakeholders including audit committees, company boards, and chief financial officers are looking to internal audit teams to take on more risk-related work, according to AuditBoard. The study revealed that these expanding expectations … Continue reading Where internal audit teams are spending most of their time
From branded emails and marketing campaigns to critical protocols, internal portals, and internet traffic, domains are central to digital enterprise operations. They are constantly created for new assets and initiatives. In this Help Net Security video… Continue reading The key pillars of domain security
According to a recent Gartner survey, widespread GenAI adoption has resulted in a scramble to provide audit coverage for potential risks arising from the technology’s use. In this Help Net Security video, Thomas Teravainen, a Research Specialist … Continue reading AI risks under the auditor’s lens more than ever
Despite recent economic fluctuations, the software-as-a-service (SaaS) market isn’t letting up. The industry is set to grow annually by over 18% and be valued at $908.21 billion by 2030. It’s evident the industry is fueled by an increasing reliance on … Continue reading Debunking compliance myths in the digital era
In this Help Net Security interview, Kris Lovejoy, Global Security and Resilience Leader at Kyndryl, discusses the impact of the Digital Operational Resilience Act (DORA) on organizations across the EU, particularly in ICT risk management and cybersecu… Continue reading What organizations need to know about the Digital Operational Resilience Act (DORA)
In this Help Net Security interview, Robin Long, founder of Kiowa Security, shares insights on how best to approach the implementation of the ISO/IEC 27001 information security standard. Long advises organizations to establish a detailed project roadma… Continue reading Key strategies for ISO 27001 compliance adoption