Collaborate Disseminate
In this Help Net Security interview, Vivek Agarwal, Privacy Program Manager at Meta Platforms, shares insights on strategies for reducing time to market, improving vendor onboarding, and updating privacy requirements to ensure compliance across third-p… Continue reading Key steps to scaling automated compliance while maintaining security
The best solutions allow you to minimize your IVR compliance burden. Learn how the right features eliminate complexity for agents. Continue reading If You Need IVR Compliance, Look for These 6 Features
The clock is ticking for financial institutions across the EU as the January 17, 2025, deadline for the Digital Operational Resilience Act (DORA) approaches. This regulation will reshape how organizations in the financial sector approach cybersecurity … Continue reading With DORA approaching, financial institutions must strengthen their cyber resilience
I happen to recall that CHACHA20 ciphers are not compliant with both NIST guidelines and FIPS/HIPAA standards. As used to be stated by htbridge.com SSL tests years ago. I just found similar information a similar note here and comments abou… Continue reading Why are CHACHA20 TLS ciphers not compliant with the NIST guidelines and FIPS/HIPAA standards?
Cybersecurity has become one of the most high-stakes facets of business operations in the past few years. The chief information security officer (CISO) role, once a back-office function primarily focused on technical oversight, has moved squarely into … Continue reading We must adjust expectations for the CISO role
Low-code/no-code (LCNC) platforms enable application development by citizen developers, often generating “shadow engineering” projects that evade security oversight. While LCNC solutions like Power BI reports and automated workflows foster agility and … Continue reading Preventing data leakage in low-node/no-code environments
In this Help Net Security interview, Phani Dasari, CISO at HGS, discusses key aspects of cybersecurity assessments, including effective tools and methodologies, the role of AI and automation, and strategies for aligning assessments with organizational … Continue reading Strengthening security posture with comprehensive cybersecurity assessments
For some reason, we never tire of stories highlighting critical infrastructure that’s running outdated software, and all the better if it’s running on outdated hardware. So when we learned that …read more Continue reading Hackaday Links: December 8, 2024
In this Help Net Security interview, Niv Braun, CEO at Noma Security, discusses the difficulties security teams face due to the fragmented nature of AI processes, tools, and teams across the data and AI lifecycle. Braun also shares insights on how orga… Continue reading Securing AI’s new frontier: Visibility, governance, and mitigating compliance risks
Are there any security compliance standards that explicitly require end-to-end encryption?
I recently encountered a service provider that used a third party for "secure" communication. The 3rd party MSP sold them a product that c… Continue reading Compliance Standards that require e2ee (end-to-end encryption)