Compliance

EU's DORA regulation explained: New risk management requirements for financial firms

The proposed Digital Operational Resilience Act includes new incident response and third-party risk requirements for financial firms operating within the EU.

By Dan Swinhoe

08 Aug 20247 mins

ComplianceRisk ManagementSecurity

Articles

AuditBoard adds new AI and analytics capabilities for compliance and risk ma

With the new AI algorithms, organizations will be able to streamline audit workflows and automate various risk management and compliance programs.

By Shweta Sharma

18 Oct 2023 3 mins

Generative AIComplianceRisk Management

Vanta bakes generative AI into core security and compliance product

New generative AI capabilities are coming to security and compliance vendor Vanta’s main platform, adding a layer of automation to compliance tasks.

By Jon Gold

10 Oct 2023 3 mins

Generative AIComplianceRisk Management

Cybersecurity experts raise concerns over EU Cyber Resilience Act’s vulnerability disclosure requirements

Open letter claims current provisions will create new threats that undermine the security of digital products and individuals.

By Michael Hill

03 Oct 2023 4 mins

RegulationComplianceVulnerabilities

Online Safety Bill passes final parliament debate, set to become UK law

Despite widespread criticism and scrutiny, the UK government is within touching distance of delivering its controversial new internet safety rules.

By Michael Hill

20 Sep 2023 3 mins

EncryptionCompliancePrivacy

Verizon's $4 million settlement with the US DOJ signals stepped-up action by the Justice Department's Civil Cyber-Fraud initiative.

By Cynthia Brumfield

18 Sep 2023 7 mins

RegulationComplianceSecurity Practices

UK NCSC, ICO sign cybersecurity Memorandum of Understanding

The MoU sets out plans for the development of cybersecurity standards and guidance as well as improving the cybersecurity of organisations.

By Michael Hill

13 Sep 2023 6 mins

RegulationGovernmentCompliance

Security and privacy laws, regulations, and compliance: The complete guide

This handy directory provides summaries and links to the full text of each security or privacy law and regulation.

By CSO Staff

12 Sep 2023 49 mins

RegulationComplianceSecurity

NIST releases Cybersecurity Framework 2.0 draft

NIST seeks comments ahead of the 2024 release of CSF 2.0, which aims to appeal to a broader range of organizations while elevating the importance of corporate governance and more fully addressing supply chain security.

By Cynthia Brumfield

12 Sep 2023 7 mins

ComplianceCritical InfrastructureRisk Management

How financial institutions can reduce security and other risks from MRAs

Here's advice on avoiding breakdowns or inadequacies in a US financial institution's security and privacy policies and procedures that can trigger a matter requiring attention notice.

By Perry Menezes, Partner/MD, Head, Financial Services, MorganFranklin Consulting; Ahsan Sheikh, CISRO, US Financial Services; Thomas Kartanowicz, CISO Europe and Americas, Global Financial Services Firm; Marco Maiurano, CISO, Large US Financial Services Firm; John Rogers, Global CISO, FinTech Firm; Paul Moreira, Global German Bank, Regional Head, Cyber, BCM, VRM, Operational resilience

29 Aug 2023 10 mins

Financial Services IndustryComplianceRisk Management

Dope Security wants to help CISOs get a handle on shadow IT

Dope's new Extended Shadow IT capability is aimed at cybersecurity and IT teams that want to better track data used by applications and devices that they have not vetted or approved.

By Shweta Sharma

23 Aug 2023 3 mins

Data PrivacyComplianceData and Information Security

New SEC rules give companies four days to report cyber incidents

The new SEC rules also require registrants to report ransomware payments within 24 hours to report ransomware payments and to submit annual cyber risk management, strategy, and governance reports.

By Cynthia Brumfield

26 Jul 2023 11 mins

RegulationCompliance

Why and how CISOs should work with lawyers to address regulatory burdens

As the scope of cybersecurity related regulations grows, CISOs may need to partner more closely with legal teams to understand the changing requirements.

By Rosalyn Page

19 Jul 2023 11 mins

RegulationComplianceRisk Management

View all

Explore a topic

Show me more

How to ensure cybersecurity strategies align with the company’s risk tolerance

By Rosalyn Page

03 Sep 202410 mins

CSO and CISORisk Management

North Korean hackers actively exploited a critical Chromium zero-day

By Shweta Sharma

02 Sep 20243 mins

Zero-day vulnerability

Ransomware recovery: 8 steps to successfully restore from backup

By Maria Korolov

02 Sep 202417 mins

RansomwareMalwareBackup and Recovery

CSO Executive Sessions: Guardians of the Games – How to keep the Olympics and other major events cyber safe

07 Aug 202417 mins

CSO and CISO

CSO Executive Session India with Dr Susil Kumar Meher, Head Health IT, AIIMS (New Delhi)

17 Jul 202417 mins

CSO and CISO

CSO Executive Session India with Charanjit Bhatia, Head of Cybersecurity, COE, Bata Brands

08 Jul 202418 mins

CSO and CISO

CSO Executive Sessions: Guardians of the Games – How to keep the Olympics and other major events cyber safe

07 Aug 202417 mins

RansomwareZero TrustCloud Security

CSO Executive Session India with Dr Susil Kumar Meher, Head Health IT, AIIMS (New Delhi)

17 Jul 202417 mins

CSO and CISO

Cybersecurity Insights for Tech Leaders: Addressing Dynamic Threats and AI Risks with Resilience

10 Jul 202424 mins

CSO and CISO

EU's DORA regulation explained: New risk management requirements for financial firms

China takes steps to implement digital ID initiative

Understanding CISA's proposed cyber incident reporting rules

General Data Protection Regulation (GDPR): What you need to know to stay compliant

Rise of the cyber CPA: What it means for CISOs

Ransomware gang files SEC complaint against company that refused to negotiate

How US SEC legal actions put CISOs at risk and what to do about it

Generative AI could erode customer trust, half of business leaders say

US launches “Shields Ready” campaign to secure critical infrastructure

Articles

AuditBoard adds new AI and analytics capabilities for compliance and risk ma

Vanta bakes generative AI into core security and compliance product

Cybersecurity experts raise concerns over EU Cyber Resilience Act’s vulnerability disclosure requirements

Online Safety Bill passes final parliament debate, set to become UK law

Cyber-related False Claims actions are on the uptick

UK NCSC, ICO sign cybersecurity Memorandum of Understanding

Security and privacy laws, regulations, and compliance: The complete guide

NIST releases Cybersecurity Framework 2.0 draft

How financial institutions can reduce security and other risks from MRAs

Dope Security wants to help CISOs get a handle on shadow IT

New SEC rules give companies four days to report cyber incidents

Why and how CISOs should work with lawyers to address regulatory burdens

Resources

Best Practices in Cybersecurity and Cyber Resilience

Cyber resilience in the ransomware era

Unlock the power of AI and ML for data protection

Video on demand

Aligning security, compliance and privacy across inventory tracking

Explore a topic

Show me more

How to ensure cybersecurity strategies align with the company’s risk tolerance

North Korean hackers actively exploited a critical Chromium zero-day

Ransomware recovery: 8 steps to successfully restore from backup

CSO Executive Sessions: Guardians of the Games – How to keep the Olympics and other major events cyber safe

CSO Executive Session India with Dr Susil Kumar Meher, Head Health IT, AIIMS (New Delhi)

CSO Executive Session India with Charanjit Bhatia, Head of Cybersecurity, COE, Bata Brands

CSO Executive Sessions: Guardians of the Games – How to keep the Olympics and other major events cyber safe

CSO Executive Session India with Dr Susil Kumar Meher, Head Health IT, AIIMS (New Delhi)

Cybersecurity Insights for Tech Leaders: Addressing Dynamic Threats and AI Risks with Resilience