Latest from todayopinionWhat CISOs need from the board: Mutual respect on expectationsCISOs shouldn’t be shy about what they need from the board, as organizations with mutual board-CISO understanding are better positioned to tackle cybersecurity challenges successfully.By David Gee26 Feb 20256 minsBusiness IT AlignmentCSO and CISOCompliance feature CISOs: Stop trying to do the lawyer’s jobBy Andrada Fiscutean10 Feb 202511 minsCSO and CISOComplianceLegalfeature CIOs and CISOs grapple with DORA: Key challenges, compliance complexitiesBy Patrizia Licata07 Feb 202513 minsCIOCSO and CISORegulation news analysis21% of CISOs pressured to not report compliance issuesBy John Leyden 06 Feb 20255 minsCSO and CISOComplianceRegulation featureCISOs’ top 12 cybersecurity priorities for 2025By Mary K. Pratt 27 Jan 20259 minsCloud SecurityComplianceIT Strategy opinionSecurity chiefs whose companies operate in the EU should be exploring DORA nowBy Christopher Burgess 22 Jan 20256 minsCSO and CISOGDPRRegulation news analysisMidsize firms universally behind in slog toward DORA complianceBy Julia Mutzbauer 20 Jan 20254 minsComplianceFinancial Services IndustryRegulation featureEU’s DORA could further strain cybersecurity skills gapBy John Leyden 17 Jan 20259 minsComplianceFinancial Services IndustryRegulation featureSEC rule confusion continues to put CISOs in a bind a year after a major revisionBy John Leyden 10 Jan 20256 minsBusiness IT AlignmentCSO and CISORegulation ArticlesfeatureThe 7 most in-demand cybersecurity skills todayEvolving IT strategies and emerging technologies and threats have organizations shuffling their cyber skills want lists, according to a recent survey of IT security managers conducted by ISC2.By Eric Frank 12 Dec 2024 11 minsApplication SecurityCloud SecurityCompliancefeatureWhat CISOs need to know about the SEC’s breach disclosure rulesSecurity leaders can face personal liability peril for security fails or misleading disclosures to the SEC and navigating the reporting guidelines is not always a straightforward task.By John Leyden 21 Nov 2024 7 minsCSO and CISOGovernmentRegulationfeature11 biggest financial sector cybersecurity threatsBanks, investment, and insurance firms can expect ransomware, DDoS, compliance, and AI to be their top risks.By John Leyden 20 Nov 2024 11 minsPhishingRansomwareRegulationnewsThe US Department of Defense has finalized cyber rules for its suppliers Stringent requirements on DoD contractors to comply with existing protections are expected to take effect by the end of the yearBy John P. Mello Jr. 08 Nov 2024 5 minsAerospace and Defense IndustryGovernmentRegulationnews analysisUS DoD finalizes CMMC cyber rules for suppliersThe Cybersecurity Maturity Model Certification (CMMC) is a US Department of Defense program outlining tough requirements for Defense Industrial Base contractors to ensure the protection of sensitive data. It is expected to take effect by year-end.By John P. Mello Jr. 15 Oct 2024 5 minsComplianceGovernment ITRegulationnewsStar Health Insurance CISO sold customer data, hacker claimsThe insurance firm’s CISO took $150,000 for selling 7.24 terabytes of data, according to the hacker who said the company’s senior management was involved in the data breach.By Gyana Swain 10 Oct 2024 4 minsComplianceData BreachSecurityfeatureEU’s DORA regulation explained: New risk management requirements for financial firmsThe proposed Digital Operational Resilience Act includes new incident response and third-party risk requirements for financial firms operating within the EU.By Dan Swinhoe 08 Aug 2024 7 minsComplianceRisk ManagementSecuritynewsChina takes steps to implement digital ID initiativeProposed policy will have both positive and not-so-positive consequences for any organization serving Chinese consumers: AnalystBy Paul Barker 30 Jul 2024 4 minsComplianceData PrivacyFederated Identitynews analysisUnderstanding CISA's proposed cyber incident reporting rulesCISA’s massive rulemaking will create the first US cyber incident and ransomware payment reporting mechanism that promises to radically overhaul the workloads of most cybersecurity professionals.By Cynthia Brumfield 17 Apr 2024 10 minsCyberattacksRansomwareRegulationfeatureGeneral Data Protection Regulation (GDPR): What you need to know to stay compliantGDPR is a regulation that requires businesses to protect the personal data and privacy of EU citizens for transactions that occur within EU member states. And non-compliance could cost companies dearly. Here’s what every company that does business in Europe needs to know about GDPR.By Michael Nadeau 04 Apr 2024 21 minsComplianceData and Information SecurityPrivacyfeatureWhy governance, risk, and compliance must be integrated with cybersecurityWith pressure from regulators, evolving threats and the need for stronger oversight, integrating cybersecurity risks into GRC programs requires alignment between both areas.By Rosalyn Page 29 Feb 2024 10 minsComplianceRisk ManagementnewsBigID adds access governance targeted at sensitive data and privilegesThe access governance capability can allow access risk visibility, attack surface reduction, access right management, zero-trust enforcement, and insider risk mitigation.By Shweta Sharma 15 Feb 2024 4 minsComplianceIT Governance Show more Show less View all Resources whitepaper Real-Time, All the Time: Fuelling AI success through a continuous data stream With AI dominating conversations everywhere, practitioners and executives are seeking answers: How to succeed with GenAI? Delivering on AI initiatives requires the right strategy, platform and data stack. The post Real-Time, All the Time: Fuelling AI success through a continuous data stream appeared first on Whitepaper Repository –. By StreamSets 26 Aug 2024Artificial IntelligenceData and Information SecurityData Management View all Video on demand videoAligning security, compliance and privacy across inventory trackingBrad Wells, Executive Director, Information Security, and Kandice Samuelson, Senior Director, IT Governance at PPD lead a team enhancing PPD’s inventory tracking system that identifies PPD’s most valuable assets. Join us to learn how they distribute security resources for appropriate levels of protection, maintain compliance with government regulations and industry standards, and leverage information security controls aligned with client requirements, industry frameworks and privacy regulations. 28 May 2021 20 minsComplianceData and Information SecurityPrivacy See all videos Explore a topic Application Security Business Continuity Business Operations Careers Cloud Security Critical Infrastructure Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management View all topics Show me morePopularArticlesPodcastsVideos news Linux, macOS users infected with malware posing as legitimate Go packages By Shweta Sharma 07 Mar 20253 mins MalwareSecurity feature 8 obstacles women still face when seeking a leadership role in IT By Christina Wood 07 Mar 20258 mins CareersIT Leadership feature What is risk management? Quantifying and mitigating uncertainty By Josh Fruhlinger 07 Mar 202510 mins IT Governance FrameworksIT LeadershipRisk Management podcast CSO Executive Sessions: How cybersecurity impacts company ratings – A fey factor for investors and consumers 12 Feb 202527 mins Security podcast CSO Executive Sessions: Guardians of the Games – How to keep the Olympics and other major events cyber safe 07 Aug 202417 mins CSO and CISO podcast CSO Executive Session India with Dr Susil Kumar Meher, Head Health IT, AIIMS (New Delhi) 17 Jul 202417 mins CSO and CISO video CSO Executive Sessions: How cybersecurity impacts company ratings – A fey factor for investors and consumers 12 Feb 202527 mins Security video CSO Executive Sessions: How should software solution providers keep themselves and their enterprise clients safe? 26 Jan 202518 mins Security video CSO Executive Sessions: Open Source Institute’s Eric Nguyen on supply chain risks to critical infrastructure (Part 2) 14 Nov 202415 mins Critical InfrastructureIT GovernanceSupply Chain