This year marks the 10th anniversary of the EU’s adoption of the General Data Protection Regulation, which became mandatory for all companies beginning on May 25, 2018. The aim of the GDPR was simple, but important: to improve individuals’ control over their personal data. This regulation replaced Directive 95/46/EC with the clear purpose of unifying data…
Category: Compliance
AI, Compliance, Cybersecurity, Endpoint, Exploits, Global Security News, Risk Management
Mythos AI: What Security Leaders Should Do Next
The recent discussion around Anthropic’s Claude Mythos Preview and Project Glasswing has caught the attention of the cybersecurity industry for good reason. Mythos is not just another AI announcement. It is being positioned as a frontier model with advanced cybersecurity capability, particularly around finding and exploiting software vulnerabilities. Anthropic has stated that Project Glasswing is…
AI, Compliance, Global Security News
Nerdio Launches MSP 7.0 Amid Strong Microsoft 365 Growth
Cloud management solution provider Nerdio has announced record MSP growth and launched its new Nerdio Manager for MSP 7.0. The company grew its MSP user base by over 100% in 2025, spanning Microsoft 365, Windows 365, and Azure Virtual Desktop. Building scalable, cloud-first businesses According to Nerdio, its growth was driven by increasing demand from…
AI, Cloud Security, Compliance, Global Security News, privacy, Risk Management
New compliance guide available: ISO/IEC 42001:2023 on AWS
We have released our latest compliance guide, ISO/IEC 42001:2023 on AWS, which provides practical guidance for organizations designing and operating an Artificial Intelligence Management System (AIMS) using AWS services. As organizations deploy AI and generative AI workloads in the cloud, aligning with globally recognized standards such as ISO/IEC 42001:2023 becomes an important step toward strengthening…
AI, Apps, Compliance, Global Security News, Network Security, Risk Management
ServiceNow continues its AI transformation with an integrated experience
ServiceNow has unveiled updates to its workflow management platform advancing its redefinition of itself as the “AI control tower for business reinvention” at its Knowledge customer event this week. The AI Control Tower product itself, introduced at last year’s event, gets new integrations with Microsoft Azure, Amazon Web Services (AWS), Google Cloud Platform (GCP) and…
AI, Apps, Compliance, Global Security News, Risk Management
ServiceNow Pushes AI from Assistant to Operator
ServiceNow used its Knowledge 2026 conference to make a pretty direct case for where it thinks enterprise AI is headed. The company does not want AI sitting off to the side as a helpful assistant waiting to be called upon. It wants AI agents inside the systems where work actually happens, with enough governance to…
AI, Compliance, Global Security News, Government & Policy
UiPath adds agentic AI capabilities to Automation Suite for government agencies
UiPath has announced the release of agentic AI capabilities on UiPath Automation Suite. The Automation Suite updates help government agencies and regulated industries accelerate agentic AI and automation adoption and are designed to address strict data sovereignty and compliance requirements. These new capabilities empower agencies to deploy agentic AI within their own infrastructure using cloud-hosted…
AI, APAC, Compliance, Cybersecurity, Data Breaches, Endpoint, Global Security News, malware, Network Security, privacy, Risk Management
How CISOs Reduce Cyber Risk with MITRE ATT&CK
Nowadays CISOs face escalating threats that outpace traditional defenses. The strategy is evolving from compliance-driven checklists to a threat-informed approach. MITRE ATT&CK provides a globally accessible knowledge base of real-world adversary tactics, techniques, and procedures (TTPs), enabling organizations to understand, prioritize, and counter actual attacker behaviors rather than abstract controls. This shift helps align security efforts with business…
AI, Apps, Compliance, Cybersecurity, Data Breaches, Global Security News, Network Security, Risk Management
Train like you fight: Why cyber operations teams need no-notice drills
St. Michael’s Hospital in Toronto recently executed a full Code Orange simulation: A mass casualty emergency protocol requiring the activation of every clinical and operational team across the hospital. As a Level 1 trauma centre, it conducts large-scale exercises involving teams across the entire hospital: Emergency, surgery, communications, administration. The exercise is not a compliance…
AI, Compliance, Cybersecurity, Global Security News, Network Security, privacy
News alert: LuxSci launches HIPAA-compliant email platform for mid-size healthcare market
CAMBRIDGE, Mass., May 5, 2026, CyberNewswire—LuxSci, a leading provider of HIPAA compliant secure healthcare communications, today announced the launch of LuxSci Secure High Volume Email for mid-sized healthcare organizations, the industry’s trusted HIPPA-compliant email solution now packaged and priced for mid-size healthcare organizations. Regional health systems, health plans, specialty group practices, urgent care networks, and…
AI, Compliance, Global Security News
Microsoft Flags Mass Phishing Campaign Using Fake Compliance Emails
Microsoft researchers warn of a large-scale phishing campaign using fake compliance emails to steal credentials, targeting 35,000 users across 13,000 organizations worldwide
AI, Apps, Compliance, Global Security News, Network Security, Risk Management
Five ways to use Kiro and Amazon Q to strengthen your security posture
A Monday morning security alert flags unauthorized access attempts, security group misconfigurations, and AWS Identity and Access Management (IAM) policy violations. Your team needs answers fast. Security teams are using Kiro and Amazon Q Developer to handle repetitive tasks—scanning resources, drafting policies, and researching Common Vulnerabilities and Exposures (CVEs)—so engineers can focus on risk decisions…
AI, Apps, Compliance, Cybersecurity, Global Security News, Risk Management
Netrio Expands MSP Services with AI Advisory Practice
Netrio has launched a new AI advisory and transformation practice to help mid-market enterprises move artificial intelligence projects beyond experimentation and into measurable business use. The McKinney, Texas-based MSP said the new offering will support customers across AI evaluation, strategy, governance, deployment, and adoption. The practice is designed for organizations struggling with disconnected AI pilots,…
AI, Apps, Compliance, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Android Zero-Click RCE Vulnerability Enables Remote Shell Access
Google has released a patch for an Android vulnerability that allows remote code execution (RCE) without requiring any user interaction. The flaw could “… lead to remote (proximal/adjacent) code execution as the shell user with no additional execution privileges needed. User interaction is not needed for exploitation,” said Google in its security advisory. Inside the…
AI, Compliance, Global Security News, Risk Management
Download: Secure Foundations for AI Workloads on AWS
Center for Internet Security helps organizations deploy AI and high-performance compute environments from a trusted, hardened operating system baseline. CIS Hardened Images help teams reduce misconfiguration risk, support compliance efforts, and move faster in AWS. What are AI-optimized CIS Hardened Images CIS Hardened Images are secure, on-demand, scalable cloud images that help organizations deploy from…
AI, Compliance, Cybersecurity, Endpoint, Global Security News, Government & Policy, malware, Network Security, privacy, Risk Management
New Phishing Campaign Targets US with Credential Theft: What CISOs Need to Know
A new large-scale phishing campaign is targeting U.S. organizations with fake event invitations that lead to credential theft, OTP interception, or RMM tool installation. ANY.RUN researchers found that the campaign uses a repeatable phishing framework to create event-themed lure pages at scale. Some pages steal email credentials and OTP codes, while others deliver legitimate remote…
AI, Compliance, Global Security News
Microsoft: Phishing campaign used fake compliance notices to compromise employee accounts
Phishers have been using fake workplace compliance notices to try to trick Microsoft account owners into signing in via a fake sign-in page, says the company’s Defender Research team. The email campaign targeted more than 35,000 users across 13,000 organizations in 26 countries, but concentrated primarily on targets in the United States. Microsoft didn’t say…
AI, Compliance, Global Security News, Risk Management
JumpCloud Report Finds AI Agent Security Gaps Widening
JumpCloud, the IT management platform company, released its Agentic IAM Pulse Report on Tuesday, drawing on responses from 261 IT, security, and identity decision-makers at organizations with 200-2,500 employees across the United States and the United Kingdom. The findings reveal a widening gap between how aggressively companies are deploying AI agents and how little governance…
AI, Compliance, Global Security News, Network Security, Risk Management
Microsoft warns of global campaign stealing auth tokens from 35K users
Microsoft revealed a phishing campaign hitting 35,000 users in 26 countries, stealing login tokens via fake code-of-conduct emails and legit services. Microsoft disclosed a major phishing campaign that targeted over 35,000 users across 26 countries in mid-April 2026. Attackers used fake “code of conduct” emails sent through legitimate platforms to trick recipients into visiting bogus…
AI, Apps, Cloud Security, Compliance, Cybersecurity, Global Security News, Network Security, Risk Management
CISOs step up to the security workforce challenge
A robust cybersecurity program needs a range of skilled people, yet many CISOs continue to face an ongoing skills shortage — and the squeeze may only get worse as AI gains traction. Some 95% of cybersecurity practitioners and decision-makers noted at least one security skills gap at their organization, with almost 60% citing critical or significant…
AI, Apps, Cloud Security, Compliance, Endpoint, Global Security News, Network Security
Why most zero-trust architectures fail at the traffic layer
Zero trust has become one of the most widely adopted security models in enterprise environments. Organizations invest heavily in identity systems, access policies and modern security tooling. On paper, these environments look well-protected. Yet during incidents, a different reality often emerges. I have worked with organizations where zero-trust initiatives were fully implemented from an identity…
AI, Apps, Compliance, Global Security News, Risk Management
Agentic AI and the Evolution of Code Security in Modern Development
The rise of agentic artificial intelligence (AI) is fundamentally reshaping how software is developed, tested, and secured. In a recent discussion with Jeremy Katz, VP of Code Security at Sonar, key insights emerged about how AI-driven workflows are accelerating development while introducing new security challenges that organizations must address. Agentic Workflows in Modern Development Agentic…
Compliance, Global Security News
Cyber-Secure Philanthropy: Tech Infrastructure for Global Donations
Secure philanthropy needs hardened payments, API security, and compliance controls to protect global donations from fraud and attacks.
AI, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management
The fake IT worker problem CISOs can’t ignore
Hiring fake IT workers has been a growing problem in recent years — but it’s often a problem very few want to admit to. From Fortune 500 companies down to smaller organizations, remote hiring practices have been exploited to grant trusted access to individuals who are not who they claim to be creating an insider…
AI, Compliance, Data Security, Global Security News, Network Security, Risk Management
How CISOs should utilize data security posture management to inform risk
Every CISO eventually faces the same tension: You know your security program needs to mature, but the budget and headcount to do it all aren’t there. That tension is especially sharp when it comes to data security posture management (DSPM). Not every organization can afford, or even needs, the gold standard of DSPM deployment. Full-featured…
AI, Apps, Compliance, Global Security News, Government & Policy
Introducing Wallarm Middle East Cloud: Built for Data Residency Compliance
As API and AI adoption grows across the Middle East, so do the expectations around how data is handled. For many organizations operating in this region, it’s not just about securing applications. It’s about doing it in a way that keeps data in-country and aligned with local requirements. Today, we’re introducing the Wallarm Middle East…
AI, Compliance, Cybersecurity, Global Security News
Relying on LLMs is nearly impossible when AI vendors keep changing things
Over the years, enterprise IT execs have gotten frighteningly comfortable having little control or visibility over mission-critical apps, from SaaS to cloud and even cybersecurity. But generative AI (genAI) and agentic systems are taking that problem to a new extreme, with vendors able to dumb down a system IT is paying billions for without so…
AI, Cloud Security, Compliance, Cybersecurity, Global Security News, Risk Management
Announcing the ISO 31000:2018 Risk Management on AWS Compliance Guide
AWS Security Assurance Services is announcing the release of our latest compliance guide, ISO 31000:2018 Risk Management on AWS, which provides practical guidance for organizations establishing and operating a risk management program in AWS environments using ISO 31000:2018 principles. The guide explains how organizations can integrate AWS services into their risk management processes to support…
AI, Compliance, Cybersecurity, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Human-centric failures: Why BEC continues to work despite MFA
Business email compromise (BEC) is still thriving even in organizations that have implemented multi-factor authentication (MFA). As security professionals, we often assume that MFA is the silver bullet for email security, but real-world incidents suggest otherwise. Attackers exploit human behaviors, process gaps and operational blind spots that MFA alone cannot address. In many modern BEC…
AI, Compliance, Cybersecurity, Global Security News, Network Security, Risk Management
Managing OT risk at scale: Why OT cyber decisions are leadership decisions
The first time I approached an OT environment, I assumed that the strategies effective in IT cybersecurity would be equally applicable. I was wrong. The experience revealed a fundamental difference, highlighting the need for a distinct approach to OT cyber risk management. The mistake was not technical. It was conceptual. I was treating OT as…
AI, Compliance, Global Security News, Politics, privacy
Congress kicks the can down the road on surveillance law (again)
Congress extended a controversial surveillance law for 45 days on Thursday, hours before its latest expiration following an earlier extension. The Senate passed — then the House cleared — a 45-day extension of Section 702 of the Foreign Intelligence Surveillance Act, which authorizes warrantless surveillance of foreign targets. But those targets are sometimes communicating electronically…
AI, APAC, Compliance, Europe, Global Security News, Risk Management
AWS, Microsoft, & Google Cloud Converge Around AI-Led Growth
The “big three” hyperscalers, Amazon Web Services (AWS), Microsoft, and Google Cloud, have been especially active over the past 12 months, operating both as suppliers of in-demand data center capacity for AI model developers and as builders of their own models, services, and tools. While each has historically leaned into distinct strengths and target markets,…
AI, Apps, Compliance, Cybersecurity, Exploits, Global Security News, Government & Policy, malware, Network Security, Risk Management
How Criminals Created SMS Blasters to Fake Cellphone Towers and Hack Thousands of Phones in Canada
Canadian authorities have dismantled what appears to be one of the most technically sophisticated financially motivated telecom attacks publicly documented in North America after arresting three suspects accused of operating vehicle-mounted “SMS blaster” systems that impersonated legitimate cellular towers, induced nearby mobile devices into attaching to rogue infrastructure, delivered phishing messages to those devices—likely through…
AI, Apps, Compliance, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Cisco Introduces Model Provenance Kit to Strengthen AI Supply Chain Security
Organizations are rapidly adopting AI models, but many still lack visibility into where those models come from or how they’ve been modified along the way. Cisco is aiming to close that gap with the release of its open-source Model Provenance Kit, a tool designed to verify the origins of AI models and improve trust across…
AI, Compliance, Exploits, Global Security News
Everyone’s building AI agents. Almost nobody’s ready for what they do to identity.
Anthropic recently announced that it would not release Mythos, its most powerful AI model, to the public. The model discovered thousands of previously unknown software vulnerabilities — flaws that had sat undetected in major operating systems and web browsers for as long as nearly three decades. Anthropic said the model was too dangerous to deploy…
AI, Compliance, Data Breaches, Europe, Exploits, Global Security News, privacy, Risk Management
Meta accused of violating DSA by failing to safeguard minors
The European Commission accuses Meta of failing to protect children, allowing users under 13 on Instagram and Facebook, in breach of the DSA rules. The European Commission has accused Meta of violating child safety rules. Instagram and Facebook allegedly failed to prevent children under 13 from accessing their platforms. According to the Commission, Meta did…
AI, Compliance, Europe, Funding, Global Security News, Venture
Scaling up a tech startup in Europe is hard — ‘EU Inc.’ aims to help
Europe produces a large number of new tech startups each year – 28 crossed the $1 billion valuation mark in 2025 alone – yet few become global technology leaders. Many that do succeed look elsewhere to scale, particularly in the US. Founders point to multiple barriers to growing their business in the European Union (EU),…
AI, Compliance, Global Security News, Risk Management
Adaptive Security Leadership in an Expanding Threat Surface
Last week I joined fellow security leaders at CISO Inspire Summit North for a panel discussion on The Expanding Threat Surface: Adaptive Security Leadership for 2026 and Beyond. It was a timely discussion, because the challenge facing security leaders today is not simply more threats. It is more connections, more dependencies, and more complexity. Suppliers, SaaS, identities, automation…
AI, Compliance, Global Security News, Government & Policy, Risk Management
SAS Introduces AI Navigator, Enhances SAS Viya
SAS Innovate 2026 has kicked off in Grapevine, Texas, and the data and AI organization has made several key announcements to coincide with the large-scale event. SAS is now focused on the transition from experimentation to enterprise-scale AI, as AI is increasingly embedded in business processes and no longer operates solely as a tool. The…
AI, Apps, Cloud Security, Compliance, Cybersecurity, Data Security, Global Security News, Network Security, Risk Management
Netskope, Rubrik, Commvault Expand Google Cloud Security
At this year’s Google Cloud Next 2026 conference in Las Vegas, tech and cybersecurity companies across the channel unveiled their latest announcements spanning AI, security, infrastructure, and more. While artificial intelligence was firmly front and center, themes around enhanced cybersecurity, particularly AI guardrails and cyber resilience, emerged as equally important priorities. In this recap, we…
AI, Compliance, Europe, Global Security News, Politics, Risk Management
EU lawmakers fail to agree on watered-down AI Act, talks pushed to May
EU member states and the European Parliament failed to agree on changes that would have softened the bloc’s AI Act and pushed back its toughest enforcement deadlines. The talks ran for about 12 hours on Tuesday and ended without an agreement, Reuters reported, citing a Cypriot official who said it had not been possible to…
AI, Compliance, Global Security News
amazee.ai’s amazeeClaw simplifies production deployment of AI agents with regional control
amazee.ai has announced the launch of amazeeClaw, a managed OpenClaw hosting platform that enables developers and enterprises to deploy production-ready AI agents with data sovereignty and regional control without having to set up their own infrastructure. As adoption of AI agents and agentic automation accelerates, organizations are discovering that moving from prototype to production is…
AI, Apps, Compliance, Cybersecurity, Endpoint, Global Security News, malware, Network Security, Risk Management
Margin vs. Madness: Fixing MSSP Top 5 Operational Nightmares
Leading a managed security services provider has never been a comfortable job. And it isn’t now, though the demand for MSSPs has never been higher. The global threat landscape is expanding faster than most enterprise security teams can keep pace with, and organizations across every sector are turning to managed providers to fill the gap. For MSSP leaders, this…
AI, Apps, Cloud Security, Compliance, Cybersecurity, Data Breaches, Data Security, Endpoint, Global Security News, malware, Network Security, privacy, Risk Management
7 Best Network Security Tools to Use in 2026
This guide is for IT professionals, security teams, and business leaders looking to strengthen network defenses in 2026. It covers the best network security tools to protect data and help reduce overall organizational risk. Network security tools incorporate hardware and software technologies, methods, and policies to preserve network integrity and prevent potential breaches. These tools…
AI, Compliance, Cybersecurity, Global Security News, Government & Policy, Network Security, privacy
Best AI Deepfake and Scam Detection Tools for Security in 2026
This guide is for security professionals, IT teams, and anyone concerned about AI-driven fraud who wants to detect deepfakes and scams in 2026. It covers some of the best tools available to identify fake videos, audio, and synthetic content. You can fake a video. You can clone a voice. You can even generate a “live”…
AI, APAC, Apps, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security
6 Best Intrusion Detection & Prevention Systems in 2026
This guide is for IT leaders, security teams, and network administrators looking to strengthen threat detection and response in 2026. It covers the top intrusion detection and prevention systems (IDPS) and key features to consider when choosing the right solution. Network security is not just about keeping the bad guys out. It’s about having a…
AI, Cloud Security, Compliance, Cybersecurity, Data Breaches, Global Security News, Network Security, Risk Management, Venture
Infra + security: why more & more CISOs are starting to own infrastructure
Over the past year, I have started to see a growing trend that in more and more organizations, CISOs are taking ownership of infrastructure teams. Where CISOs aren’t directly taking over infrastructure teams, they are exerting more direct control over how infrastructure is designed and operated. Like many structural shifts in cybersecurity, this is developing…
Compliance, Global Security News
Modulus Labs Improves Global Payment Infrastructure Uptime with Datadog’s Centralized Monitoring and Security
Modulus Labs, Asia’s most versatile payment infrastructure for high-volume merchants and PayFacs, strengthens compliance, security, and uptime with centralized observability across PCI DSS–compliant cloud infrastructure
AI, Compliance, Global Security News, Network Security
Fleet hopes to be the MDM provider for the AI Era
Fleet, the independent, open-source, multi-platform MDM service, recently announced its new partner program for VARs and MSPs serving enterprise customers and recruited MobileIron co-founder Suresh Batchu to serve on the company’s board. With those moves in mind, I caught up with company CEO Mike McNeil to find out more about the Fleet’s plans. Given the company’s…
AI, Apps, Compliance, Global Security News, Network Security
Access control with IAM Identity Center session tags
As organizations expand their Amazon Web Services (AWS) footprint, managing secure, scalable, and cost-efficient access across multiple accounts becomes increasingly important. AWS IAM Identity Center offers a centralized, unified solution for managing workforce access to AWS accounts. It simplifies authentication, enhances security, and provides a seamless user sign-in experience to AWS services across diverse environments.…
AI, Compliance, Global Security News
GitLab Deepens Integration with Anthropic’s Claude Models to Accelerate Secure Software Development
COMPANY NEWS: AI agents in GitLab Duo Agent Platform can now call Anthropic’s newest Claude models, with every action governed by GitLab’s existing compliance, audit, and policy framework; no separate governance layer required. Enterprises can access Claude models, including the newly released Claude Opus 4.7, through GitLab via Google Cloud and AWS Bedrock to route…
AI, Compliance, Cybersecurity, Endpoint, Europe, Global Security News, Government & Policy, malware, privacy, Risk Management
Phishing-to-RMM Attacks: The Remote Access Blind Spot CISOs Can’t Ignore
CISOs are under pressure to prove that their security programs can detect threats early, reduce business risk, and support fast, confident response. But that becomes harder when attackers stop relying on obviously malicious tools. In recent phishing-to-RMM campaigns observed by ANY.RUN analysts, threat actors are using fake Microsoft, Adobe, and OneDrive pages to deliver legitimate…
AI, Compliance, Global Security News
LogicMonitor Adds AI-Driven Remediation to IT Platform
LogicMonitor is moving past the era of simple alerts. The tech company announced a massive expansion to its unified platform today, aiming to solve the “noise” problem that has plagued IT departments for years. By combining visibility, AI reasoning, and automated action, the company is pitching a new operating model where the system doesn’t just…
AI, Apps, Compliance, Endpoint, Exploits, Global Security News, Risk Management
6 Lessons Security Leaders Must Learn About AI and APIs
Most organizations treating AI security as a model problem are defending the wrong layer. Security teams filter prompts, patch jailbreaks, and tune model behavior, which is all necessary work, while the actual attack surface sits largely unexamined underneath. That surface is the API layer: the endpoints AI systems use to retrieve data, call tools, and…
AI, Apps, Compliance, Data Breaches, Global Security News, Network Security, privacy, Risk Management
Securing RAG pipelines in enterprise SaaS
In the enterprise SaaS space, AI agents are becoming an integral part of the SaaS product. To make these intelligent agents truly useful, they need contextual, customer-specific knowledge, something standard Large Language Models (LLMs), open source or otherwise, inherently lack since they are not trained on customer proprietary data. Retrieval-Augmented Generation (RAG) is the bridge…
AI, Apps, Compliance, Global Security News, Network Security, Risk Management
Stopping AiTM attacks: The defenses that actually work after authentication succeeds
The security industry has spent years building better authentication. Longer passwords, second factors, hardware tokens. And attackers responded by moving past authentication entirely. Adversary-in-the-middle (AiTM) phishing does not steal credentials and replay them. It sits between the user and the legitimate service, watches a real authentication succeed in real time, and walks away with the…
AI, Apps, Compliance, Global Security News
Microsoft, OpenAI change contract terms–again
Microsoft and OpenAI on Monday again revised their agreement, softening their exclusivity and revenue-sharing conditions in the process. These changes underscore how critical it is for enterprises to work with as many AI vendors as practical, given the leapfrogging performance stats as well as the constantly shifting alliances. Both OpenAI and Microsoft issued their own…
AI, Apps, Compliance, Cybersecurity, Data Breaches, Data Security, Endpoint, Europe, Global Security News, Government & Policy, malware, Network Security, privacy, Risk Management
Best Zero Trust Security Solutions in 2026
This guide is targeted toward IT and security teams looking to get more granular access control and reduce implicit trust across applications and systems in 2026. It introduces zero trust and top zero trust solutions. A presidential executive order mandating a zero trust strategy for federal agencies has raised the profile of the cybersecurity technology…
AI, APAC, Apps, Cloud Security, Compliance, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management
Optimize security operations through an AWS Security Hub POC
April 27, 2026: This post was first published in September 2025 when the enhanced AWS Security Hub was in public preview. It has since been updated to reflect the general availability of Security Hub. This revision also provides a more detailed, step-by-step framework for planning your POC. AWS Security Hub prioritizes your critical security issues…
AI, Compliance, Global Security News, Risk Management
Moovila CEO: MSPs Must Focus on ROI, Risk, and Reality in AI Adoption
Understanding the true business return has been a sticking point of managed service providers (MSPs) in the age of AI. Taking a look at any AI initiative involves understanding how much error an operation can tolerate and identifying opportunities to help customers operationalize AI before fully diving in. To break down how to evaluate AI…
AI, Compliance, Cybersecurity, Data Breaches, Endpoint, Global Security News, Network Security, Risk Management
Enterprise VPN Solutions Every Business Should Know in 2026
This guide is for IT leaders, security teams, and growing businesses that need secure remote access to corporate systems. It highlights the top enterprise VPN solutions in 2026 that protect data, control access, and support reliable connectivity. Think of your enterprise network as a busy airport. Every employee, device, and data packet is trying to…
AI, Apps, china, Compliance, Global Security News, Government & Policy
Chinese spy posed as researcher in spear-phishing campaign targeting NASA to steal defense software
A Chinese national posed as a U.S. researcher, tricking NASA staff in a phishing campaign to steal sensitive data tied to defense software and exports. A Chinese national ran a spear-phishing campaign by posing as a U.S. researcher and tricked NASA employees into sharing sensitive information. The NASA Office of Inspector General (OIG) and federal…
AI, Compliance, Global Security News, Government & Policy
Compliance by design in the age of AI
GUEST OPINION: There’s no denying Australia is moving fast on AI. Governments are launching AI offices, businesses are building new data centres to support AI workloads, and importantly, regulators are starting to ask tougher questions about how the technology is used. But alongside the excitement sits the reality: organisations can’t bolt compliance as an afterthought…
AI, Compliance, Global Security News
Compliance by design in the age of AI
Compliance by design in the age of AI. Guest Opinion coverage from iTWire.
AI, Apps, Compliance, Endpoint, Global Security News, privacy
Report: 60% of Enterprises Actively Deploying AI PCs
Building on previous IDC-commissioned AI PC research, AMD has debuted a new report displaying how enterprises are moving from evaluating AI PCs to active deployment. Nearly all enterprises are at least in the planning stage of AI PC adoption The report captures the growing momentum of AI PC adoption among organizations and what it means…
AI, Apps, Compliance, Global Security News, Network Security, privacy
Top 6 Remote Desktop Software Solutions Compared
Remote desktop software enables businesses and IT professionals to access and manage computers and devices from remote locations, ensuring seamless operations from anywhere. The most effective solutions offer features like unattended access, secure file transfer, multi-monitor support, cross-platform compatibility, and real-time collaboration. To help you find the best fit, we’ve compared the leading options on…
AI, Apps, Cloud Security, Compliance, Data Breaches, Exploits, Global Security News, Risk Management
AI is reshaping DevSecOps to bring security closer to the code
Artificial intelligence tools are revamping DevSecOps processes, enabling security and development teams to more effectively build safeguards into software products from the get-go. But AI’s impact on DevSecOps goes well beyond tooling and processes, altering the scope, skills, and strategies foundational to the discipline as well. “AI is fundamentally shifting DevSecOps from reactive validation to…
AI, Compliance, Global Security News, Risk Management
TLS Connect gives SMBs a right-sized automated tool to manage TLS certificates
GMO GlobalSign today launched TLS Connect, a Certificate Lifecycle Management (CLM) tool designed specifically for SMBs. TLS Connect automates public trust TLS certificate deployment and renewal, allowing SMBs to strengthen security, maintain regulatory compliance and reduce business risk. The introduction of TLS Connect comes on the heels of the first in a series of TLS…
AI, Compliance, Cybersecurity, Global Security News
25 open-source cybersecurity tools that don’t care about your budget
Regardless of the operating system you use, managing secrets, apps, cloud, compliance, and security operations can be overwhelming. The free, open-source tools presented in this article can help you detect threats, increase visibility, enforce controls, and investigate and respond to incidents throughout the development and operational lifecycle. Allama: Open-source AI security automation Allama is an…
AI, Compliance, Global Security News, Government & Policy, privacy, Risk Management
Meta, Roblox and TikTok claim to UK Parliament that their platforms are are not additive to children and that Australian under 16 ban will fail
The claim from Meta, Roblox and TikTok that Australia’s under-16 social media ban is “not really enforceable” has now moved from industry talking point to parliamentary record, following testimony before the UK’s Education Committee in April. But beneath the predictable pushback from Meta, TikTok and Roblox lies a more complex—and more uncomfortable—reality for policymakers on…
AI, Compliance, Data Breaches, Global Security News, privacy, Risk Management
New US House privacy bills raise hard questions about enterprise data collection
US House Republicans have introduced two major privacy proposals that would reshape how US companies collect, process, and retain consumer data: the SECURE Data Act for general consumer privacy and the GUARD Financial Data Act for financial institutions. The bills would create national standards for privacy and security practices while broadly preempting many state privacy…
AI, Compliance, Endpoint, Global Security News, Network Security, Risk Management
Protecting your secrets from tomorrow’s quantum risks
As outlined in the AWS post-quantum cryptography (PQC) migration plan, addressing the risk of harvest now, decrypt later (HNDL) attack is an important part of your post-quantum plan. Upgrading the client-side of your workloads to support quantum-resistant confidentiality is an important aspect of your side of the PQC shared responsibility model. Timelines to plan and…
AI, Compliance, Global Security News, Risk Management, Venture
Sage Expands Intacct Advisory and Debuts Sage HCM Solution
Accounting, finance, and HR technology provider Sage has announced two updates ahead of its annual Sage Future conference: the expansion of its Sage Intacct Advisory program and the launch of its Sage HCM solution. Both moves are positioned to streamline workflows, introduce more industry-specific capabilities, and help organizations better leverage AI across their operations. Scaling…
AI, Compliance, Global Security News, Risk Management
Microsoft Urges Partners to Operationalize Copilot, Agents
Microsoft’s tone around AI is starting to change. The emphasis now is on getting systems into production and keeping them running in a way businesses can manage. Microsoft pushes partners and customers toward the next frontier This sentiment is expanded upon in a recent blog from chief partner officer Nicole Dezen, who frames Microsoft’s next…
AI, APAC, Apps, Cloud Security, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, malware, Risk Management
Data Breaches, AI Expansion, and Cloud Security Define This Week’s Cyber Landscape in April 2026
Major Threats & Vulnerabilities Vulnerability Scoring and Exploitation Trends The NIST Adjusts Scoring Amid CVE Spike report highlights a 260%+ increase in CVE submissions since 2020. To manage the surge, NIST will prioritize high-impact vulnerabilities, potentially leaving many without full scoring data. Security teams must adapt to inconsistent vulnerability data and prepare for potential blind…
AI, Compliance, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
Inside agenteV2: How Brazilian Attackers Use Fake Court Summons to Steal Banking Credentials in Real Time
A new phishing campaign targeting Brazilian users demonstrates how modern financial malware has evolved from simple credential theft into full-scale, operator-driven fraud platforms. Disguised as a judicial summons, this campaign leverages social engineering, multi-stage malware delivery, and real-time remote access capabilities to compromise victims and actively assist attackers in financial theft. For organizations, the implications extend beyond individual users. Employees accessing corporate…
AI, Apps, Compliance, Endpoint, Europe, Global Security News, Risk Management
The Governance Gap: How the EU AI Act Makes API Security a Compliance Imperative
Your legal team just handed you a 400-page document and said “figure out compliance.” The EU AI Act is live, your organization falls under its scope, which is broader than many expect. Even non‑EU companies must comply if their AI systems are used, deployed, or produce effects within the European Union. In practice, that means that global organizations…
AI, Apps, Compliance, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management
Checkmarx Supply Chain Attack Exploits Docker Images and CI/CD Pipelines
A supply chain attack targeting Checkmarx tooling has exposed developer environments. Attackers pushed malicious Docker images and tampered extensions capable of stealing credentials and other sensitive data. This “… continues a dangerous trend that’s accelerated over the past month: CI/CD pipelines have become the new perimeter,” said Eli Woodward, Cyber Threat Intelligence Advisor at Team…
AI, Compliance, Exploits, Global Security News, Network Security, privacy, Risk Management
CVE-2026-28950: Apple Fixes iOS Flaw That Retained Deleted Notification Data
Apple has released security updates to address a Notification Services issue in iOS and iPadOS that could cause alerts marked for deletion to remain stored on a device. The fix was delivered in iOS 26.4.2 / iPadOS 26.4.2 and iOS 18.7.8 / iPadOS 18.7.8, where Apple says the problem was resolved through improved data redaction.…
AI, Compliance, Europe, Global Security News, privacy
GDPR works, but only where someone enforces it
A new measurement study of web tracking across ten countries offers a reality check for anyone working on privacy compliance. Researchers crawled the same set of globally popular websites from virtual machines located in Australia, Brazil, Canada, Germany, India, Singapore, South Africa, South Korea, Spain, and California. The results show that European privacy law does…
AI, china, Compliance, Data Security, Exploits, Global Security News, Government & Policy, privacy, Risk Management, Russia
House Republicans roll out national privacy bill
House Republicans unveiled on Wednesday Congress’ latest effort to tackle comprehensive digital privacy legislation for Americans. The Secure Data Act would allow consumers to opt out of data collection for individual businesses for the purposes of targeted advertising, selling to third parties or for use in automated decisionmaking. It would also require companies to inform…
AI, Cloud Security, Compliance, Cybersecurity, Endpoint, Exploits, Global Security News, Network Security, Risk Management
A technical walkthrough of multicloud full-stack security using AWS Security Hub Extended
Building on our recent announcement of AWS Security Hub Extended —our full-stack enterprise security offering — we want to show you how we’re simplifying security procurement and operations for your multicloud environments. Whether you’re a security architect evaluating solutions or a CISO looking to streamline vendor management, this post walks through the streamlined experience that…
AI, Compliance, Global Security News
Employment Hero AI unlocks new employment model targeting $12.6 billion in duplicated employment admin holding Australia back
New modelling shows businesses are paying $12.6 billion more than they should in employment administration Complex, manual HR processes are driving duplication, costing up to a quarter of an employee’s salary and dragging down productivity Despite Australian businesses spending $160 billion annually on compliance, hundreds of thousands of workers remain underpaid and over half of…
AI, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
News alert: BreachLock’s integrated attack validation platform debuts in Gartner AEV category
NEW YORK, Apr. 21, 2026, CyberNewswire—BreachLock, a global leader in offensive security, today announced it has been named a representative vendor in the 2026 Gartner Market Guide for Adversarial Exposure Validation. This recognition marks the first time BreachLock has been identified in the Adversarial Exposure Validation (AEV) category since launching its agentic AI-powered Adversarial Exposure Validation platform in 2025. Not only has the company gained recognition in the AEV market quickly, but BreachLock has also emerged as the only vendor offering adversarial exposure validation, Penetration Testing…
AI, Compliance, Cybersecurity, Global Security News
Top 7 QuickBooks Enterprise Hosting Providers
In this post, we will compare the best QuickBooks Enterprise hosting providers by dedicated server support, Advanced Reporting performance, industry edition compatibility, pricing, and compliance. Your local server feels like control. It is not. One failed hard drive, one corrupted Windows update, one user accidentally locking a company file over a glitchy VPN, and your…
AI, APAC, Compliance, Cybersecurity, Europe, Global Security News, Government & Policy, malware, Risk Management
More Attack Context for Faster Triage, Response, and Hunting. Now Available to Every SOC
ANY.RUN has expanded access to Threat Intelligence capabilities for SOC and MSSP teams, backed by live attack data from 15,000 organizations. Here’s how your team can test TI’s impact on triage quality, response speed, and threat hunting workflows. See How Threat Intelligence Accelerates Your SOC ANY.RUN now offers 20 premium requests in Threat Intelligence Lookup and YARA Search as part of the Free plan. You can get immediate threat context for over 40 types…
AI, Apps, Compliance, Data Breaches, Endpoint, Global Security News, Network Security, privacy
Attacking the MCP Trust Boundary
Every secure API draws a line between code and data. HTTP separates headers from bodies. SQL has prepared statements. Even email distinguishes the envelope from the message. The Model Context Protocol (MCP), the fast-growing standard for connecting AI agents to external services, inherits that gap from the models it sits on top of. Its central…
AI, Compliance, Europe, Global Security News, privacy, Risk Management
Meta to track employee keystrokes, screen activity to train AI agents
Meta plans to track US employees’ mouse movements, clicks, keystrokes, and screen activity to train workplace AI agents, according to Reuters, offering an early look at how far major tech companies may go to build systems that can automate knowledge work. The company plans to do so through a tool called Model Capability Initiative, or…
AI, Compliance, Cybersecurity, Exploits, Global Security News, malware, Network Security, Risk Management, Venture
The AI era demands a different kind of CISO
Many security leaders are still operating with frameworks built for a different era. For years, success was measured by fixed checkpoints, such as passing audits, closing vulnerabilities, and maintaining compliance. Those markers still have value, but they were designed for a threat landscape that moved in predictable, linear ways. Today, that landscape is shifting in…
AI, Compliance, Global Security News
OneDrive updates focus on AI, access control, and compliance
Microsoft OneDrive’s recent updates focus on improving intelligence, collaboration, and administrative control. “Last year, we made a promise: your files should work for you, not the other way around. That meant reimagining OneDrive not just as a place to store files, but as an intelligent layer that surfaces what matters, eliminates busy work, and enables…
AI, Cloud Security, Compliance, Cybersecurity, Global Security News, privacy, Risk Management
Winter 2025 SOC 1 report is now available with 184 services in scope
Amazon Web Services (AWS) is pleased to announce that the Winter 2025 System and Organization Controls (SOC) 1 report is now available. The report covers 184 services over the 12-month period from January 1, 2025 – December 31, 2025, giving customers a full year of assurance. This report demonstrates our continuous commitment to adhering to…
AI, Apps, Compliance, Cybersecurity, Data Breaches, Funding, Global Security News, Network Security, Risk Management, Venture
AI is one of the two monumental shifts in cyber today
It’s 2026, when nobody can confidently say what the future of security is going to look like. Everyone is trying (what else can we do), but judging by all the progress around AI in recent months, we are all going to be wrong. The biggest mistake we all make is assuming that the future is…
AI, Compliance, Global Security News, Government & Policy
Kamiwaza Expands ARIA Through TD SYNNEX, HPE Channel
Kamiwaza AI is bringing its ARIA accessibility remediation platform to the TD SYNNEX channel alongside HPE, positioning MSPs and resellers to help public sector customers meet fast-approaching digital accessibility deadlines, including the April 24, 2026 ADA Title II compliance requirement. Channel opportunity tied to accessibility mandates for government websites The timing is notable for partners…
AI, Compliance, Global Security News, privacy, Risk Management
The FTC’s AI portfolio is about to get bigger
The Federal Trade Commission is poised to deepen its involvement in curbing the use of AI for malicious purposes, including the spread of nonconsensual sexualized deepfakes and voice cloning scams. Last year, Congress passed the Take It Down Act, a law that allowed for criminal prosecution of individuals who share or distribute nonconsensual, intimate images…
AI, Apps, china, Compliance, Europe, Global Security News, Government & Policy
What Sovereign AI Means for MSPs and Channel Partners
As AI has all but reached widespread adoption, the conversation has shifted from novelty to who can properly regulate it. It’s no longer just private companies leading the charge. Governments and nations are now at the forefront of AI efforts, working to ensure that both innovation and security are maintained. That shift is creating a…
AI, Compliance, Global Security News, Network Security
Salesforce Creates FDE Partner Network for Agentforce
Salesforce is zeroing in on a familiar sticking point with enterprise AI. Getting something to work in a pilot is one thing; getting it to run smoothly in production, with the messiness of real systems and data, is where things tend to fall apart. The company this week introduced a Forward Deployed Engineering (FDE) Partner…
AI, china, Cloud Security, Compliance, Endpoint, Europe, Global Security News, Network Security, Risk Management
How to clone an AWS CloudHSM cluster across Regions
Important: As of January 1, 2025, Client SDK 3 tools (CMU and KMU) are no longer supported. This guide has been updated to use Client SDK 5 commands exclusively. Ensure you’re using the latest Client SDK 5 version (5.17 or later) for the most recent features and security improvements. You can use AWS CloudHSM to…
AI, Apps, Compliance, Global Security News, Risk Management
AI-ready skills are not what you think
Enterprises have spent the past two years rushing to make their workforces “AI-ready.” But many early training programs — focused on prompt writing and chatbot skills — are proving poorly suited to the realities of AI-powered work. The reason is simple: the skills that matter most once AI enters real workflows have less to do…
AI, Apps, Compliance, Cybersecurity, Global Security News, Risk Management
CISOs reshape their roles as business risk strategists
Nitin Raina’s career history resembles that of many CISOs: He worked in IT infrastructure, operations, and services before moving into security and advancing through the ranks. He’s now global chief information security officer at technology consultancy Thoughtworks. But in a less common professional move Raina also picked up the role of global head of enterprise…
AI, Apps, Compliance, Endpoint, Exploits, Global Security News, Network Security, privacy, Risk Management
Microsoft’s Patch Tuesday release for April is a whopper
Windows admins are going to be busy this month, dealing with the largest Patch Tuesday cycle we can recall. The April release involves 165 updates and roughly 340 unique CVEs from Microsoft — including two zero-days, one of which is already being actively exploited in the wild. The Readiness team is recommending “Patch Now” schedules…
