compliance problems

It's time to embrace OSCAL automation for effective risk management

Posted on by Admin
It's time to embrace OSCAL automation for effective risk management

The National Institute of Standards and Technology (NIST) put forward the Open Security Controls Assessment Language (OSCAL) standard in 2021, creating a standardized machine readable language. The goal of the standard is to enable automation and facilitate interoperability between different security assessment tools. It also aims to enable real-time machine to machine data exchange, improving automation and interoperability across various compliance frameworks. There are a multitude of regulatory standards and frameworks that organizations must adhere…

Read More

SaaS governance is improving, but AI presents new challenges

Posted on by Admin
SaaS governance is improving, but AI presents new challenges

Despite hitting a high in 2022, apps identified as “shadow IT” dropped from 53% to 48% in 2023. This drop signals an increase in SaaS governance actions: we’re getting better within enterprises at knowing what apps employees are using, and better at enforcing policies around SaaS use. Anecdotally, I’m seeing that the creation of SaaS governance councils is becoming the norm; businesses are responding to a need for repeatable processes that allow teams to cross-functionally…

Read More

6 months of SEC cybersecurity disclosure rules: An updated view

Posted on by Admin
6 months of SEC cybersecurity disclosure rules: An updated view

As we reach the six-month mark of the SEC’s new cybersecurity disclosure regulations going into effect, it seems a good time to reflect on the requirements.  With the average cost of a security breach nearing $4.5 million and the increased frequency and sophistication of attacks showing no signs of letting up, it seems these requirements are necessary; self-regulation proved insufficient, and the stakes are higher than many people in leadership positions recognize. It’s not just…

Read More

The future of data privacy and compliance (and how to stop it)

Posted on by Admin
The future of data privacy and compliance (and how to stop it)

With 2024 upon us, experts are once again sharing best practices for adapting your business’ data strategy to the times. From ensuring compliance with state-by-state privacy laws to preparing for the inevitable removal of third-party cookies over the course of the year, organizations face ever-increasing pressure to adapt to new realities. Still, mere compliance isn’t enough: the winners will be those who can follow the rules without sacrificing their ability to glean valuable insights or…

Read More

How to mitigate employee risk in remote work environments

Posted on by Admin
How to mitigate employee risk in remote work environments

<!– How to mitigate employee risk in remote work environments | Security Magazine This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more. …

Read More

Virginia active shooter guidelines spark security concerns

Posted on by Admin
Virginia active shooter guidelines spark security concerns

Virginia active shooter guidelines spark security concerns | Security Magazine This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more. This Website Uses…

Read More