A new security standard released Tuesday makes it easier for companies to judge the safety of the specific cloud-based tools they use every day. The framework, from the Cloud Security Alliance, ...

The authors of the new Cyber Risk Management Program framework explain how it can set an organization up to better comply with SEC and other disclosure and reporting regulations. In a landmark ...

A lifecycle-based guide to securing enterprise AI—covering models, data, and agents, with five risk categories and governance guidance for leadership.

The software maker’s Security Risk Management Framework (SRMF) helps leadership prioritize mitigation decisions and ensures everyone is informed about the latest cybersecurity challenges and risks.

A public-private group led by the Treasury issued the first two of six planned resources to help banks navigate the risks and opportunities of AI.

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Today the U.S. Department of Commerce’s ...

It’s time the National Institute of Standards and Technology point to how organizations should be assessing the risk they’re associating with systems when deciding what security controls to implement ...

There is rarely a day that goes by when we do not hear of a cyber breach. Often the target is small and medium companies, and the result of a cyber-attack can mean loss of operations or even going out ...

Adam Stone writes on technology trends from Annapolis, Md., with a focus on government IT, military and first-responder technologies. The Pentagon plans to change the way it addresses cybersecurity ...

A decade after releasing its landmark national cybersecurity framework, the National Institute of Standards and Technology on Monday released version 2.0, an updated document that emphasizes ...

Key Takeaways Supply chains are becoming more distributed, and as a result, vendor relationships have become ongoing ...

A good cyber security strategy should always start by defining what risk a business is willing to tolerate, and this is a task in which the IT security manager must involve their business colleagues.