#ciso-liability

[ follow ]
#cybersecurity #vulnerabilities #data-breach #ai-security #ransomware #data-security #ai #privacy #security
Information security
fromIT Brew
14 hours ago

Asking around: When does ransomware threat intelligence become noise?

Effective threat intelligence requires filtering information relevant to specific market segments to avoid overwhelming alerts.
#cybersecurity
Information security
fromTheregister
1 day ago

Sharing isn't caring if it's an admin password: Pwned

Prioritizing convenience over security can lead to significant data loss, as demonstrated by a client using a common password and sharing it publicly.
DevOps
fromSecuritymagazine
2 days ago

The Security Metric That's Failing You

Measuring patch rates does not equate to a secure environment; real risks often lie in misconfigurations and outdated permissions.
Careers
fromSecuritymagazine
4 days ago

Advance Your Cybersecurity Career

Degrees and certifications in cybersecurity indicate foundational knowledge but hands-on experience and skills are more critical for success.
DevOps
fromTheregister
22 hours ago

Hybrid clouds have two attack surfaces - so watch both

Hybrid cloud management tools present significant security vulnerabilities that users often overlook.
Information security
fromTheregister
1 day ago

Sharing isn't caring if it's an admin password: Pwned

Prioritizing convenience over security can lead to significant data loss, as demonstrated by a client using a common password and sharing it publicly.
more#cybersecurity
#data-security
Privacy professionals
fromwww.bbc.com
42 minutes ago

Biobank data incident caused by 'a few bad apples', boss says

BBC Datasets containing de-identified volunteer information were found for sale on Alibaba, prompting scrutiny and temporary suspension of access to the research platform.
Privacy professionals
fromwww.bbc.com
42 minutes ago

Biobank data incident caused by 'a few bad apples', boss says

BBC Datasets containing de-identified volunteer information were found for sale on Alibaba, prompting scrutiny and temporary suspension of access to the research platform.
more#data-security
fromTNW | Health-Tech
16 hours ago
Healthcare

How AI Is Reshaping Workers' Compensation Claims and Healthcare Operations

Workers' compensation is a significant yet often overlooked part of the healthcare ecosystem, facing unique challenges and requiring focused innovation.
#remote-work
Remote teams
fromFast Company
20 hours ago

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require precautions.
Remote teams
fromFast Company
20 hours ago

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require careful management.
Remote teams
fromFast Company
20 hours ago

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require precautions.
Remote teams
fromFast Company
20 hours ago

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require precautions.
Remote teams
fromFast Company
20 hours ago

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require careful management.
Remote teams
fromFast Company
20 hours ago

4 tips for remote workers to safeguard data and privacy

Remote work in public spaces offers convenience but poses privacy and security risks that require precautions.
more#remote-work
#agentic-ai
Artificial intelligence
fromZDNET
3 hours ago

Government adoption of AI agents could outpace the private sector

Agentic AI adoption in government is a leadership mandate, with 82% already using it and 71% planning to increase usage by 2026-2027.
Information security
fromHarvard Gazette
6 days ago

Time for government, business leaders to figure out AI cybersecurity regulation - Harvard Gazette

Agentic AI poses both opportunities for cybersecurity and risks to personal data, economy, and national security, necessitating regulation by leaders.
Artificial intelligence
fromZDNET
3 hours ago

Government adoption of AI agents could outpace the private sector

Agentic AI adoption in government is a leadership mandate, with 82% already using it and 71% planning to increase usage by 2026-2027.
Information security
fromHarvard Gazette
6 days ago

Time for government, business leaders to figure out AI cybersecurity regulation - Harvard Gazette

Agentic AI poses both opportunities for cybersecurity and risks to personal data, economy, and national security, necessitating regulation by leaders.
more#agentic-ai
European startups
fromZDNET
21 hours ago

98% of IT leaders want digital sovereignty: Now SUSE is operationalizing it for companies everywhere

SUSE is focusing on digital sovereignty to enhance choice and resilience in enterprise IT globally.
Privacy technologies
fromTheregister
18 hours ago

Proton CEO: Age checks turn internet into ID checkpoint

Age verification risks transforming the internet into a system requiring identification for all users, compromising anonymity and security.
Deliverability
fromSecurityWeek
23 hours ago

The Behavioral Shift: Why Trusted Relationships Are the Newest Attack Surface

Email attackers now exploit behavioral weaknesses, using tailored tactics that blend into trusted relationships and workflows, making detection more challenging.
#cisa
SF politics
fromNextgov.com
1 day ago

Plankey withdraws nomination to lead CISA

Sean Plankey has withdrawn his nomination to lead the Cybersecurity and Infrastructure Security Agency after a year of waiting for Senate confirmation.
Information security
fromThe Verge
1 day ago

Anthropic's Mythos rollout has missed America's cyberscurity agency

CISA lacks access to Anthropic's cybersecurity model, raising concerns about its prioritization and effectiveness in digital security.
Information security
fromSecurityWeek
2 days ago

Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities

CISA expanded its Known Exploited Vulnerabilities catalog with eight new flaws, including high-severity bugs in Cisco and Kentico products.
SF politics
fromNextgov.com
1 day ago

Plankey withdraws nomination to lead CISA

Sean Plankey has withdrawn his nomination to lead the Cybersecurity and Infrastructure Security Agency after a year of waiting for Senate confirmation.
Information security
fromThe Verge
1 day ago

Anthropic's Mythos rollout has missed America's cyberscurity agency

CISA lacks access to Anthropic's cybersecurity model, raising concerns about its prioritization and effectiveness in digital security.
Information security
fromSecurityWeek
2 days ago

Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities

CISA expanded its Known Exploited Vulnerabilities catalog with eight new flaws, including high-severity bugs in Cisco and Kentico products.
more#cisa
Marketing tech
fromThedrum
1 day ago

The GumGum Platform Achieves Global SOC 2 Compliance, Setting Standards for Data Security

GumGum achieved SOC 2 compliance, enhancing data security and system reliability for partners and customers globally.
Data science
fromInfoWorld
3 days ago

Addressing the challenges of unstructured data governance for AI

Enterprises must enhance data governance for unstructured data as AI transforms data management practices.
Fundraising
fromIndependent
3 days ago

Company has more than 2m stolen from account following cyber attack

Future Energy Capital Limited lost over €2m due to a cyber attack last October.
fromSecuritymagazine
1 day ago

Operationally Ineffective: Putting CVEs in a Chokehold with Privilege Disruption

A Common Vulnerability Exposure (CVE) that cannot reach the privilege plane is operationally ineffective - even at a CVSS Score of 10. This should be a core philosophy that is embedded into the fabric of software engineering.
Information security
Privacy professionals
fromSecuritymagazine
2 days ago

The Privacy-Security Partnership: How We Bend Risk in a Resource Crunch

Fewer privacy practitioners feel confident in meeting laws, while resource shortages and compliance challenges increase stress in the field.
Artificial intelligence
fromFast Company
1 day ago

Here's how to jump-start your company's responsible AI governance in 90 days

Anthropic's Claude Mythos AI model reveals critical vulnerabilities, emphasizing the urgent need for responsible AI governance to mitigate risks and societal impacts.
EU data protection
fromwww.theguardian.com
22 hours ago

Some Interrail travellers told to cancel passports as hacked data posted online

Holidaymakers in Europe must replace passports after personal data was hacked and sold on the dark web, causing stress and financial burden.
Business intelligence
fromFortune
2 days ago

Boards say the C-suite owns the AI strategy. The C-suite doesn't agree. | Fortune

90% of board members believe AI leadership responsibility lies with the C-suite, but executives disagree on ownership within the C-suite.
Privacy professionals
fromReadWrite
23 hours ago

Caesars sued over 2026 data breach claims

Caesars Entertainment faces a class action lawsuit for failing to protect customer data during a second cyber incident after a previous breach in 2023.
#artificial-intelligence
Artificial intelligence
fromFortune
22 hours ago

Inflated AI Claims Are Under Fire-and the Regulatory Reckoning Is Coming | Fortune

Artificial intelligence is a significant capital markets issue, with regulators increasingly scrutinizing companies' claims about their AI capabilities.
fromFortune
1 day ago
Information security

Former national cyber director: Anthropic's 'Mythos' AI can hack nearly anything and we aren't ready | Fortune

Artificial intelligence
fromFortune
22 hours ago

Inflated AI Claims Are Under Fire-and the Regulatory Reckoning Is Coming | Fortune

Artificial intelligence is a significant capital markets issue, with regulators increasingly scrutinizing companies' claims about their AI capabilities.
Information security
fromFortune
1 day ago

Former national cyber director: Anthropic's 'Mythos' AI can hack nearly anything and we aren't ready | Fortune

Mythos, Anthropic's advanced AI model, poses significant risks to critical infrastructure, necessitating urgent investment and collaboration to enhance cybersecurity.
more#artificial-intelligence
DevOps
fromInfoQ
2 days ago

Cloudflare Outlines MCP Architecture as Enterprises Confront Security and Governance Risks

Centralized governance and remote infrastructure are essential for secure Model Context Protocol deployments, addressing risks like prompt injection and supply chain attacks.
#data-privacy
fromElectronic Frontier Foundation
1 day ago
Privacy technologies

How ICE Got My Data | EFFector 38.8

Tech companies may compromise user data when pressured by the government, as seen in a case involving Google and ICE.
EU data protection
fromThedrum
3 days ago

The future of data, privacy and ethics

Misleading practices in e-commerce, such as false stock availability, are regulated by the European Commission to protect consumers.
EU data protection
fromThedrum
3 days ago

The future of data, privacy and ethics

Misleading practices in e-commerce, such as false stock availability, are regulated by the European Commission to protect consumers.
more#data-privacy
EU data protection
fromTechzine Global
2 days ago

New EU rules stall due to lack of data center data

Europe's data center sustainability regulations reveal significant gaps in data quality and reporting, hindering accurate assessments of energy consumption and environmental impact.
Privacy professionals
fromTechCrunch
20 hours ago

Another customer of troubled startup Delve suffered a big security incident | TechCrunch

Delve faces multiple allegations and security incidents, leading to loss of customers and damaged reputation.
DevOps
fromwww.bankingdive.com
4 days ago

How proactive DEX strengthens IT compliance in financial services

Proactive DEX management helps financial services organizations address compliance challenges by continuously monitoring and improving the digital workplace.
#ai
Information security
fromSecurityWeek
1 day ago

AI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers

AI systems can autonomously hack cloud environments, demonstrating advanced capabilities in executing sophisticated attacks without specific instructions.
Information security
fromHarvard Gazette
1 day ago

Got personal financial, medical data you'd like to keep private? Good luck.Got personal financial, medical data you'd like to keep private? Good luck. - Harvard Gazette

New AI models may increase the risk of cybercriminals breaching secure systems, exposing personal data.
Information security
from24/7 Wall St.
1 day ago

5 Cybersecurity Stocks Most Likely to Benefit as AI Threats Drive Budget Increases in 2026

AI surpasses most humans in finding software flaws, prompting a defensive coalition to enhance cybersecurity.
Information security
fromTechzine Global
1 week ago

Runtime security becomes critical as AI accelerates threats

Artificial intelligence accelerates innovation and cyber threats, necessitating a focus on runtime security for effective enterprise protection.
Information security
fromSecurityWeek
1 day ago

AI Can Autonomously Hack Cloud Systems With Minimal Oversight: Researchers

AI systems can autonomously hack cloud environments, demonstrating advanced capabilities in executing sophisticated attacks without specific instructions.
Information security
fromHarvard Gazette
1 day ago

Got personal financial, medical data you'd like to keep private? Good luck.Got personal financial, medical data you'd like to keep private? Good luck. - Harvard Gazette

New AI models may increase the risk of cybercriminals breaching secure systems, exposing personal data.
Information security
from24/7 Wall St.
1 day ago

5 Cybersecurity Stocks Most Likely to Benefit as AI Threats Drive Budget Increases in 2026

AI surpasses most humans in finding software flaws, prompting a defensive coalition to enhance cybersecurity.
Information security
fromTechzine Global
1 week ago

Runtime security becomes critical as AI accelerates threats

Artificial intelligence accelerates innovation and cyber threats, necessitating a focus on runtime security for effective enterprise protection.
more#ai
fromSecurityWeek
1 hour ago

Vulnerabilities Patched in CrowdStrike, Tenable Products

CrowdStrike published an advisory for CVE-2026-40050, a critical unauthenticated path traversal vulnerability affecting its LogScale product. The flaw can allow a remote attacker to read arbitrary files from the server filesystem.
Information security
Privacy professionals
fromFast Company
23 hours ago

Meta tracking employee keystrokes to train AI is probably legal. Experts say that doesn't make it ethical

Meta Platforms is implementing software to track employee computer usage to train AI models, raising privacy concerns amid potential layoffs.
#cyber-security
EU data protection
fromComputerWeekly.com
1 week ago

CYBERUK '26: UK lagging on legal protections for cyber pros | Computer Weekly

The outdated Computer Misuse Act hinders UK cyber security innovation and needs urgent reform to protect cyber professionals.
Information security
fromComputerWeekly.com
1 day ago

Interview: Critical local infrastructure is missing link in UK cyber resilience | Computer Weekly

Local infrastructure in the UK is vulnerable to cyber attacks, risking severe disruption to essential services and public safety.
EU data protection
fromComputerWeekly.com
1 week ago

CYBERUK '26: UK lagging on legal protections for cyber pros | Computer Weekly

The outdated Computer Misuse Act hinders UK cyber security innovation and needs urgent reform to protect cyber professionals.
Information security
fromComputerWeekly.com
1 day ago

Interview: Critical local infrastructure is missing link in UK cyber resilience | Computer Weekly

Local infrastructure in the UK is vulnerable to cyber attacks, risking severe disruption to essential services and public safety.
more#cyber-security
#ai-security
fromFortune
16 hours ago
Information security

Security experts head to D.C. to debate standards for securing AI systems as Mythos raises the stakes | Fortune

Information security
fromThe Verge
2 days ago

Anthropic's most dangerous AI model just fell into the wrong hands

Mythos AI model accessed by unauthorized users, raising cybersecurity concerns about its potential misuse.
Artificial intelligence
fromTechRepublic
3 days ago

The MCP Disclosure Is the AI Era's 'Open Redirect' Moment

The Model Context Protocol has a design flaw that enables AI supply chain attacks, posing a significant security risk to enterprise AI systems.
Information security
fromSecuritymagazine
2 days ago

Unauthorized Users Accessed Claude Mythos, New Reports Suggest

Unauthorized access to Anthropic's AI model, Claude Mythos Preview, raises security concerns among experts due to its ability to identify digital vulnerabilities.
Information security
fromFortune
16 hours ago

Security experts head to D.C. to debate standards for securing AI systems as Mythos raises the stakes | Fortune

AI systems are becoming attractive targets for adversaries, with vulnerabilities discovered faster than developers can respond.
Information security
fromThe Verge
2 days ago

Anthropic's most dangerous AI model just fell into the wrong hands

Mythos AI model accessed by unauthorized users, raising cybersecurity concerns about its potential misuse.
more#ai-security
Podcast
fromSecuritymagazine
1 month ago

What Does It Take to Be an Outstanding CSO or CISO?

Outstanding security leaders often come from non-traditional backgrounds, with 40% of recent CSO-CISO Hall of Fame honorees starting in the private sector.
Information security
fromThe Hacker News
2 hours ago

LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure

A high-severity SSRF vulnerability in LMDeploy is actively exploited, allowing attackers to access sensitive data and internal networks.
#data-breach
Privacy professionals
fromTheregister
3 days ago

Lovable denies data leak, cites 'intentional behavior'

Lovable's platform has a significant security flaw allowing free accounts to access sensitive user information, raising concerns about data protection.
Privacy professionals
fromTheregister
3 days ago

Lovable denies data leak, cites 'intentional behavior'

Lovable's platform has a significant security flaw allowing free accounts to access sensitive user information, raising concerns about data protection.
more#data-breach
Artificial intelligence
fromTechRepublic
6 days ago

AI Upgrades, Security Breaches, and Industry Shifts Define This Week in Tech - TechRepublic

AI innovation and security threats are reshaping technology and corporate strategies across various platforms and applications.
Information security
fromInfoWorld
20 hours ago

Offer customers passkeys by default, UK's NCSC tells enterprises

Passkeys are recommended as the primary authentication method due to their security against phishing and credential reuse.
Information security
fromSecuritymagazine
1 day ago

NIST's New Prioritization Criteria for CVEs, Examined by Experts

NIST is changing its approach to handling cybersecurity vulnerabilities by prioritizing certain CVEs for immediate enrichment in the National Vulnerability Database.
Information security
fromTechCrunch
22 hours ago

Surveillance vendors caught abusing access to telcos to track people's phone locations, researchers say | TechCrunch

Two spying campaigns exploit telecom infrastructure weaknesses to track individuals' locations, revealing ongoing vulnerabilities in global phone networks.
Information security
fromSecurityWeek
1 day ago

Are SBOMs Failing? Supply Chain Attacks Rise as Security Teams Struggle With SBOM Data

SBOMs and VEX statements fail to enhance software supply chain security due to poor decision-making and inconsistent interpretation of available data.
fromEngadget
2 days ago

Anthropic is investigating 'unauthorized access' of its Mythos cybersecurity tool

We're investigating a report claiming unauthorized access to Claude Mythos Previous through one of our third-party vendor environments.
Information security
Information security
fromComputerWeekly.com
2 days ago

Anthropic's Mythos raises the stakes for security validation | Computer Weekly

The rise of autonomous AI in security introduces unpredictability, complicating the validation of defenses against evolving threats.
#cyber-insurance
more#cyber-insurance
Privacy professionals
fromMedCity News
1 month ago

The Evolving Landscape of Privacy and Cybersecurity: Essential Strategies for Legal and Compliance Professionals - MedCity News

Organizations must combine strong controls with comprehensive employee training and accountability culture to effectively protect sensitive data and comply with evolving privacy laws.
Information security
fromSecurityWeek
2 days ago

Oracle Patches 450 Vulnerabilities With April 2026 CPU

Oracle released 481 new security patches in April 2026, addressing vulnerabilities across 28 product families, with many remotely exploitable without authentication.
Information security
fromTheregister
3 days ago

Adaptavist Group breach: Ransomware crew claims mega-haul

Adaptavist Group is investigating a security breach involving stolen credentials, while a ransomware group claims to have accessed extensive data.
Information security
fromSecurityWeek
2 days ago

Unsecured Perforce Servers Expose Sensitive Data From Major Orgs

Many internet-facing Perforce P4 servers are misconfigured, exposing sensitive information and allowing unauthorized access.
Information security
fromTNW | Next-Featured
2 days ago

Lovable security crisis: 48 days of exposed projects, closed bug reports, & the structural failure of vibe coding security

Lovable's security incidents expose vulnerabilities in AI-generated code and highlight a market focus on growth over security.
Information security
fromSecuritymagazine
2 weeks ago

Ransomware Response: How Businesses Regain Control Under Pressure

Ransomware attacks create urgent pressure, forcing quick decisions and impacting operations, legal obligations, and overall enterprise strategy.
Information security
fromThe Hacker News
2 weeks ago

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.
Privacy professionals
fromDataBreaches.Net
1 month ago

Shutdown Stalls Compliance Plans for Cyber Breach Reporting Rule - DataBreaches.Net

A partial government shutdown delays the DHS cybersecurity incident reporting rule, leaving companies uncertain about compliance requirements and enforcement timelines.
Information security
fromComputerWeekly.com
1 month ago

How CISOs can build a truly unified and resilient security platform | Computer Weekly

Modern enterprise security requires rethinking architecture from perimeter defense to distributed asset protection across decentralized networks and cloud environments.
Information security
fromSecuritymagazine
2 months ago

Understanding Breaches Before and After They Happen: What Every Organization Should Know

Most security breaches result from neglected fundamentals—human error, unpatched systems, weak authentication, and poor network segmentation—rather than advanced, novel exploits.
Information security
fromBusiness Matters
1 month ago

7 Data Privacy Risks Leaders Miss in 2026

Organizations overlook seven critical privacy risks in 2026 that bypass security awareness, including public WiFi interception, malicious browser extensions, shadow AI tools, unencrypted messaging, credential reuse, unmanaged personal devices, and data retention gaps.
[ Load more ]