%term

The "No Bid" Reality

Jan 8, 2026 By Megin Kennett In NeoSystems

The theoretical phase of the Cybersecurity Maturity Model Certification (CMMC) is over. As of November 10, the “Enforcement Era” has officially begun with the activation of Phase 1. For Department of Defense (DoD) contractors, compliance is no longer a future goal—it is a present-day barrier to entry. If you want to bid, you must have your house in order.

Read Post

NeoSystems

Read more about The "No Bid" Reality

NIS2 compliance: what it means, who's affected, and how to comply

Jan 8, 2026 By Istvan Molnar In Netwrix

NIS2 is the EU's comprehensive cybersecurity directive requiring essential and important entities to implement robust risk management, incident reporting within 24 to 72 hours, and supply chain security. Penalties can reach €10M or 2% of global turnover. Netwrix solutions help organizations support compliance through data security posture management, identity management, privileged access management, and audit-ready reporting.

Read Post

Netwrix

Read more about NIS2 compliance: what it means, who's affected, and how to comply

A Milestone for Government AI: Coralogix Begins FedRAMP Journey

Jan 8, 2026 By Albert Nieves In Coralogix

Today Coralogix announced U.S. Department of Education Sponsorship for FedRAMP Authorization. Government agencies currently face a critical balancing act. On one side, there is an urgent mandate to modernize operations and adopt artificial intelligence to improve services. On the other, there are strict requirements for security, compliance, and data sovereignty that cannot be compromised.

Read Post

Coralogix

Read more about A Milestone for Government AI: Coralogix Begins FedRAMP Journey

From Spend to Impact: Fixing the Disconnect in U.K. Supply Chain Security

Jan 7, 2026 By Robert Hannigan, Chairman of International Business In BlueVoyant

In today's hyperconnected economy, supply chains are no longer just operational backbones; they are strategic lifelines, shaping resilience, competitiveness, and innovation across industries. Yet for many U.K. organisations, these lifelines are becoming increasingly fragile. The most recent iteration of our global supply chain defence research indicates that - despite pouring significant resources into third party risk management (TPRM) programs and embracing new technologies to shore up their supply chain defences - U.K. businesses continue to face a high rate of supply chain breaches.

Read Post

BlueVoyant

Read more about From Spend to Impact: Fixing the Disconnect in U.K. Supply Chain Security

AI Compliance Training: EU AI Act & 90-Day Implementation Strategy

Jan 7, 2026 By KnowBe4 | Human Risk Management In KnowBe4

Executive Summary: A technical briefing on navigating the AI compliance landscape, focusing on the EU AI Act, US federal mandates, and state-level regulations. This session provides a structured 90-day roadmap for AI system governance, risk mitigation, and role-based training deployment. Key Knowledge Domains.

View Video

KnowBe4

Read more about AI Compliance Training: EU AI Act & 90-Day Implementation Strategy

Elastic Cloud Serverless achieves major compliance certifications across AWS, Azure, and GCP

Jan 6, 2026 By Oliver Mao In Elastic

Securely scale search, security, and observability apps on any cloud provider. We are thrilled to announce a major milestone in our commitment to security, privacy, and regulatory compliance for Elastic Cloud Serverless. Elastic Cloud Serverless has now attained a comprehensive suite of key compliance certifications across all of our available cloud providers: Amazon Web Services (AWS), Microsoft Azure, and Google Cloud (GCP).

Read Post

Elastic

Read more about Elastic Cloud Serverless achieves major compliance certifications across AWS, Azure, and GCP

Why AI security looks different across the UK, France, Germany, and Australia

Jan 6, 2026 By Vanta In Vanta

Globally, 88% of companies regularly use AI in at least one business function—a 10% increase from the previous year. But as organizations race to adopt new capabilities, we’ve found that the rigor and maturity of AI governance vary widely by region. ‍ The third edition of our State of Trust report reveals how leading AI adopters outside the U.S.—from the UK to Germany, France, and Australia—are approaching AI security and governance in distinct ways.

Read Post

Vanta

Read more about Why AI security looks different across the UK, France, Germany, and Australia

Common PCI DSS Compliance Mistakes

Jan 6, 2026 By Narendra Sahoo In VISTA InfoSec

PCI DSS compliance requires an organizational implementation of the required processes and procedures. Your compliance efforts are typically sabotaged by mistakes made from the top. We’re going to briefly discuss the top PCI DSS Compliance Mistakes that are made and how to avoid them.

Read Post

VISTA InfoSec

Read more about Common PCI DSS Compliance Mistakes

CMMC: From Ignored Compliance to Mandatory Enforcement

Jan 6, 2026 By Baan Alsinawi In CISO Global

Protecting sensitive data does require investment, and that mindset hasn’t been universal. Now, it isn’t an option. It’s time to move from debate to execution.

Read Post

CISO Global

Read more about CMMC: From Ignored Compliance to Mandatory Enforcement

HIPAA Disaster Recovery Requirements: What Healthcare Organizations Really Need

Jan 6, 2026 By Mark Mazza In Opti9

What are HIPAA disaster recovery requirements? Healthcare data breaches exposed over 276 million patient records in 2024, representing more than 80% of the US population according to the HHS Office for Civil Rights. For healthcare organizations, the question is no longer whether a disruption will occur, but when. The HIPAA Security Rule addresses this reality directly through its contingency planning requirements, yet many organizations still operate with significant compliance gaps.

Read Post