The Securities and Exchange Commission (SEC) adopted new rules last week that require companies listed on the US Stock Exchange to disclose any material cybersecurity incidents. In addition to reporting incidents, companies are also required to describe their approach to cybersecurity risk management, strategy, and governance on an annual basis.

With the SEC's adoption of new rules on cybersecurity risk management, strategy, governance, and incident disclosure by public companies, one thing is clear: better definitions are required.

TrustCloud is thrilled to announce a partnership with VanRein Compliance, a leading managed compliance provider that builds and manages clients’ compliance programs via audits, custom policies and procedures, online training, and more. TrustCloud and VanRein Compliance both share a mission – to make compliance accessible and affordable for all.

As the digital landscape evolves, so too does the regulatory environment. One of the latest pieces of legislation to impact organizations across the EU is the Network and Information Security 2 (NIS 2) Directive. This directive, aimed at enhancing cybersecurity across the Union, has far-reaching implications for a wide range of organizations, both within and outside the EU.

The challenge of administering security and maintaining compliance in a Kubernetes ecosystem is typically the same: an increasingly dynamic, ever-changing, ephemeral landscape. Changes can be rooted in new approaches to cyberattacks or changing regulations. Kubernetes security requires a complex and multifaceted approach since an effective strategy needs to.

With the constant threat of cyber attacks against corporations of all sizes, last week the U.S. Securities and Exchange Commission (SEC) introduced new cybersecurity disclosure rules to ensure greater transparency and accountability for publicly traded companies.

Cybersecurity is ever-changing and a critical consideration for business survival. One must always be prepared to keep their business secure and their customers satisfied. But how do you keep up with all the compliance framework changes, such as last October’s SOC 2 guidance updates? This was my challenge as the GRC manager at a SaaS startup: an updated compliance framework version would be released, and I’d need to figure out how to incorporate the new requirements.

On May 29 2023, the Cybersecurity Division of the Commerce and Information Policy Bureau of the Ministry of Economy, Trade and Industry of Japan (METI) released an introduction guidance on Attack Surface Management (ASM) as a response to the increased cyber threats as a result of companies’ rapid digital transformation has led to a dynamic and growth of their internet footprint and possible attack vectors.