%term

7 Data Safeguards for Alternative Asset Firms

Feb 9, 2026 By SecuritySenses In SecuritySenses

Alternative asset managers are handling more sensitive data than they used to, and regulators are watching closely. With evolving SEC disclosure rules and rising NYDFS expectations, firms need practical safeguards that align with how funds actually operate. Here's an overview of how managers stay afloat in this context and of the seven controls that help protect investor information while keeping your operations running smoothly.

Read Post

SecuritySenses

Read more about 7 Data Safeguards for Alternative Asset Firms

Responding to Exposed Secrets - An SRE's Incident Response Playbook

Jan 27, 2026 By Tiexin Guo In GitGuardian

Today, let's take a closer look at incident response playbooks: how to build one, tailor it for secret leaks, take actions, and learn from incidents.

Read Post

GitGuardian

Read more about Responding to Exposed Secrets - An SRE's Incident Response Playbook

HIPAA Incident Response Plan for Website PHI Leaks

Jan 19, 2026 By Feroot In Feroot

Traditional HIPAA response plans were built for the incidents everyone can picture, like a compromised server, ransomware in the network, or unauthorized access to a clinical database. But website PHI leaks are different altogether. Often, there’s no attacker and no break-in. The leak comes from authorized tracking pixels or third-party analytics scripts simply collecting and sending data as designed, but on pages where it should never touch patient information in the first place.

Read Post

Feroot

Read more about HIPAA Incident Response Plan for Website PHI Leaks

How to Protect Smart HVAC in Commercial Sites

Jan 15, 2026 By SecuritySenses In SecuritySenses

Smart HVAC systems have become a core part of modern commercial buildings. But they also sit squarely on the front lines of digital risk. These systems connect to sensors, cloud dashboards, vendor portals, and building automation networks that attackers increasingly try to exploit. Protecting them takes more than checking a few security boxes. It requires a plan that mixes cybersecurity, mechanical expertise, and day to day operational discipline.

Read Post

SecuritySenses

Read more about How to Protect Smart HVAC in Commercial Sites

Identity & Beyond: 2026 Incident Response Predictions

Jan 14, 2026 By Jamie Mamroe In LevelBlue

In 2026, incident response (IR) will continue its shift away from traditional malware-centric investigations toward identity-driven intrusions, abuse of trusted cloud services, and low-signal, high-impact activity that blends seamlessly into normal business operations. Rather than relying on technical exploits, threat actors are prioritizing legitimate access, persistence, and operational efficiency, enabling them to evade users, security controls, and automated detection.

Read Post

LevelBlue

Read more about Identity & Beyond: 2026 Incident Response Predictions

SIEM Automation to Improve Threat Detection and Incident Response

Jan 14, 2026 By Jeff Darrington In Graylog

Security professionals often compare their jobs to a game of “Whack-a-Mole,” the arcade game where players try to hit little plastic moles on the head. The moles pop up in a randomly generated way, making it difficult to predict which one will show its little head next.

Read Post

Graylog

Read more about SIEM Automation to Improve Threat Detection and Incident Response

CMMC Incident Response Timelines and Reporting Rules

Jan 9, 2026 By Max Aulakh In Ignyte

Information security frameworks like CMMC are not just about enforcing security. They’re about enforcing accountability. That’s why a whole section of controls and rules that make up CMMC centers around incident response and reporting. You can’t just have security in place, but throw your hands up and do nothing if there’s an incident or breach. Nor can you sweep it under the rug and hope no one notices.

Read Post

Ignyte

Read more about CMMC Incident Response Timelines and Reporting Rules

IRM in the Real World: Why Culture Is Just as Important as Controls

Jan 8, 2026 By Derrick Udarnauth In Cyberhaven

In security, we love to talk about tools. Detection engines, behavioral analytics, identity governance platforms, and data classification tags. We invest millions in building systems that can track, monitor, and block unauthorized activity. And when it comes to insider risk, many organizations respond by doubling down on controls implementing tighter access permissions, more restrictive policies and stricter monitoring.

Read Post

Cyberhaven

Read more about IRM in the Real World: Why Culture Is Just as Important as Controls

Same Mission, Different Mindsets: CISOs and Incident Response Leaders in the Age of AI and Automation

Jan 5, 2026 By Leon Ward, Chief Transformational Officer In Securonix

When you work in cybersecurity, whether you're steering the operational team, or in a more strategic role, the mission is the same: protect the business. But when it comes to executing that mission, finding consensus on the best approach can be hard. At this pivotal point in the evolution of cybersecurity, as automation becomes table stakes and AI adoption accelerates, it is important that stakeholders are pulling in the same direction. However, recent ThreatQuotient research highlights real differences in how CISOs and Heads of IR approach the introduction of AI into cybersecurity strategy and practice.

Read Post