%term

Critical Intelligence Alert: ED 26-01 - Action Required

Oct 16, 2025 By Emma Stevens In BitSight

On October 15, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive ED 26-01, ordering federal agencies to mitigate a significant security breach involving F5 BIG-IP products. F5 disclosed that nation-state threat actors maintained long-term unauthorized access to internal systems, exfiltrating: This breach represents a major risk to organizations running F5 devices, especially those with exposed management interfaces or unpatched systems.

Read Post

BitSight

Read more about Critical Intelligence Alert: ED 26-01 - Action Required

The Essential Eight: Australia's blueprint for cybersecurity

Oct 15, 2025 By Jeremy Spence In ManageEngine

When the Australian Signals Directorate (ASD) reports that a cyberattack hits an Australian organisation every six minutes, it's clear we need more than crossed fingers and hope to protect our digital assets. That's where the Essential Eight comes in—Australia's homegrown cybersecurity framework that's helping organisations across the country build stronger defences against increasingly sophisticated threats.

Read Post

ManageEngine

Read more about The Essential Eight: Australia's blueprint for cybersecurity

Provision 29 Is Coming: Why Identity Security Must Now Be a Boardroom Priority

Oct 8, 2025 By Jos Akkermans, Field CTO, EMEA and Suzanne van Oosterum, Value Proposition Lead In Xalient

Starting January 2026, Provision 29 of the UK Corporate Governance Code will require boards to report annually on the continuous effectiveness of their internal controls, including cybersecurity, or risk a substantial fine. In terms of reporting, Provision 29 marks a shift from "Do we have controls?" to "Can we prove they work?"

Read Post

Xalient

Read more about Provision 29 Is Coming: Why Identity Security Must Now Be a Boardroom Priority

The Cyber Resilience Act and DORA: Driving Continuous Cybersecurity

Oct 8, 2025 By Tracy Shumaker In SafeBreach

The EU Cyber Resilience Act (CRA) and the Digital Operational Resilience Act (DORA) are shaping the regulatory landscape for cybersecurity in Europe and across the globe. While DORA focuses on the financial sector and ICT providers, the upcoming CRA will extend requirements to all digital products and services, emphasizing secure-by-design practices and software resilience.

Read Post

SafeBreach

Read more about The Cyber Resilience Act and DORA: Driving Continuous Cybersecurity

Potential cyber implications of the UK's proposed digital ID system

Oct 2, 2025 By Jessica Bradbury In CYJAX

The UK government’s plan to introduce mandatory digital ID cards has sparked widespread debate, with critics warning of privacy concerns, cybersecurity risks, and potential government overreach.

Read Post

CYJAX

Read more about Potential cyber implications of the UK's proposed digital ID system

Navigating the EU Data Act: Why orchestration helps

Sep 25, 2025 By Aoife Whelan In Tines

Over the past decade, data has evolved from being an operational byproduct to becoming one of the most valuable assets of any business. The explosion of IoT devices, cloud applications, and AI-driven systems has generated unprecedented volumes of personal and non-personal data. Alongside this growth, regulations in the EU have progressed in step.

Read Post

Tines

Read more about Navigating the EU Data Act: Why orchestration helps

Regulatory Gaps and Legacy Systems Are Aiding AI-Powered Cyberattacks on Governments

Sep 22, 2025 By Craig Searle In Trustwave

Public sector organizations face unprecedented cybersecurity challenges as artificial intelligence reshapes how adversaries launch attacks. Threat actors now use AI to execute large-scale, highly personalized phishing campaigns, automate the discovery of vulnerabilities, and evade detection faster than traditional defenses can respond.

Read Post

Trustwave

Read more about Regulatory Gaps and Legacy Systems Are Aiding AI-Powered Cyberattacks on Governments

Complying with the Cyber Resilience Act (CRA) using Aikido Security

Sep 15, 2025 By Sooraj Shah In Aikido

TLDR: Aikido Security helps you to comply with the Cyber Resilience Act. We also help you to automate security policies and compliance checks for SOC2, ISO27001, CIS & NIS2. Here, we explain its importance of the Cyber Resilience Act and how Aikido helps you to comply with it.

Read Post

Aikido

Read more about Complying with the Cyber Resilience Act (CRA) using Aikido Security

Advanced Domain Protection and Threat Takedown Solutions for Cybersecurity

Sep 11, 2025 By SecuritySenses In SecuritySenses

The digital landscape has become increasingly hostile, with cybercriminals exploiting domain vulnerabilities to launch sophisticated attacks against organizations worldwide. As businesses expand their online presence, the need for robust domain protection and effective domain takedown mechanisms has never been more critical. Modern enterprises face an evolving threat landscape where malicious actors register deceptive domains to steal credentials, distribute malware, and damage brand reputation through sophisticated phishing campaigns.

Read Post

SecuritySenses

Read more about Advanced Domain Protection and Threat Takedown Solutions for Cybersecurity

DORA Third Party Compliance: Essential Requirements for Financial Services

Sep 9, 2025 By Razorthorn In Razorthorn

By James Rees, MD, Razorthorn Security The Digital Operational Resilience Act (DORA) isn’t just another regulatory hurdle to clear. It’s fundamentally changing how financial institutions think about operational risk, particularly when it comes to the third party providers that now handle much of their critical technology infrastructure. DORA third party compliance has become a critical priority for EU financial institutions since the regulation came into force in January 2025.

Read Post