%term

What CISA's BOD 25-01 Means for API Security and How Wallarm Can Help

Jul 2, 2025 By Wallarm In Wallarm

The US government has taken another significant step towards strengthening cloud security with the release of CISA’s Binding Operational Directive (BOD) 25-01. Aimed at improving the security posture of federal cloud environments, BOD 25-01 mandates robust configuration, visibility, and control across cloud-based services. While the directive doesn’t explicitly name API security, securing modern cloud systems relies on securing APIs - including the ones security teams don’t know about.

Read Post

Wallarm

Read more about What CISA's BOD 25-01 Means for API Security and How Wallarm Can Help

5 Ways Regulatory Changes Are Shaping Data Security Strategies

Jul 1, 2025 By SecuritySenses In SecuritySenses

Today's regulations and info edicts aren't just red tape-they're rewriting the rules of how you protect data, especially as you swim through the web. From breach reporting to global privacy laws, keeping up with compliance updates can help you walk through a smarter, faster security game for your personal and professional interests. This is why, if you're handling and managing sensitive info-or just want to avoid fines and fallout-here's how the latest legal shifts are reshaping how you can secure what matters most.

Read Post

SecuritySenses

Read more about 5 Ways Regulatory Changes Are Shaping Data Security Strategies

A 101 Guide to GDPR Vulnerability Assessment

Jun 27, 2025 By Keshav Malik In Astra

The GDPR has compelled a shift in how companies manage personal data. At the heart of GDPR is the requirement to safeguard customer data from unauthorized access, loss, or alteration. GDPR vulnerability assessment is a basic requirement, whether you’re based in the EU or not. If you process the data of EU residents, this assessment isn’t optional.

Read Post

Astra

Read more about A 101 Guide to GDPR Vulnerability Assessment

What is the UK Cyber Security & Resilience Bill and Why Does it Matter to Your Business?

Jun 26, 2025 By Kate Watson In Pentest People

The Cyber Security & Resilience Bill is designed to tighten the grip on security standards across businesses, making resilience against cyber threats an absolute necessity. By expanding regulatory frameworks, it aims to bridge existing gaps and provide a structured approach to combating cyber threats, which have increasingly targeted vital business operations.

Read Post

Pentest People

Read more about What is the UK Cyber Security & Resilience Bill and Why Does it Matter to Your Business?

Inside the Early Lessons of DORA Compliance: What Works, What Fails, What's Next?

Jun 25, 2025 By Razorthorn Security In Razorthorn

Six months into DORA — is financial services building real resilience or just ticking boxes? In this episode of Razorwire, host James Rees is joined by Richard Cassidy, Jonathan Care, and first-time guest Romain Deslorieux to dissect how the Digital Operational Resilience Act (DORA) is really playing out in financial services — beyond the policies and into the pressure.

View Video

Razorthorn

Read more about Inside the Early Lessons of DORA Compliance: What Works, What Fails, What's Next?

What Does The EU Cyber Resilience Act Mean for Your Organisation?

Jun 23, 2025 By Kate Watson In Pentest People

The Cyber Resilience Act introduces a comprehensive framework designed to bolster the cyber security infrastructure of organisations operating within the EU. By emphasising the importance of compliance, the CRA aims to establish clear standards that enhance digital resilience and protect against cyber threats. The legislation not only outlines specific requirements but also highlights the benefits for organisations that adhere to these robust security protocols.

Read Post

Pentest People

Read more about What Does The EU Cyber Resilience Act Mean for Your Organisation?

The 10 Most Costly GDPR Mistakes Banks and Financial Institutions Make

Jun 23, 2025 By Feroot In Feroot

Financial services firms operate in a high-risk environment where personal and financial data converge — and errors are expensive. Despite robust back-end controls, many still: GDPR’s complexity — 99 articles and multiple regional interpretations — creates audit friction even for mature teams.

Read Post

Feroot

Read more about The 10 Most Costly GDPR Mistakes Banks and Financial Institutions Make

Data protection in the age of AI: GDPR considerations for businesses using AI tools

Jun 19, 2025 By Luke Peach In Bulletproof

The GDPR sets out clear principles for how personal data should be handled. Here are some that AI tools can easily clash with.

Read Post

Bulletproof

Read more about Data protection in the age of AI: GDPR considerations for businesses using AI tools

Brace Yourselves: The Game-Changing Impact of India's DPDP Act, 2023

Jun 16, 2025 By Kirsten Doyle In Tripwire

India's Digital Personal Data Protection (DPDP) Act, 2023 is a turning point in how personal data is regulated, managed, and protected across the country. As every industry becomes more digital, this law makes it clear who owns data and who must protect it. The Act introduces a legal imperative and an operational opportunity for SOC managers, CISOs, DPOs, and IT security teams to revisit how data is collected, stored, shared, and protected.

Read Post

Tripwire

Read more about Brace Yourselves: The Game-Changing Impact of India's DPDP Act, 2023

Japan's New Active Cyber Defense Law: What It Means for Cyber Resilience and AEV

Jun 12, 2025 By Tova Dvorin In SafeBreach

Japan is the latest country to shift from a reactive to a proactive cybersecurity stance, with its landmark Active Cyber Defense Law. The new regulations passed in May 2025 and are set to take full effect by 2027. For cybersecurity leaders, particularly those in critical infrastructure and the enterprise sector, this legislation marks a turning point—and carries major implications about how we test, validate, and evolve our cyber defenses.

Read Post