%term

How a Digital Bank Reduced Shadow AI Risk by 80% - Without Blocking Innovation

Oct 2, 2025 By CultureAI Team In CultureAI

When a fast-scaling digital bank began seeing widespread employee adoption of generative AI tools like ChatGPT and Gemini, their security team faced a growing dilemma: how do you protect sensitive data without shutting down innovation?

Read Post

CultureAI

Read more about How a Digital Bank Reduced Shadow AI Risk by 80% - Without Blocking Innovation

Empowering Safe GenAI Adoption at a 3,600-Employee Fintech - And Stopping 20+ Data Leaks a Day

Oct 2, 2025 By CultureAI Team In CultureAI

Despite having modern DLP and CASB tools in place, they lacked the behavioural insights and real-time context needed to guide employee use of GenAI tools. Shadow AI use was growing, and SecOps lacked clear visibility into which incidents required intervention.

Read Post

CultureAI

Read more about Empowering Safe GenAI Adoption at a 3,600-Employee Fintech - And Stopping 20+ Data Leaks a Day

10 Intelligence-Focused Questions That Strengthen GRC-SOC Collaboration

Oct 1, 2025 By Emma Stevens In BitSight

The Governance, Risk, and Compliance (GRC) team and the Security Operations Center (SOC) shouldn’t be working in silos. Yet in many organizations, these teams operate with different data, priorities, and goals, missing a critical opportunity to strengthen the organization’s overall resilience. When GRC and SOC collaborate, the organization is better prepared, whether it’s responding to a real-world attack, passing an audit, or navigating the daily chaos of the cyber threat landscape.

Read Post

BitSight

Read more about 10 Intelligence-Focused Questions That Strengthen GRC-SOC Collaboration

A guide to understanding the UK Cyber Security and Resilience Bill

Oct 1, 2025 By Notis Iliopoulos In Obrela

The UK government is strengthening its cybersecurity legislation with the Cyber Security and Resilience Bill (CSRB), an update to the 2018 Network and Information Systems Regulations. Modelled on the EU’s NIS2 Directive, the new Bill significantly expands cyber risk obligations across the UK’s digital ecosystem, targeting gaps exposed by recent high-profile breaches.

Read Post

Obrela

Read more about A guide to understanding the UK Cyber Security and Resilience Bill

When Attackers Weaponize AI Webinar - The Energy Grid Attack Path

Sep 30, 2025 By Nucleus Security In Nucleus

As AI use grows, so does its dependency on the energy grid remaining up and running. This makes the energy grid a more likely target for future attacks.

View Video

Nucleus

Read more about When Attackers Weaponize AI Webinar - The Energy Grid Attack Path

From Fragments to Full Picture: Turning Threat News into Actionable Campaign Intelligence

Sep 30, 2025 By Shir David In BitSight

Consider this scenario: a critical zero-day vulnerability is announced for a popular enterprise software and you, as a threat analyst, are tasked with briefing leadership on which threat actors are exploiting it and how. You start to research and are immediately overwhelmed. One news site reports on a Chinese APT using the exploit, another blog details an Iranian group, and a third report lists CVEs without context.

Read Post

BitSight

Read more about From Fragments to Full Picture: Turning Threat News into Actionable Campaign Intelligence

Critical Vulnerability Alert: CVE-2025-10035 in GoAnywhere MFT

Sep 29, 2025 By Emma Stevens In BitSight

A critical security vulnerability (CVE-2025-10035) has been identified in GoAnywhere MFT, a widely used file transfer solution developed by Fortra. This software is commonly deployed to securely transfer sensitive data such as financial records, HR files, legal documents, and personally identifiable information (PII). Currently, CVE-2025-10035 is rated at a 10.0 (critical) on the CVSS scale and a 9.23 out of 10 on Bitsight’s Dynamic Vulnerability Exploit (DVE) scale.

Read Post

BitSight

Read more about Critical Vulnerability Alert: CVE-2025-10035 in GoAnywhere MFT

Top 5 Cybersecurity Risks in ERP Systems and How to Prevent Them

Sep 29, 2025 By SecuritySenses In SecuritySenses

Modern businesses are built on Enterprise Resource Planning (ERP) systems. From finance to supply chain, they run everything in one place. Many of them can even connect to cloud systems, mobile apps, and IoT devices. But where they are most powerful, they are also most vulnerable. Cybercriminals know that ERP systems are treasure troves of data. So if an attack happens, it can lead to significant data theft. Not only that, it can also delay payroll, damage production lines, and stop operations.

Read Post

SecuritySenses

Read more about Top 5 Cybersecurity Risks in ERP Systems and How to Prevent Them

Supercharge Your AI Data Governance with Riscosity's F5 BIG-IP SSL Orchestrator Integration

Sep 26, 2025 By Anirban Banerjee In Riscosity

Artificial intelligence has stormed the enterprise world, and it's not slowing down anytime soon. With thousands of AI-powered applications, from large language models (LLMs) to productivity-boosting copilots, employees are tapping into AI to work smarter and faster. But here’s the rub: while AI can supercharge productivity, it also brings along a Pandora’s box of risks.

Read Post

Riscosity

Read more about Supercharge Your AI Data Governance with Riscosity's F5 BIG-IP SSL Orchestrator Integration

UpGuard's Future: The Strategic Edge Your Security Team Needs

Sep 26, 2025 By Revashni Moodley In UpGuard

Security teams have struggled for far too long with a patchwork of siloed security tools, static compliance checks, and an increasingly adversarial threat landscape to continue down that path, especially when each of these challenges is making their organizations more vulnerable by the minute. Previously in this CRPM series, we’ve established that traditional security approaches are no longer adequate to keep pace against AI-driven attacks and the multi-pronged missions of cybercriminals today.

Read Post