ISMS.online
Corporate/Government Newsroom
SaaS to manage InfoSec, Cyber, Data Protection, GDPR & ISO. Trust, collaboration & achieving more - It’s what we live, breathe & build. Source
Actions
Media Outlet details
| Scope | Trade/B2B |
|---|---|
| Language | English |
| Country | United Kingdom |
|
Similarweb UVM |
Request pricing |
|
Comscore UVM |
Request pricing |
Recent Articles
Search ArticlesWhat The Microsoft 365 Copilot “SearchLeak” Issue Says About AI Era Risk
The Copilot SearchLeak vulnerability chain shows how any AI assistant can evolve from a productivity feature into a new path into data that inherits the user’s reach. What lessons can security and compliance leaders learn? In June, researchers at Varonis Threat Labs unveiled a critical vulnerability chain in Microsoft 365 Copilot Enterprise dubbed “SearchLeak”.
Klueless: How A Four-Year-Old Credential Led To A Major Hack
Last month, attackers used a stolen credential to hack competitive intelligence SaaS provider Klue. But the seeds of the attack apparently started four years earlier. Klue executives said that in 2022, the Vancouver-based company issued a credential to an unnamed third party for a limited pilot. An investigation by Crowdstrike later revealed the credential to be a GitHub Personal Access Token (PAT), which enables developers to access software development repositories.
Building Cyber Resilience in the Age of AI / AI Management
From deepfake-enabled phishing to AI-driven malware, attackers are evolving faster than ever. At the same time, new regulations like the EU AI Act are redefining how organisations must manage and govern AI responsibly. Join experts from ISMS.online and TechForce Cyber for an insight-packed session exploring how to build true cyber resilience in the age of AI.
Data Governance in Healthcare in the Age of Ransomware
As the risk of being hit grows, how well an organisation governs its data determines the blast radius of an attack and how quickly care can continue. How can this be done? Ransomware attacks are continuing to hit the healthcare sector, with potentially devastating consequences that can go on for months after the incident. In February 2026, University of Mississippi Medical Center was forced to close all clinics after suffering a ransomware attack.
Anthropic’s Suspension Is a Wake-Up Call for AI Supplier Risk
If you build critical business processes around a single AI service, what happens when that service disappears overnight? Earlier this year, organisations using Anthropic’s Claude Fable 5 and Mythos 5 models were forced to answer exactly that question. The models, released in early June 2026, were suspended just days after launch following an order from the US government.
The Next Major Telecom Outage May Not Start With the Telecom Provider
With one supplier weakness able to trigger widespread operational disruption, how can firms boost resilience and manage risk? In January, US telecoms giant Verizon suffered a massive outage impacting millions of users. Described by internet monitoring company Cisco ThousandEyes as one of the most significant connectivity interruptions in recent history, the incident was widespread, severe and ongoing, leaving some mobile users’ phones stuck in SOS mode.
The NVD Pullback Should Prompt A Resilience Approach To Vulnerability Management
On 15 April 2026, the National Institute of Standards and Technology (NIST) formally abandoned its longstanding mission to enrich all information about vulnerabilities published to its database. NIST runs the National Vulnerability Database (NVD), which contains information about Common Vulnerabilities and Exposures (CVEs). Each CVE represents a software or hardware vulnerability. CVEs don’t contain much information on their own, which is where NIST came in.
Everything You Need To Know About the Cyber Resilience Act
The European Union’s Cyber Resilience Act (CRA) is the first major regulation to treat cybersecurity as a product safety requirement rather than an organisational governance one. While there are many regulations that focus on how organisations manage cyber risk internally, the CRA takes a different approach. It focuses on the products themselves.
How Ransomware Became a Business Resilience Problem
May was not a good month for Latvian national Deniss Zolotarjovs. The US Department of Justice secured a 102-month sentence against him for his role in Russian ransomware gang Karakurt. The case revealed that members of Karakurt had been using Russian government databases to intimidate corporate victims and screen their own recruits. This criminal network had also disrupted US 911 emergency dispatch services and extracted at least $15 million in ransoms from more than 54 named victim companies.
Cyber-Risk Management Is Fragmented: Here’s How to Fix It
Organisations have long understood the challenge of translating cyber into business risk. The CISO-boardroom communication breakdown is real and well documented. But are there deeper problems? For various reasons, cyber-risk management has grown in size and scope over the years. Today it might span everything from traditional security disciplines to privacy, supply chain risk, legal, AI governance and operational resilience. That inevitably creates data silos, coverage gaps and resilience challenges.