%term

CMMC Requirements for AI Systems: What Assessors Actually Look For

Apr 3, 2026 By Josh Rector In Teleport

Josh Rector is the Compliance Director, Public Sector at Ace of Cloud, a security and compliance consulting firm, certified CMMC Third-Party Assessor Organization (C3PAO), and Registered Provider Organization (RPO). With more than a decade of experience in cybersecurity compliance, he has worked both sides of the assessment table, leading internal and external assessments, serving as ISSO for systems at federal agencies, and guiding cloud service providers through the FedRAMP authorization process.

Read Post

Teleport

Read more about CMMC Requirements for AI Systems: What Assessors Actually Look For

What Is ISO 42001 and How Does It Relate to ISO 27001?

Apr 3, 2026 By Max Aulakh In Ignyte

Depending on the field in which you work, you’ve almost definitely encountered an ISO standard. While these might not seem like they have much to do with one another, the chain that binds them all together is ISO itself. ISO, the International Organization for Standardization, and the 800+ committees that serve as expert boards in different fields, develop international standards to which businesses and organizations can be held.

Read Post

Ignyte

Read more about What Is ISO 42001 and How Does It Relate to ISO 27001?

The AI Compliance Gap No One's Talking About (ISO, NIST, EU AI Act)

Apr 2, 2026 By Mend In Mend

Mend.io, formerly known as Whitesource, has over a decade of experience helping global organizations build world-class AppSec programs that reduce risk and accelerate development -– using tools built into the technologies that software and security teams already love. Our automated technology protects organizations from supply chain and malicious package attacks, vulnerabilities in open source and custom code, and open-source license risks.

View Video

Mend

Read more about The AI Compliance Gap No One's Talking About (ISO, NIST, EU AI Act)

Build for Tomorrow, Today: Deploying Agentic AI Under EU and UK Regulations

Apr 2, 2026 By Ben Hanson In Zenity

Organisations deploying agents face a challenge: the predominant AI frameworks most organisations rely on do not explicitly address agentic AI. This is true for the big three: ISO 42001, NIST's AI Risk Management Framework (RMF), and the EU AI Act.

Read Post

Zenity

Read more about Build for Tomorrow, Today: Deploying Agentic AI Under EU and UK Regulations

Proven incident response and business continuity strategy

Apr 1, 2026 By Shweta Dhole In TrustCloud

From cybersecurity breaches to natural disasters, disruptive events can occur suddenly and without warning. As a result, it is crucial for organizations to develop resilient plans that not only respond to incidents in real time but also ensure long-term operational survivability. This article examines the concepts of incident response and business continuity, exploring their differences and similarities while offering practical strategies to integrate them into a cohesive operational plan.

Read Post

TrustCloud

Read more about Proven incident response and business continuity strategy

The Ultimate Guide to CPS 234 Requirements

Apr 1, 2026 By Ephrim Holyson In Astra

TLDR; As compliance requirements tighten globally, Australia has taken a decisive step with the introduction of Prudential Standard CPS 234 Information Security, setting a clear baseline for how financial institutions must protect themselves and the people who trust them. Australia’s financial services sector remains one of the most targeted in the world, with high-profile breaches exposing millions of records.

Read Post

Astra

Read more about The Ultimate Guide to CPS 234 Requirements

SOC 2 Type 1 vs Type 2: What Security Leaders Need to Know About Audit Readiness

Apr 1, 2026 By SecuritySenses In SecuritySenses

Security and compliance teams don't spend much time debating definitions. They focus on whether controls actually work in practice. That's why understanding the difference between SOC 2 Type 1 and Type 2 matters. The choice affects how controls are designed, how they are tested, and how customers evaluate your security posture. At a high level, Type 1 evaluates whether controls are properly designed at a specific point in time. Type 2 evaluates whether those controls operate effectively over a defined period, typically three to twelve months.

Read Post

SecuritySenses

Read more about SOC 2 Type 1 vs Type 2: What Security Leaders Need to Know About Audit Readiness

The UK's Cyber Action Plan marks the end of compliance-led security

Mar 31, 2026 By Dan Jones, Senior Security Advisor EMEA In Tanium

The UK government's new £210 million Cyber Action Plan signals an important shift in how cyber risk is being addressed at a national level. Designed to strengthen cyber defences across government departments and the wider public sector, the plan establishes a new Cyber Unit and introduces stronger expectations around resilience, accountability and operational capability.

Read Post

Tanium

Read more about The UK's Cyber Action Plan marks the end of compliance-led security

The 4 best Trust Center products for 2026

Mar 31, 2026 By Vanta In Vanta

Accelerating security solutions for small businesses‍ Tagore offers strategic services to small businesses. A partnership that can scale‍ Tagore prioritized finding a managed compliance partner with an established product, dedicated support team, and rapid release rate. Standing out from competitors‍ Tagore's partnership with Vanta enhances its strategic focus and deepens client value, creating differentiation in a competitive market.

Read Post

Vanta

Read more about The 4 best Trust Center products for 2026

How LevelBlue's FedRAMP Authorization Removes the Burden of CMMC Federal Compliance from Clients

Mar 30, 2026 By LevelBlue In LevelBlue

Navigating the labyrinth of the U.S. federal procurement system, especially for Defense Industrial Base (DIB) companies, can be challenging, particularly when trying to meet stringent cybersecurity compliance standards like the Cybersecurity Maturity Model Certification (CMMC).

Read Post