compliance

The leading email security and human-centric cybersecurity company, protecting organizations from phishing, business email compromise, and data loss through email, cloud, and security awareness solutions.

A practical guide to data security posture management, automated data classification, data loss prevention, and navigating the proliferating landscape of privacy regulations across US states, the EU, and beyond.

A comprehensive guide to managing cybersecurity risks from vendors, suppliers, and service providers, covering assessment frameworks, continuous monitoring, regulatory requirements, and incident response for third-party breaches.

The EU AI Act is the world's first comprehensive AI regulation. This guide covers the risk-based classification system, compliance obligations by AI system category, enforcement timelines, and practical steps for organizations deploying AI in the EU.

HITRUST CSF provides a certifiable security framework that harmonizes over 60 regulations including HIPAA, NIST, and ISO 27001. The framework offers three assessment types (e1, i1, r2) for organizations handling healthcare and sensitive data.

The European Union's AI Act marks one year of prohibited AI enforcement on February 2, 2026, triggering Article 112's mandated Commission review. High-risk AI rules take effect August 2027.

The NIS2 Directive required EU member state transposition by October 2024, but most states missed the deadline. Germany enacted its law in December 2025. Full compliance landscape overview.

New additions include CVE-2026-21509 actively exploited by APT28, a Linux kernel flaw from 2018, and SmarterMail vulnerabilities. Federal agencies face February 16 remediation deadline.

The National Cybersecurity Alliance kicks off Data Privacy Week from January 26-30, focusing on empowering individuals and organizations to manage personal information amid growing AI and privacy law concerns.

The Securities and Exchange Commission files charges against a publicly traded firm for materially understating the scope and impact of a 2025 data breach, signaling aggressive enforcement of cyber disclosure rules adopted in December 2023.

Complete guide to PCI DSS 4.0 requirements, key changes from 3.2.1, and timeline for compliance with the new payment card security standard.

A comprehensive checklist for preparing your organization for a SOC 2 Type II audit, covering all five Trust Service Criteria.

Pioneer of cloud-based vulnerability management. Provides VMDR, cloud security, web application scanning, and enterprise risk management through a unified SaaS platform.