All Articles
-
Vendor Risk Management When Adopting AI Tools
A practical framework for CISOs evaluating AI tool vendors: data residency requirements, model security considerations, and the contractual controls that protect your organization.
briefing -
DORA: ICT Risk Management Requirements for Financial Entities
A CISO's guide to the Digital Operational Resilience Act -- what financial institutions must implement, how DORA interacts with NIS2, and the oversight regime for critical third-party providers.
regulatory-update -
SEC Cybersecurity Disclosure Rules: What CISOs Must Know in 2026
Material incident reporting timelines, annual cybersecurity disclosures, and the CISO's role in SEC compliance -- including personal liability considerations for public company security leaders.
regulatory-update