ISMS.online Blog
Keeping you up-to-date on the world of information security and compliance.
The EU AI Act deadline for mandatory compliance for high-risk AI of August 2nd, 2026, has been postponed. Measures in the newly passed EU Digital Omnibus on AI delay certain requirements until 2 De...
The cybersecurity industry may have just had its “ChatGPT moment”. Unveiled in early April, Anthropic’s new Claude Mythos Preview model has apparen...
Organisations have spent years focusing on securing themselves. But as the Cyber Resilience Act (CRA) looms, the spotlight is shifting to the produ...
Catch up with the stories that have caught our eye this month
What does the 700Credit breach show about the financial data system and supply chain risks, and what lessons can be learned? By Kate O’Flaherty In ...
Organizations fret about security and privacy risk. And more recently, they’ve paid attention to AI risk. But how often do they think of all ...
The GDPR was always meant to be vague. By not listing prescriptive technical controls – as, for example, PCI DSS does – the regulation does a bette...
After ShinyHunters hacking collective took advantage of “overly permissive” Salesforce guest user configurations to access data from up to 400 orga...
Artificial systems that can think and make decisions with little human input show both incredible promise – and concern – for cybersecu...
Many of the final provisions of the EU AI Act are set to come into effect in 2026. On August 2nd, the majority of the EU AI Act will apply to opera...
Ransomware group Everest’s claims it breached Atlas Air and its supplier Tsunami Tsolutions show how modern ransomware attacks are exploiting suppl...
Customers, boards and regulators are all in agreement. If cybersecurity breaches are impossible to prevent 100% of the time, the focus must be on i...
Get a monthly round-up of all the information, privacy and cyber security news direct to your inbox.
The Trump administration’s release of a National AI Policy Framework in March strives to replace a tangle of state-level rules with a single ...
Threat actors are nothing if not resourceful. When they find that a particular pathway is blocked, they don’t give up. Instead, they simply search ...
When the UK introduced the Data Use and Access Act (DUAA), much of the early commentary focused on the divergence it introduced. Was this a softeni...
The EU AI Act deadline for mandatory compliance for high-risk AI of August 2nd, 2026, has been postponed. Measures in the newly passed EU Digital O...
The cybersecurity industry may have just had its “ChatGPT moment”. Unveiled in early April, Anthropic’s new Claude Mythos Preview model has apparen...
Organisations have spent years focusing on securing themselves. But as the Cyber Resilience Act (CRA) looms, the spotlight is shifting to the produ...
As worst-case scenarios go, they don’t get much worse than a company-wide wipe of all connected devices. Yet that’s the reality that US medtech fir...
Operational shutdown is the last thing any business wants, but it is a very real risk during a ransomware attack. This is a lesson US payment gatew...
The EU AI Act’s high-risk rules are legally slated for August 2026, but proposed amendments could push them to late 2027. For the unprepared, this ...
The new European Union Aviation Safety Agency’s Part-IS rules have come into place, expanding cybersecurity obligations across the civil avia...
We’re delighted to share that ISMS.online (IO) has been named a Leader in the G2 Grid® Reports for Spring 2026. We achieved ten badges in the Sprin...
As we enter Neurodiversity Celebration Week it is important that we consider why this week matters. For many people, it is an opportunity to spread...
Company number: 04922343
Nile House, Nile Street, Brighton, England, BN1 1HW
