Governance, Risk & Compliance
SOC 2 vs ISO 27001: Which Certification Do Enterprise Customers Really Care About?
Most enterprise companies don’t consider security certifications part of a long-term strategy. They start when a deal is already at risk. A promising enterprise opportunity is moving forward, stakeholders are aligned, and ...
Magnifica Humanitas – Pope Leo’s Take on Intelligence – Artificial and Otherwise
A comparative analysis of global AI governance strategies (US, EU, UK, China, and others) contrasted against the Vatican's 2026 encyclical Magnifica Humanitas, framing AI as critical decision infrastructure rather than just a ...
The Workforce Identity Crisis: Trust in the Age of Deepfakes
For years, workforce identity was treated as a solved problem. Organizations invested heavily in Zero Trust strategies, deploying single sign-on (SSO), multi-factor authentication (MFA), privileged access management, and passkeys to strengthen security ...
Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys
Senator Bernie Sanders published an op-ed in the New York Times last week demanding that the federal government seize a 50% equity stake ...
The Business Case for Exceeding AML Compliance
Global money laundering is estimated to be between 2% and 5% of the world’s GDP, or roughly $800 billion to $2 trillion every year. Even after years of tighter regulation, these numbers ...
Is It Time For A U.S. Cyber Force?
Is it time to stand up a U.S. Cyber Force as the next armed services branch? Senator Kristen Gillibrand (D-N.Y) thinks so. She is spearheading legislation that would create a Cyber Force ...
5 Steps to Turn Your RMF Backlog Into a Continuous ATO: The CSRMC Migration Playbook
Let's be honest about the legacy Risk Management Framework (RMF): for the last decade, achieving an ATO has been less about actual cybersecurity and more about creative writing. We built three-year "snapshot" ...
Anxious Security Pros Watch as Anthropic, OpenAI Expand Access to Frontier AI Models
Anthropic and OpenAI are expanding the number of organizations that can access their frontier AI models in hopes of expanding advanced cybersecurity tools to protect against the risks they raise, and security ...
How Noncompliance With CMMC Can Lead to Federal Fraud Charges
Cybersecurity Maturity Model Certification (CMMC) noncompliance is drawing heightened scrutiny across the Defense Industrial Base (DIB) as federal agencies intensify enforcement of cybersecurity standards. Security leaders increasingly recognize that failing to meet ...
The Governance Gap Between AI Pilots and Production
Getting an AI pilot to work is no longer the difficult part. Many teams can produce promising results in controlled environments. Problems start once those systems move into production workflows. For security ...
