Blog

Cynomi Cinches $37M for Its AI-based ‘virtual CISO’ for SMB Cybersecurity

By / Blog / , ,

Cynomi raises $37M for its AI-driven virtual CISO targeting SMB cybersecurity amid rising attacks. Co-led by Insight Partners and Entrée Capital, the funding positions Cynomi as a market leader with a valuation over $140M. The company offers automated security management services via third-party resellers, aiming to fill a gap for budget-constrained SMBs. CEO David Primor emphasizes that the virtual CISO can perform various security tasks efficiently, tripling annual revenue recently. Funds will support R&D to expand cybersecurity solutions, as the industry lacks a comprehensive operating system.

https://techcrunch.com/2025/04/23/cynomi-cinches-37m-for-its-ai-based-virtual-ciso-for-smb-cybersecurity/

CIOs Increasingly Dump In-house POCs for Commercial AI

By / Blog /

CIOs are shifting from in-house AI proof-of-concept (POC) projects to commercial AI solutions due to high failure rates of internal efforts and low returns. A Gartner survey revealed that the percentage of companies creating their own AI tools dropped from 50% to 20% in just a year. Many organizations are overwhelmed by the demands of building AI systems, often lacking the necessary expertise and resources. The trend is now towards smaller, niche applications of AI, utilizing proprietary data to derive greater value, while software vendors increasingly promote their AI offerings.

https://www.cio.com/article/3965387/cios-increasingly-dump-in-house-pocs-for-commercial-ai.html

Latest PCI DSS Standards: Use Third Parties

By / Blog /

PCI DSS 4.0 allows merchants to use third-party services but holds them fully responsible for any security risks. Effective March 31, 2025, this standard mandates rigorous evaluations of third-party vendors and regular compliance checks. Merchants must implement controls like network segmentation and encryption to mitigate risks but ultimately cannot outsource liability for data breaches. The choice remains: outsource with due diligence or manage security in-house.

https://www.tripwire.com/state-of-security/latest-pci-dss-standards-use-third-parties-your-own-risk

The PCI DSS Reset: a Guide to Embracing Version 4.0

By / Blog /

PCI DSS 4.0 Compliance Guide: Integral for developers integrating payment systems; security protocols evolved from PCI DSS 3.2.1. Key requirements (6.4.3, 11.6.1) focus on authorization, verification of client-side scripts due to rising attacks. Security must be embedded from development's start to prevent vulnerabilities; managing script dependencies and real-time monitoring is essential for protecting payment data and ensuring compliance.

https://www.devprojournal.com/technology-trends/payment-processing/the-pci-dss-reset-a-guide-to-embracing-version-4-0/

From Copilot to Agent

By / Blog / ,

CISOs must prepare for the rise of agentic AI, marking a significant evolution from previous AI models. While security copilots enhanced workflows, agentic AI introduces autonomy, enabling complex tasks and real-time threat responses. It poses both opportunities—like improving SOC efficiency and automating help desk operations—and challenges, including governance and trust issues. Although promising, widespread adoption of agentic AI is cautious, with many security leaders highlighting that it currently struggles to outperform traditional solutions. The technology's potential remains significant as it develops.

https://www.cio.com/article/3965370/from-copilot-to-agent-ai-is-growing-up-and-cisos-need-to-be-ready.html

The European Commission’s Template on Training Data Transparency: First Guidelines for the AI Act

By / Blog / , ,

The European Commission's guidelines for the AI Act mandate transparency in training data for general-purpose AI models, requiring public summaries detailing the data used. This has sparked debate over what constitutes “sufficiently detailed” information, balancing rights holders' needs for access against providers' interests in protecting strategic assets. A template to aid in compliance was released in January 2025, structured into sections covering model details, data sources, and processing aspects, with final guidelines expected by mid-2025. Legal disputes will ultimately shape the regulation's implementation and future AI standards globally.

https://www.advant-nctm.com/en/news/the-european-commissions-template-on-training-data-transparency-first-guidelines-for-the-ai-act

EU Pledged to Improve GDPR Cooperation

By / Blog /

EU's attempt to improve GDPR cooperation has backfired, creating a more complex and ineffective enforcement system for data protection. The proposed “GDPR Procedural Regulation” complicates processes, leading to slower resolutions and more legal challenges. Critics highlight a lack of proper impact assessment and procedural expertise, resulting in poor lawmaking that undermines citizens' rights and increases burdens on authorities and businesses alike. Overall, the legislative effort appears to further entrench inefficiencies rather than streamline GDPR enforcement.

https://noyb.eu/en/eu-pledged-improve-gdpr-cooperation-and-made-it-worse

EU NIS2 Implementation: Mind the Growing Compliance Gap

By / Blog / , ,

EU Member States faced a compliance gap in implementing NIS2, with only 11 states having passed legislation by the October 2024 deadline. New laws surfaced in Finland and Malta, while Denmark plans to introduce legislation by April, effective July 2025. Early adopters like Belgium and Hungary are ahead in compliance, leaving multinational organizations to navigate varied progress across jurisdictions.

https://connectontech.bakermckenzie.com/eu-nis2-implementation-mind-the-growing-compliance-gap/#page=1

No AI Agents Are Allowed.’ EU Bans Use of AI Assistants in Virtual Meetings

By / Blog / , ,

EU bans AI assistants in online meetings due to security concerns. The rule was made during a recent European Commission presentation, marking the first official ban on AI agents, which automate tasks during virtual conferences. Potential risks arise from AI agents' unpredictable behavior and user awareness issues, leading to heightened caution in their deployment among tech companies.

https://www.techrepublic.com/article/news-eu-bans-ai-assistants-virtual-meetings/

Scroll to Top