Key Takeaways AI Agents Get Over-Privileged Credentials. Enterprises grant machine identities broad access without applying human-level hygiene like rotation or least privilege. Forrester Predicts a Major Breach by End of...
The U.K. government just published the most uncomfortable benchmark in cybersecurity. The AI Security Institute (AISI), a research arm of the Department for Science, Innovation and Technology, has been tracking...
On May 14, 2026, Microsoft disclosed CVE-2026-42897, an actively exploited critical cross-site scripting vulnerability in Microsoft Exchange Server. CVSS 8.1. Affects Exchange Server 2016, Exchange Server 2019, and Exchange Server...
On April 30, 2026, Progress Software disclosed two vulnerabilities in MOVEit Automation, the workflow and scheduling engine that thousands of organizations use to automate enterprise file transfers. The National Vulnerability...
The Kiteworks Private Data Network delivers a unified and secure system for sharing and transferring PHI that ensures strict compliance with HIPAA and HITECH, mitigates governance gaps, and reduces the risk of...
The Data Policy Engine is the enforcement layer of the Kiteworks secure data exchange platform. It ensures that every piece of sensitive data moving into, out of, or through your organization — whether accessed...
Kiteworks Email Protection Gateway automates email encryption with zero user intervention. Policy-driven security for HIPAA, GDPR, and CMMC compliance.
CPCSC is Canada's mandatory cyber security certification for defence suppliers handling sensitive unclassified government information. Managed by Public Services and Procurement Canada, the program requires certification across three levels: Level 1 (13...
There is no universal AI compliance framework. Every organization deploying AI inherits the regulatory obligations attached to the data it processes — and those obligations vary dramatically by industry, data...
Federal contractors occupy one of the most demanding AI compliance environments in the enterprise market. The regulatory stack they operate under — CMMC 2.0, NIST 800-171, FedRAMP, ITAR, FISMA, and...
Manufacturing sits at a unique intersection in the AI compliance landscape. Defense manufacturers must satisfy CMMC 2.0 and ITAR compliance requirements that apply with full force to AI systems touching...
Enterprise AI is moving fast. Compliance thinking is not keeping pace. Most organizations deploying AI agents today treat compliance as a model problem: review the AI vendor’s certifications, configure a...
Defense contractors are deploying AI agents across proposal development, program documentation, supply chain management, and technical data workflows. Many of these workflows touch controlled unclassified information. That puts them squarely...
Get started.
It’s easy to start ensuring regulatory compliance and effectively managing risk with Kiteworks. Join the thousands of organizations who are confident in how they exchange private data between people, machines, and systems. Get started today.
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
