Tag: business
-
How CISOs can rebuild trust after a security incident
Tags: attack, breach, business, cisco, ciso, cloud, communications, cybersecurity, data, firewall, group, incident response, jobs, linux, mobile, monitoring, risk, security-incident, service, software, strategy, vulnerabilityMaintaining sensitivity in accountability: Cisco’s Lidz emphasizes that transparency does not end at incident resolution.”Being transparent, internally in particular, by making sure stakeholders understand you and your team have learned from the incident, that there are things you would do better not just in terms of protections, but how you respond and react to incidents”…
-
Balancing cloud security with performance and availability
Your business can’t realize the many benefits of cloud computing without ensuring performance and availability in its cloud environments. Let’s look at some … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/18/business-cloud-environments-security/
-
Cybersecurity as a Business Imperative: Embracing a Risk Management Approach
Cybersecurity is much more than just a technical challenge. It’s now a critical business imperative that requires a strategic risk management approach. By integrating cybersecurity into broader risk management frameworks, you can proactively address threats, improve resilience, and align your security efforts with your core business objectives. Shifting your organization’s collective mindset around this concept…
-
Privacy Roundup: Week 7 of Year 2025
Tags: access, antivirus, api, apple, attack, breach, business, cctv, cve, cybersecurity, data, data-breach, detection, email, exploit, firmware, flaw, google, group, law, leak, malware, microsoft, military, network, password, phishing, privacy, router, scam, service, software, technology, threat, tool, update, virus, vpn, vulnerability, windows, zero-dayThis is a news item roundup of privacy or privacy-related news items for 9 FEB 2025 – 15 FEB 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
-
CISO’s Expert Guide To CTEM And Why It Matters
Cyber threats evolve”, has your defense strategy kept up? A new free guide available here explains why Continuous Threat Exposure Management (CTEM) is the smart approach for proactive cybersecurity.This concise report makes a clear business case for why CTEM’s comprehensive approach is the best overall strategy for shoring up a business’s cyber defenses in the…
-
Ransomware gangs extort victims 17 hours after intrusion on average
Tags: access, business, credentials, data, encryption, espionage, exploit, extortion, government, group, healthcare, Intruder, malicious, malware, metric, monitoring, network, ransom, ransomware, service, tactics, technology, theft, threat, tool, vulnerability, zero-dayThe initial point of access for the attackers and the privileges it provided themHow easy it is to reach other network segments and systems from the initially compromised assetWhether access into the environment was resold to a ransomware operator by an initial access brokerWhether the attackers decided to operate only outside the victim’s regular business…
-
How to evaluate and mitigate risks to the global supply chain
Tags: access, business, ceo, ciso, communications, compliance, control, cyberattack, cybersecurity, data, framework, governance, government, intelligence, international, ISO-27001, kaspersky, microsoft, mitigation, monitoring, office, resilience, risk, risk-assessment, risk-management, russia, service, soc, software, supply-chain, technology, threat, tool, update, vulnerabilityMaintain a diversified supply chain: Organizations that source from international technology suppliers need to ensure they are not overly reliant on a single vendor, single region or even a single technology. Maintaining a diversified supply chain can mitigate costly disruptions from a cyberattack or vulnerability involving a key supplier, or from disruptions tied to regulatory…
-
How CISOs can balance security and business agility in the cloud
In this Help Net Security interview, Natalia Belaya, CISO at Cloudera, discusses common misconceptions about cloud security, the balance between protection and business … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/17/natalia-belaya-cloudera-enterprise-cloud-security/
-
Software Bill of Material umsetzen: Die besten SBOM-Tools
Tags: api, business, compliance, container, cyberattack, data, docker, gartner, github, gitlab, healthcare, linux, monitoring, open-source, risk, saas, sbom, service, software, tool, update, vulnerabilityNur wenn Sie wissen, was drinsteckt, können Sie sich sicher sein, dass alles mit rechten Dingen zugeht. Das gilt für Fast Food wie für Software. Um Software abzusichern, muss man wissen, was in ihrem Code steckt. Aus diesem Grund ist eine Software Bill of Material, SBOM oder Software-Stückliste heute unerlässlich. Der SolarWinds-Angriff sowie die Log4j-Schwachstelle…
-
CISOs struggling to balance security, business objectives
Only 14% of security leaders can ‘effectively secure organisational data assets while also enabling the use of data to achieve business objectives’, according to Gartner First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366619373/Gartner-CISOs-struggling-to-balance-security-business-objectives
-
CISO success story: How LA County trains (and retrains) workers to fight phishing
Tags: ai, awareness, breach, business, chatgpt, cio, ciso, cloud, compliance, computing, control, corporate, cybersecurity, data, dos, election, email, endpoint, government, hacker, healthcare, incident response, jobs, law, lessons-learned, malicious, marketplace, network, phishing, privacy, regulation, risk, risk-management, service, software, strategy, supply-chain, tactics, technology, threat, tool, training, vulnerability(The following interview has been edited for clarity and length.)At first glance, LA County’s reporting structure who reports to whom seems, well, fairly complex.We have a federated model: I report to the county CIO. Each department acts as an independent business and has its own department CIO and information security officer. Their job is to…
-
Why Private Equity Is Now Kicking the Tires on Trend Micro
Sluggish Sales Growth and Lower Relevance in Endpoint Could Make Trend Attractive Endpoint security vendors are changing up their ownership or business models as Microsoft and CrowdStrike increasingly blot out the sun in this rapidly consolidating market. Reuters said that Advent International, Bain Capital, EQT AB and KKR have expressed interest in taking Trend Micro…
-
Microsoft GCCH vs. Google Public Sector for CMMC
When it comes to overall productivity platforms, collaboration tools, and office suites, the two biggest options dominating the market are the Google G Suite and Microsoft’s Office ecosystem. Whether it’s word processing, team collaboration, IT frameworks, device management, or the entire infrastructure of a business, there’s a pretty good chance one of these two options……
-
Aggressive deregulation creates risky business environment
Through DOGE, President Donald Trump is cutting work and funding to federal agencies to overhaul business rules and regulations in the U.S. First seen on techtarget.com Jump to article: www.techtarget.com/searchcio/news/366619263/Aggressive-deregulation-creates-risky-business-environment
-
What is anomaly detection? Behavior-based analysis for cyber threats
a priori the bad thing that you’re looking for,” Bruce Potter, CEO and founder of Turngate, tells CSO. “It’ll just show up because it doesn’t look like anything else or doesn’t look like it’s supposed to. People have been tilting at that windmill for a long time, since the 1980s, trying to figure out what…
-
Die besten IAM-Tools
Tags: access, ai, api, authentication, automation, business, ciso, cloud, compliance, endpoint, gartner, governance, iam, identity, infrastructure, login, mfa, microsoft, okta, password, risk, saas, service, tool, windows, zero-trustIdentity & Access Management ist für sicherheitsbewusste Unternehmen im Zero-Trust-Zeitalter Pflicht. Das sind die besten IAM-Anbieter und -Tools.Identität wird zum neuen Perimeter: Unternehmen verlassen sich immer seltener auf die traditionelle Perimeter-Verteidigung und forcieren den Umstieg auf Zero-Trust-Umgebungen. Sicherer Zugriff und Identity Management bilden die Grundlage jeder Cybersicherheitsstrategie. Gleichzeitig sorgt die Art und Weise, wie sich…
-
From Reactive to Predictive: Building Cyber Resilience for 2025
When you’re resilient to something, you don’t just endure; you adapt, recover, and emerge stronger. This idea is what should motivate companies to focus more on cyber resilience. It’s not enough to simply weather the storm of a cyberattack; true resilience means predicting the storm’s arrival, minimizing its impact, and ensuring business operations bounce back…
-
Palo Alto Networks Seeing ‘Very Large’ Wins After IBM QRadar Deal: CEO Nikesh Arora
Palo Alto Networks has had a “spectacular” partnership with IBM following the cybersecurity vendor’s acquisition of the IBM QRadar SaaS business, which has helped to deliver on the goal of driving customers to the company’s XSIAM security operations platform, Palo Alto Networks CEO Nikesh Arora told analysts during the company’s quarterly call Thursday. First seen…
-
North Korean APT43 Uses PowerShell and Dropbox in Targeted South Korea Cyberattacks
Tags: attack, business, crypto, cyberattack, government, group, hacking, korea, north-korea, powershell, threatA nation-state threat actor with ties to North Korea has been linked to an ongoing campaign targeting South Korean business, government, and cryptocurrency sectors.The attack campaign, dubbed DEEP#DRIVE by Securonix, has been attributed to a hacking group known as Kimsuky, which is also tracked under the names APT43, Black Banshee, Emerald Sleet, Sparkling Pisces, Springtail,…
-
CISOs lavieren zwischen Datenschutz und Business-Support
Gar nicht so einfach, die richtige Balance zwischen Datenschutz und Business-Support zu finden.Die wenigsten Führungskräfte im Bereich Security & Risk Management (SRM) schaffen eine ausgewogene Balance zwischen Datenschutz und Business-Unterstützung. Das hat eine Umfrage von Gartner ergeben. Demzufolge priorisieren 35 Prozent der Befragten den Schutz von Datenbeständen, während gut jeder fünfte (21 Prozent) seinen Fokus…
-
Most Security Leaders Cannot Balance Data Security, Business Goals
The analyst firm recommends defining security and governance processes while reducing friction for business stakeholders. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/gartner-most-security-leaders-cannot-balance-data-security-business-goals
-
Jeder fünfte CISO vertuscht Compliance-Probleme
Compliance-Verfehlungen unter den Teppich zu kehren, sollte sich für CISOs falsch anfühlen.CISOs befinden sich zunehmend in der Zwickmühle, wenn es darum geht, eine gesunde Balance zwischen Loyalität zu ihrer Organisation und ihren rechtlichen Verantwortlichkeiten zu finden. Zumindest legt das eine aktuelle Studie des Sicherheitsanbieter Splunk nahe, in deren Rahmen 600 CISOs weltweit befragt wurden. Demnach:geben…
-
Beyond the paycheck: What cybersecurity professionals really want
Tags: business, ceo, corporate, cyber, cybersecurity, data, india, jobs, regulation, risk, risk-management, service, skills, strategy, trainingInvest in skills and allow room for growth: Upskilling also remains a powerful retention tool. As Huber points out, Tenable invests in training entire teams on emerging technologies and capabilities, ensuring that employees feel equipped and valued.Similarly, KPMG has implemented targeted programs to support diversity and career progression within cybersecurity. The firm’s Cyber Women Leads…
-
Data Leaks Happen Most Often in These States, Here’s Why
State-led data privacy laws and commitment to enforcement play a major factor in shoring up business data security, an analysis shows. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/business-cybersecurity-weakest-states
-
Altman Rejects Musk’s $97.4B Offer for OpenAI
Offer Comes Amid Legal Battle Between the Former OpenAI Co-Founders. Elon Musk has reportedly offered to buy OpenAI’s operating assets for $97.4 billion, escalating his legal and business battle with the artificial intelligence company’s CEO Sam Altman. Altman dismissed the offer and said he will buy Twitter for $9.74 billion – if Musk is interested.…
-
CSO Award and Hall of Fame Nominations Open Now
Industry-Wide Recognition Winning a CSO Award affirms your organization’s commitment to excellence in cybersecurity and highlights your team’s success in tackling today’s biggest security challenges.Elite Networking The CSO Conference brings together top security leaders, industry experts, and academics worldwide. By attending, you’ll engage with peers, exchange ideas, and gain firsthand knowledge of emerging trends and…
-
4 Ways to Keep MFA From Becoming too Much of a Good Thing
Multi-factor authentication (MFA) has quickly become the standard for securing business accounts. Once a niche security measure, adoption is on the rise across industries. But while it’s undeniably effective at keeping bad actors out, the implementation of MFA solutions can be a tangled mess of competing designs and ideas. For businesses and employees, the reality…