Tag: cio
-
Ten years later, has the GDPR fulfilled its purpose?
Tags: access, ai, breach, business, china, cio, compliance, data, data-breach, dora, finance, flaw, framework, GDPR, governance, government, international, jobs, law, mobile, office, privacy, regulation, risk, service, technology, tool, trainingFernando Maldonado, technology advisor at Foundry. MuleSoft. Gray areas remain: Still, if anything has been demonstrated in the decade since its entry into force, it’s that the GDPR still has a long way to go.Miguel Recio, president of APEP.IA (Spanish Professional Association for Privacy), argues that some of the limitations that have been exposed about the…
-
The fake IT worker problem CISOs can’t ignore
Tags: access, ai, breach, business, captcha, cio, ciso, compliance, computer, control, credentials, crowdstrike, data, detection, edr, endpoint, fedramp, fraud, gartner, iam, identity, jobs, linkedin, mitigation, monitoring, network, north-korea, office, phone, risk, skills, tool, training, zero-trustWhat to do if you suspect a fake IT worker: When a CIO suspects a fake IT worker, next steps are important as the issue shifts from recruitment to insider risk management.During his time at MongoDB, George Gerchow, IANS faculty advisor and Bedrock Data CSO, oversaw the investigation after the company detected it had unknowingly…
-
A Tale of Two States: The 2026 Cybersecurity Paradox
The cyber threat outlooks from CIOs and CISOs at the NASCIO Midyear Conference in Philadelphia ranged from the good to the bad to the ugly, with AI front and center. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/05/a-tale-of-two-states-the-2026-cybersecurity-paradox/
-
AI Governance Moves From Theory to Practice
CIOs Face Growing Pressure on Risk, Data and Board Reporting. As AI moves deeper into enterprise operations, CIOs are being pushed to turn governance principles into practical controls, board reporting and risk oversight, according to a survey by The Conference Board’s Governance and Sustainability Center. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ai-governance-moves-from-theory-to-practice-a-31534
-
AI Governance Moves From Theory to Practice
CIOs Face Growing Pressure on Risk, Data and Board Reporting. As AI moves deeper into enterprise operations, CIOs are being pushed to turn governance principles into practical controls, board reporting and risk oversight, according to a survey by The Conference Board’s Governance and Sustainability Center. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ai-governance-moves-from-theory-to-practice-a-31534
-
AI Governance Moves From Theory to Practice
CIOs Face Growing Pressure on Risk, Data and Board Reporting. As AI moves deeper into enterprise operations, CIOs are being pushed to turn governance principles into practical controls, board reporting and risk oversight, according to a survey by The Conference Board’s Governance and Sustainability Center. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ai-governance-moves-from-theory-to-practice-a-31534
-
Federal CIO cautious on Anthropic’s Mythos despite planned rollout
Greg Barbaccia told CyberScoop that Anthropic’s Mythos shows real promise for federal cyber defense, but warns that laboratory results and live network conditions are two very different things. First seen on cyberscoop.com Jump to article: cyberscoop.com/anthropic-mythos-federal-cybersecurity-evaluation-greg-barbaccia/
-
ESicherheit: Schutz erhöhen interne IT entlasten
E-Mail-Sicherheit für Unternehmen: Weniger Phishing, weniger interne Tickets, mehr Kontrolle. E-Mails zählen zu den wichtigsten Angriffswegen für Cyberkriminelle. Für IT-Leiter und CIOs steht viel auf dem Spiel: Phishing, Schadsoftware und schädliche Anhänge bedrohen den Betrieb, binden Ressourcen und erhöhen das Risiko für Ausfälle. In vielen Unternehmen zeigt sich dasselbe Bild. Die bestehende E-Mail-Sicherheit ist… First…
-
New US House privacy bills raise hard questions about enterprise data collection
Tags: access, ai, awareness, banking, business, cio, ciso, compliance, credentials, data, finance, framework, governance, group, identity, insurance, Internet, jobs, law, privacy, regulation, risk, service, strategy, supply-chainWhere privacy law overlaps with AI governance: The SECURE Data Act does not contain broad, standalone AI governance rules, but it still touches AI in meaningful ways.The bill includes opt-outs for fully automated profiling used for decisions with legal or similarly significant effects. That language can clearly implicate some uses of AI, particularly in hiring,…
-
The curious case of Sean Plankey’s derailed CISA nomination
Questions over who wanted Plankey blocked: On March 3, Ana Visneski, a former head of global disaster response at Amazon Web Services and former chief of digital media for the US Coast Guard, posted on Bluesky that she was “hearing from multiple sources” that Plankey “has been fired and escorted out of Coast Guard HQ…
-
CIOs fret over rising security concerns amid AI adoption
AI is emerging as a critical tool and a growing threat as CIOs struggle to balance innovation with risk, according to a new report. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/AI-security-concerns-CIO-logicalis/817705/
-
The endless CISO reporting line debate, and what it says about cybersecurity leadership
Tags: access, business, ceo, cio, ciso, cloud, control, corporate, cyber, cybersecurity, firewall, governance, infrastructure, jobs, monitoring, network, resilience, risk, strategy, technology, vulnerabilityThe governance gap behind the debate: The persistence of this debate reflects a broader governance gap.Historically, information security emerged as a technical discipline embedded within IT departments. Early security teams focused primarily on protecting infrastructure: Firewalls, access controls, network monitoring and vulnerability management. In that environment, it was natural for the security function to sit…
-
Claude Mythos Could Flood Vendors With Fixes They Deferred
Ex-Microsoft CIO: Mythos Could Surface Known Flaws Faster Than Vendors Can Fix Them. Former Microsoft CIO Jim DuBois and IDC’s Frank Dickson say Claude Mythos Preview could rapidly surface long-known but unfixed software flaws at scale, forcing vendors and enterprises to strengthen patch validation, orchestration and deployment before attackers exploit the backlog. First seen on…
-
Project Glasswing Just Made Your Security Playbook Obsolete
Anthropic’s AI Model Exposes How Unprepared Enterprises Are to Respond. Anthropic’s announcement this week of Claude Mythos Preview frontier model capable of finding zero-days flaws humans may miss is both a warning and a call to action for CIOs: The way enterprises have been managing cybersecurity is about to change forever, and they need to…
-
TDL 019 – The Psychology Behind a Cyber Breach and the Leaders Who Survive It – Nim Nadarajah
Tags: access, ai, apple, automation, breach, business, cctv, ceo, cio, ciso, cloud, computing, conference, control, corporate, crowdstrike, cve, cyber, cyberattack, cybersecurity, data, dns, edr, email, finance, firewall, governance, group, healthcare, incident, incident response, infrastructure, injection, insurance, Internet, jobs, law, LLM, metric, microsoft, msp, network, office, powershell, privacy, programming, psychology, risk, saas, service, siem, soar, soc, software, startup, strategy, supply-chain, switch, technology, threat, tool, training, usa, vulnerability, windows, zero-trustLeading Through the Cyber Abyss In Episode 019 of The Defender’s Log, host David Redekop sits down with Nim Nadarajah, CISO and Managing Partner of Critical Matrix, to explore the evolving landscape of cybersecurity leadership. From the “annual pilgrimage” of RSAC 2026 to the front lines of incident response, the conversation shifts from technical bits…
-
TDL 019 – The Psychology Behind a Cyber Breach and the Leaders Who Survive It – Nim Nadarajah
Tags: access, ai, apple, automation, breach, business, cctv, ceo, cio, ciso, cloud, computing, conference, control, corporate, crowdstrike, cve, cyber, cyberattack, cybersecurity, data, dns, edr, email, finance, firewall, governance, group, healthcare, incident, incident response, infrastructure, injection, insurance, Internet, jobs, law, LLM, metric, microsoft, msp, network, office, powershell, privacy, programming, psychology, risk, saas, service, siem, soar, soc, software, startup, strategy, supply-chain, switch, technology, threat, tool, training, usa, vulnerability, windows, zero-trustLeading Through the Cyber Abyss In Episode 019 of The Defender’s Log, host David Redekop sits down with Nim Nadarajah, CISO and Managing Partner of Critical Matrix, to explore the evolving landscape of cybersecurity leadership. From the “annual pilgrimage” of RSAC 2026 to the front lines of incident response, the conversation shifts from technical bits…
-
Who Controls AI on Battlefields – the Military or the Model?
Former DoD CIO Beavers on Ethics, Reliability and AI as a National Security Tool. As AI is increasingly used in defense operations, a critical question emerges: Who controls the system – the military or the model? Former DoD CIO Leslie Beavers explores challenges related to ethics and reliability, vendor risk, and autonomy as AI tools…
-
Questions raised about how LinkedIn uses the petabytes of data it collects
CSOonline. “We do disclose that we scan for browser extensions in our privacy policy, in order to detect abuse and provide defense for site stability.” When asked whether it uses that data solely to do those things, LinkedIn did not reply. The key person behind the allegations calls himself Steven Morrell (not his legal name, which…
-
AI Is Accelerating Cyberattacks Faster Than Defenses
Okta’s Brett Winterford on Identity Threats and Agentic AI Risks. AI is accelerating cyberattacks, collapsing timelines and exposing new identity risks. Okta’s Brett Winterford explains how attackers are using AI to scale phishing, exploit credentials and infiltrate enterprises – and what CIOs must do to defend against this rapidly evolving threat landscape. First seen on…
-
The zero-day timeline just collapsed. Here’s what security leaders do next
Tags: access, ai, api, attack, authentication, breach, cio, ciso, control, cyber, cybersecurity, data, data-breach, defense, endpoint, exploit, google, Internet, Intruder, leak, least-privilege, open-source, penetration-testing, resilience, service, strategy, tactics, update, vulnerability, zero-dayScaling vulnerability discovery to machine speed: Agentic AI is AI that can act, not just advise. Give it an objective, and it will plan steps, run them, learn from what happens and adjust until it succeeds or hits a hard stop. In cybersecurity, that looks like an automated operator. It can probe an application, test…
-
What Happens When Data Centers Become Military Targets?
It’s Time for CIOs to Rethink Business Continuity Plans and Cloud Resources The targeting of commercial cloud data centers in the Middle East marks a turning point for CIOs and enterprise leaders. Geopolitics and military conflicts are definite threats to vital technology infrastructure. The question is: How well-prepared and resilient is your enterprise? First seen…
-
Pentagon Commits to Reform of Cyber Talent Management System
Panel Calls for Modernization of Recruiting Processes for About 225,000 Cyber Jobs. The Pentagon’s years-long cyber workforce overhaul needs a Department of Defense-wide talent management system to ensure interoperability and consistency across the entire DoD enterprise, said the CIOs of four military services at a panel last week. First seen on govinfosecurity.com Jump to article:…
-
6 key takeaways from RSA Conference 2026
Tags: ai, api, attack, ceo, cio, ciso, compliance, conference, control, cyber, cybersecurity, data, framework, google, governance, government, identity, infrastructure, injection, intelligence, jobs, LLM, office, RedTeam, regulation, risk, saas, service, technology, threat, tool, trainingSecuring the AI stack: Yes, but the threat surface has grown: The first technical priority I offered for CISOs in my conference preview was securing the AI stack, RAG workflows, LLM data pipelines, vector databases, and model APIs, on the basis that prompt injection, training data poisoning, and model inversion attacks were no longer theoretical.The…
-
Why Misaligned Incentives Are the CISO’s Biggest Problem
Jim DuBois, Former Microsoft CIO and CISO, on Incentives, AI and Cyber’s Future. As AI reshapes cybersecurity, aligning security and innovation teams is more critical than ever. Former Microsoft CIO and CISO Jim DuBois says misaligned incentives create conflict, and fixing that is what lets organizations move fast without compromising security. First seen on govinfosecurity.com…
-
Netenrich Launches Cyber Risk Operations to Replace Alert-Centric Security Models
Netenrich launched Cyber Risk Operations at RSAC 2026 Monday, a new operating model powered by its Resolution Intelligence Cloud platform that aims to move enterprise security from reactive alert management toward continuous validation of control effectiveness. The offering targets CIOs, CTOs, and CISOs who are jointly accountable for enterprise security posture. Netenrich’s central argument is..…
-
Netenrich Launches Cyber Risk Operations to Replace Alert-Centric Security Models
Netenrich launched Cyber Risk Operations at RSAC 2026 Monday, a new operating model powered by its Resolution Intelligence Cloud platform that aims to move enterprise security from reactive alert management toward continuous validation of control effectiveness. The offering targets CIOs, CTOs, and CISOs who are jointly accountable for enterprise security posture. Netenrich’s central argument is..…
-
Inside the Growing ‘Cyber Invasion’ Targeting the US
Former DoD CIO Leslie Beavers on Nation-State Attacks and Defense. Leslie Beavers, retired brigadier general and former acting CIO and principal deputy CIO of the Department of Defense, said the United States is already experiencing a cyber invasion, driven by coordinated activity from adversaries including Iran, China, Russia and North Korea. First seen on govinfosecurity.com…
-
How Dell Is Building the Secure Agentic Enterprise
Dell’s AI Blueprint for Identity, Agents and Agentic Infrastructure. Going all-in on AI with a top down strategy and a ravenous appetite for innovation has helped Dell transform its operations and grow revenue by $30 billion, and the company’s evolution lays out a blueprint for how CIOs should think about building infrastructure for AI and…