Tag: ciso
-
15 years in, zero trust remains elusive, with AI rising to complicate the challenge
Legacy systems that weren’t designed for zero trust principles,Fragmented identity and access tools that make unified enforcement difficult, andCultural and organizational resistance to changing long-standing trust models.Kyle Wickert, field CTO at AlgoSec, says zero trust remains one of the most misunderstood transformations in cybersecurity.”Many organizations still hesitate to pursue it because they associate zero trust…
-
What security leaders should watch for when companies buy or sell a business
In this Help Net Security video, Lane Sullivan SVP, CISO and Strategy Officer at Concentric AI, explains what security leaders should think about during mergers, acquisitions, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/05/ma-security-checklist-video/
-
What security leaders should watch for when companies buy or sell a business
In this Help Net Security video, Lane Sullivan SVP, CISO and Strategy Officer at Concentric AI, explains what security leaders should think about during mergers, acquisitions, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/05/ma-security-checklist-video/
-
What security leaders should watch for when companies buy or sell a business
In this Help Net Security video, Lane Sullivan SVP, CISO and Strategy Officer at Concentric AI, explains what security leaders should think about during mergers, acquisitions, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/05/ma-security-checklist-video/
-
Das CISO-Paradoxon: Innovation ermöglichen und Risiken managen
Tags: ai, api, authentication, ciso, cyberattack, edr, encryption, firewall, governance, infrastructure, least-privilege, risk, siem, soc, update, vulnerability, waf, zero-dayCISOs sollten eng mit anderen Teams zusammenarbeiten.Eine der Hauptaufgaben von CISOs besteht darin, nicht mehr die ‘Abteilung des Neins” zu sein. Sie müssen Wege finden, die schnelle Bereitstellung von Produkten und Dienstleistungen für das Unternehmen zu ermöglichen, ohne gleichzeitig neue Risiken einzuführen.Das ist, kurz gesagt, das Paradoxon. In einem Umfeld, in dem Produktteams ständig neue…
-
From feeds to flows: Using a unified linkage model to operationalize threat intelligence
Tags: access, api, attack, authentication, automation, business, ciso, cloud, compliance, container, control, corporate, credentials, cyber, cybersecurity, data, defense, exploit, finance, firewall, framework, github, government, iam, identity, infrastructure, intelligence, ISO-27001, malicious, metric, mitre, monitoring, network, nist, open-source, phishing, risk, risk-assessment, risk-management, saas, service, siem, soc, software, supply-chain, tactics, threat, tool, update, vulnerability, zero-trustwhat to watch for, but not why it matters or how it moves through your environment.The result is a paradox of abundance: CISOs have more data than ever before, but less operational clarity. Analysts are overwhelmed by indicators disconnected from context or mission relevance.Each feed represents a snapshot of a potential threat, but it does…
-
Sleepless in Security: What’s Actually Keeping CISOs Up at Night
Security headlines distract, but the threats keeping CISOs awake are fundamental gaps and software supply chain risks. Learn why basics and visibility matter most. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/sleepless-in-security-whats-actually-keeping-cisos-up-at-night/
-
CISOs, CIOs and Boards: Bridging the Cybersecurity Confidence Gap
New data shows 90% of NEDs lack confidence in cybersecurity value. CISOs and CIOs must translate cyber risk into business impact. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/cisos-cios-and-boards-bridging-the-cybersecurity-confidence-gap/
-
Coach or mentor: What you need depends on where you are as a cyber leader
Tags: access, ai, business, ciso, cloud, compliance, control, cyber, cybersecurity, defense, government, jobs, network, programming, risk, risk-management, skills, technologyA good technical base can last decades: While mentees need the most help with aligning to the business, some argue that a technical baseline is equally as important to the role for managing technical staff and enabling business operations, particularly through innovative technologies like cloud and AI.One of those is Cynthia Madden, founder of Artemis…
-
Interview: Florence Mottay, global CISO, Zalando
Florence Mottay moved from mathematics to software engineering, and is now leading security at Zalando, a high-tech online fashion retailer First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366635298/Interview-Florence-Mottay-global-CISO-Zalando
-
Revolution der Agentic AI verändert Cybersicherheit in 2026
Die prognostizierten Trends wurden vom weltweiten Team der CISO-Advisors von KnowBe4 zusammengestellt, die über jahrzehntelange Erfahrung im Bereich Cybersicherheit verfügen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/revolution-der-agentic-ai-veraendert-cybersicherheit-in-2026/a43035/
-
Vaillant-CISO: “Starten statt Warten”
Tags: business, ciso, compliance, cyber, cyberattack, cyersecurity, dora, germany, group, international, mail, malware, nis-2, phishing, ransomware, resilience, risk, supply-chainRaphael Reiß, CISO bei Vaillant Group: “Ein moderner CISO muss nicht nur technologische Risiken managen.” Vaillant GroupDer Energiesektor gerät zunehmend in den Fokus von Cyberkriminellen. Aus Sicht von Experten und des Bundesamtes für Sicherheit in der Informationstechnik (BSI) muss der Schutz in diesem Bereich massiv erhöht werden. Wie beurteilen Sie die aktuelle Lage in Deutschland?Reiß:…
-
Vaillant-CISO: “Starten statt Warten”
Tags: business, ciso, compliance, cyber, cyberattack, cyersecurity, dora, germany, group, international, mail, malware, nis-2, phishing, ransomware, resilience, risk, supply-chainRaphael Reiß, CISO bei Vaillant Group: “Ein moderner CISO muss nicht nur technologische Risiken managen.” Vaillant GroupDer Energiesektor gerät zunehmend in den Fokus von Cyberkriminellen. Aus Sicht von Experten und des Bundesamtes für Sicherheit in der Informationstechnik (BSI) muss der Schutz in diesem Bereich massiv erhöht werden. Wie beurteilen Sie die aktuelle Lage in Deutschland?Reiß:…
-
Key questions CISOs must ask before adopting AI-enabled cyber solutions
Questions to ask vendors about their AI security offerings: There are several areas where CISOs will want to focus their attention when considering AI-powered cyber solutions, including the following:Shadow AI: Uncovering and addressing shadow AI throughout the organization is a key issue for security leaders today. But so too is ensuring that sanctioned AI-enabled solutions…
-
Key questions CISOs must ask before adopting AI-enabled cyber solutions
Questions to ask vendors about their AI security offerings: There are several areas where CISOs will want to focus their attention when considering AI-powered cyber solutions, including the following:Shadow AI: Uncovering and addressing shadow AI throughout the organization is a key issue for security leaders today. But so too is ensuring that sanctioned AI-enabled solutions…
-
Creative cybersecurity strategies for resource-constrained institutions
In this Help Net Security interview, Dennis Pickett, CISO at RTI International, talks about how research institutions can approach cybersecurity with limited resources and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/02/dennis-pickett-rti-international-research-institutions-cybersecurity/
-
Creative cybersecurity strategies for resource-constrained institutions
In this Help Net Security interview, Dennis Pickett, CISO at RTI International, talks about how research institutions can approach cybersecurity with limited resources and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/02/dennis-pickett-rti-international-research-institutions-cybersecurity/
-
Key questions CISOs must ask before adopting AI-enabled cyber solutions
Questions to ask vendors about their AI security offerings: There are several areas where CISOs will want to focus their attention when considering AI-powered cyber solutions, including the following:Shadow AI: Uncovering and addressing shadow AI throughout the organization is a key issue for security leaders today. But so too is ensuring that sanctioned AI-enabled solutions…
-
The CISO’s paradox: Enabling innovation while managing risk
Tags: access, attack, authentication, breach, business, ciso, control, data, detection, firewall, governance, identity, infrastructure, jobs, mitigation, risk, service, threat, tool, vulnerability, waf, zero-daySet risk tolerances and guardrails: Teams slow down when they are unsure how to proceed. Take away some of the decision-making and ensure an integration of authentication, authorization and accounting into the development process. For authentication, establish and leverage enterprise identity management solutions rather than allowing the development of accounts written to databases that can…
-
12 signs the CISO-CIO relationship is broken, and steps to fix it
The CIO-CISO relationship matters: The CIO and CISO need to have a strong relationship for either of them to succeed, says MK Palmore, founder and principal adviser for advisory firm Apogee Global RMS and a former director in the Office of the CISO at Google Cloud.”It’s critical that those in these two positions get along…
-
Empathetic policy engineering: The secret to better security behavior and awareness
Tags: awareness, business, ciso, cyberattack, cybersecurity, data, framework, group, phishing, regulation, risk, risk-assessment, strategy, threat, trainingIn many companies, IT security guidelines encounter resistance because employees perceive them as obstructive or impractical. This makes implementation difficult, undermines effectiveness, and strains collaboration between the security department and business units.As a result, instead of being seen as a partner, cybersecurity is often perceived as a hindrance, a fatal security risk. For CISOs, this…
-
Social data puts user passwords at risk in unexpected ways
Many CISOs already assume that social media creates new openings for password guessing, but new research helps show what that risk looks like in practice. The findings reveal … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/28/research-social-media-password-risk/
-
Empathetic policy engineering: The secret to better security behavior and awareness
Tags: awareness, business, ciso, cyberattack, cybersecurity, data, framework, group, phishing, regulation, risk, risk-assessment, strategy, threat, trainingIn many companies, IT security guidelines encounter resistance because employees perceive them as obstructive or impractical. This makes implementation difficult, undermines effectiveness, and strains collaboration between the security department and business units.As a result, instead of being seen as a partner, cybersecurity is often perceived as a hindrance, a fatal security risk. For CISOs, this…
-
Why password management defines PCI DSS success
Most CISOs spend their days dealing with noisy dashboards and vendor pitches that all promise a shortcut to compliance.”¯It can be overwhelming to sort out what matters. When … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/28/pci-dss-password-management/
-
CSO in eigener Sache: Mit Smart Answers zu mehr Information
Mit Smart Answers werden alle Ihre Fragen bei uns auf der CSO-Website beantwortet.Wie können CISOs ihre Karriere pushen? Welche Auswirkungen haben Ransomware-Angriffe auf Unternehmen? Wie läuft die Kommunikation nach einem Cyberangriff ab? Diese und viele weitere Fragen beantworten wir Ihnen auf der Website der CSO über unser neues KI-Tool “Smart Answers”.
-
CSO in eigener Sache: Mit Smart Answers zu mehr Information
Mit Smart Answers werden alle Ihre Fragen bei uns auf der CSO-Website beantwortet.Wie können CISOs ihre Karriere pushen? Welche Auswirkungen haben Ransomware-Angriffe auf Unternehmen? Wie läuft die Kommunikation nach einem Cyberangriff ab? Diese und viele weitere Fragen beantworten wir Ihnen auf der Website der CSO über unser neues KI-Tool “Smart Answers”.
-
CSO in eigener Sache: Mit Smart Answers zu mehr Information
Mit Smart Answers werden alle Ihre Fragen bei uns auf der CSO-Website beantwortet.Wie können CISOs ihre Karriere pushen? Welche Auswirkungen haben Ransomware-Angriffe auf Unternehmen? Wie läuft die Kommunikation nach einem Cyberangriff ab? Diese und viele weitere Fragen beantworten wir Ihnen auf der Website der CSO über unser neues KI-Tool “Smart Answers”.
-
CSO in eigener Sache: Mit Smart Answers zu mehr Information
Mit Smart Answers werden alle Ihre Fragen bei uns auf der CSO-Website beantwortet.Wie können CISOs ihre Karriere pushen? Welche Auswirkungen haben Ransomware-Angriffe auf Unternehmen? Wie läuft die Kommunikation nach einem Cyberangriff ab? Diese und viele weitere Fragen beantworten wir Ihnen auf der Website der CSO über unser neues KI-Tool “Smart Answers”.
-
CSO in eigener Sache: Mit Smart Answers zu mehr Information
Mit Smart Answers werden alle Ihre Fragen bei uns auf der CSO-Website beantwortet.Wie können CISOs ihre Karriere pushen? Welche Auswirkungen haben Ransomware-Angriffe auf Unternehmen? Wie läuft die Kommunikation nach einem Cyberangriff ab? Diese und viele weitere Fragen beantworten wir Ihnen auf der Website der CSO über unser neues KI-Tool “Smart Answers”.
-
New York Hospital Cyber Rules to ‘Raise the Bar’ Nationwide
New York State’s stringent new cybersecurity requirements for many hospitals will have a ripple effect, raising the security bar and expectations for healthcare providers across many other states, predicts Chris Stucker, deputy CISO at Wisconsin-based Froedtert ThedaCare Health. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/new-york-hospital-cyber-rules-to-raise-bar-nationwide-i-5504