Tag: ciso
-
Critical infrastructure CISOs Can’t Ignore ‘Back-Office Clutter’ Data
OT and ICS systems indeed hold the crown jewels of critical infrastructure organizations, but unmonitored data sprawl is proving to be pure gold for increasingly brazen nation-state threat actors like Volt Typhoon, Pearce argues. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/critical-infrastructure-back-office-data
-
Building a healthcare cybersecurity strategy that works
In this Help Net Security interview, Wayman Cummings, CISO at Ochsner Health, talks about building a healthcare cybersecurity strategy, even when resources are tight. He … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/13/wayman-cummings-ochsner-health-building-healthcare-cybersecurity-strategy/
-
Building a healthcare cybersecurity strategy that works
In this Help Net Security interview, Wayman Cummings, CISO at Ochsner Health, talks about building a healthcare cybersecurity strategy, even when resources are tight. He … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/13/wayman-cummings-ochsner-health-building-healthcare-cybersecurity-strategy/
-
Cybersecurity Snapshot: AI Security Skills Drive Up Cyber Salaries, as Cyber Teams Grow Arsenal of AI Tools, Reports Find
Tags: access, advisory, ai, attack, authentication, breach, business, ciso, cloud, computing, credentials, cve, cyber, cybersecurity, data, defense, endpoint, exploit, extortion, finance, framework, fraud, google, governance, guide, hacker, hacking, identity, incident response, Internet, iot, jobs, login, microsoft, monitoring, network, nist, oracle, organized, password, privacy, ransomware, risk, risk-assessment, risk-management, scam, skills, technology, threat, tool, training, update, vulnerability, vulnerability-management, zero-dayWant recruiters to show you the money? A new report says AI skills are your golden ticket. Plus, cyber teams are all in on AI, including agentic AI tools. Oh, and please patch a nasty Oracle zero-day bug ASAP. And get the latest on vulnerability management, IoT security and cyber fraud. Key takeaways Eager to…
-
The CIA triad is dead, stop using a Cold War relic to fight 21st century threats
Tags: ai, backup, breach, business, ceo, ciso, compliance, csf, cyber, cybersecurity, data, data-breach, deep-fake, firewall, framework, fraud, GDPR, governance, infrastructure, ISO-27001, nist, privacy, ransomware, regulation, resilience, sbom, software, supply-chain, technology, threat, zero-trustRansomware is not just an availability problem. Treating ransomware as a simple “availability” failure misses the point. Being “up” or “down” is irrelevant when your systems are locked and business halted. What matters is resilience: the engineered ability to absorb damage, fail gracefully, and restore from immutable backups. Availability is binary; resilience is survival. Without…
-
Disaster Recovery und Business Continuity effektiv planen
Tags: ai, api, backup, business, ciso, cloud, compliance, cyber, cyberattack, cyersecurity, gartner, Internet, mail, ransomware, resilience, risk, risk-management, saas, service, software, strategy, technology, tool, vulnerabilitySechs Schritte sollten CISOs für einen erfolgreichen Disaster-Recovery- und Business-Continuity-Plan beachten.Die Grundprinzipien der Disaster Recovery (DR) und der Business Continuity sind seit Jahrzehnten weitgehend unverändert:Risiken identifizieren,die Auswirkungen auf das Geschäft analysieren,Wiederanlaufzeiten (Recovery Time Objectives, RTOs) festlegen,einen Sicherungs- und Wiederherstellungsplan erstellen undregelmäßige Tests durchführen.In der Vergangenheit lagen die Daten auf Servern vor Ort, Cyberbedrohungen waren weniger…
-
Fastly CISO: Using Major Incidents as Career Catalysts
Tags: cisoMarshall Erwin shares how crisis leadership shaped his path from CIA analyst to the US Congress to protecting global Web traffic at Fastly. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/fastly-ciso-major-incidents-career-catalysts
-
Your cyber risk problem isn’t tech, it’s architecture
Tags: ai, attack, awareness, best-practice, business, ciso, cloud, compliance, container, control, csf, cyber, cybersecurity, data, data-breach, defense, finance, framework, GDPR, governance, grc, group, intelligence, Internet, ISO-27001, mitre, nist, PCI, phishing, privacy, ransomware, regulation, risk, risk-assessment, risk-management, software, strategy, threat, training, update, vulnerabilityIf the company already has a mature risk culture: The implementation of a cybersecurity management project becomes more flexible. Since my goal is to share the mechanics to achieve success in a cybersecurity program, I emphasize below some components of this ‘recipe’ to consider: Understand the dynamics and scope of the business, mapping stakeholders, processes…
-
Your cyber risk problem isn’t tech, it’s architecture
Tags: ai, attack, awareness, best-practice, business, ciso, cloud, compliance, container, control, csf, cyber, cybersecurity, data, data-breach, defense, finance, framework, GDPR, governance, grc, group, intelligence, Internet, ISO-27001, mitre, nist, PCI, phishing, privacy, ransomware, regulation, risk, risk-assessment, risk-management, software, strategy, threat, training, update, vulnerabilityIf the company already has a mature risk culture: The implementation of a cybersecurity management project becomes more flexible. Since my goal is to share the mechanics to achieve success in a cybersecurity program, I emphasize below some components of this ‘recipe’ to consider: Understand the dynamics and scope of the business, mapping stakeholders, processes…
-
Behind the screens: Building security customers appreciate
In this Help Net Security interview, Jess Vachon, CISO at PRA Group, discusses the company’s multi-layered defense against fraud and its commitment to protecting customer … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/09/jess-vachon-pra-group-defense-against-fraud/
-
Turning the human factor into your strongest cybersecurity defense
In this Help Net Security video, Jacob Martens, Field CISO at Upwind Security, explores one of cybersecurity’s most enduring challenges: the human factor behind breaches. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/09/human-factor-in-cybersecurity-video/
-
Behind the screens: Building security customers appreciate
In this Help Net Security interview, Jess Vachon, CISO at PRA Group, discusses the company’s multi-layered defense against fraud and its commitment to protecting customer … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/09/jess-vachon-pra-group-defense-against-fraud/
-
Is the CISO chair becoming a revolving door?
Tags: ai, automation, breach, business, ciso, cloud, control, cybersecurity, framework, governance, jobs, risk, skills, threatIs the stress worth the sacrifice?: For others in the CISO role, including Fullpath CISO Shahar Geiger Maor, the issue is less about boredom and more about the constant strain. “At any time there may be a breach. You live under the assumption that something is going to go wrong, and it’s very stressful,” he…
-
TDL 006 – Beyond the Firewall: How Attackers Weaponize Your DNS
Tags: access, attack, breach, business, cisa, ciso, computer, conference, control, cyber, data, data-breach, dns, exploit, firewall, google, government, group, guide, infrastructure, intelligence, Internet, iraq, jobs, leak, malicious, malware, network, phishing, ransomware, service, software, switch, threat, tool, windowsSummary Beyond the Firewall: How Attackers Weaponize Your DNS For many IT professionals, DNS is the internet’s invisible plumbing, historically managed by a “guy with a Unix beard in the basement,” as Infoblox educator Josh Kuo recalled on the Defenders Log podcast. But this foundational, often overlooked, protocol has become a primary vector for sophisticated…
-
What to Look for in a Fractional CISO
A Proven Fractional CISO Can Help Close Leadership Gaps and Strengthen Resilience Hiring a fractional CISO gives your business the executive security leadership it needs – without the full-time cost. But not all providers are equal. Knowing how to evaluate talent, provider stability and delivery is key to ensuring lasting value, trust and resilience. First…
-
How Exposure Management Helped Three Companies Transform Their Cybersecurity Program
Tags: application-security, attack, ciso, cloud, compliance, control, cyber, cybersecurity, data, identity, infrastructure, iot, law, risk, software, threat, tool, vulnerability, vulnerability-managementPart two of our Exposure Management Academy series on exposure management maturity explores how organizations like Drogaria Araujo, Tenable and Verizon have applied exposure management to strengthen their security postures. Key takeaways: Case studies of Drogaria Araujo, Tenable and Verizon illustrate how exposure management provides tangible benefits to organizations of different sizes and security maturity…
-
CISOs rethink the security organization for the AI era
Jill Knesek, CISO, BlackLine BlackLineEchoing Oleksak, Knesek says she feels strongly about utilizing traditional security and having the right controls in place. Getting foundational security right will get you a long way, she says.’Then, as you learn about more sophisticated attacks “¦ we’ll have to pivot our tooling and capabilities to those risks.” For now,…
-
CISOs rethink the security organization for the AI era
Jill Knesek, CISO, BlackLine BlackLineEchoing Oleksak, Knesek says she feels strongly about utilizing traditional security and having the right controls in place. Getting foundational security right will get you a long way, she says.’Then, as you learn about more sophisticated attacks “¦ we’ll have to pivot our tooling and capabilities to those risks.” For now,…
-
Descope Gets $35M for AI Agent Identity Controls, Governance
Identity Security Vendor to Expand AI Governance Tools Including MCP Server Defense. Descope raised $35 million to expand its agentic identity hub and MCP authorization capabilities. As enterprises adopt AI, CISOs demand granular governance, auditing and secure identity frameworks for nonhuman agents. Descope aims to lead this emerging space. First seen on govinfosecurity.com Jump to…
-
Descope Gets $35M for AI Agent Identity Controls, Governance
Identity Security Vendor to Expand AI Governance Tools Including MCP Server Defense. Descope raised $35 million to expand its agentic identity hub and MCP authorization capabilities. As enterprises adopt AI, CISOs demand granular governance, auditing and secure identity frameworks for nonhuman agents. Descope aims to lead this emerging space. First seen on govinfosecurity.com Jump to…
-
Cybersecurity at Risk: CISA 2015 Lapses Amid Government Shutdown
The expiration of CISA 2015 weakens cyber defenses, limiting info-sharing protections and raising risks for CISOs and security leaders. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/cisa-2015-lapses-government-shutdown/
-
Neue Phishing-Variante greift Gmail-Nutzer an
Tags: access, adobe, awareness, cio, ciso, cyberattack, hacker, intelligence, mail, malware, phishing, ransomware, risk, spear-phishing, threat, tool, zero-trustHacker haben gefälschte PDF-Dateien an Gmail-Nutzer verschickt, die täuschend echt wirken. Forscher des Sicherheitsunternehmens Varonis haben eine raffinierte Phishing-Methode entdeckt, die auf Gmail-Nutzer zielt. Dabei kommt eine Malware zum Einsatz, die sich nicht nur als PDF-Anhang tarnt, sondern die Opfer automatisch dazu auffordert, diesen zu öffnen.’Der Dateityp .PDF ist im privaten und geschäftlichen Bereich allgegenwärtig…
-
US gov shutdown leaves IT projects hanging, security defenders a skeleton crew
Tags: cisoThe longer the shutdown, the less likely critical IT overhauls happen, ex federal CISO tells The Register First seen on theregister.com Jump to article: www.theregister.com/2025/10/01/us_government_shutdown_it_seccurity/