Tag: ciso
-
Cybersecurity Snapshot: Predictions for 2026: AI Attack Acceleration, Automated Remediation, Custom-Made AI Security Tools, Machine Identity Threats, and More
Tags: access, ai, attack, automation, breach, ciso, cloud, computer, conference, control, cyber, cybersecurity, data, data-breach, defense, detection, exploit, governance, group, identity, intelligence, mitigation, risk, service, threat, tool, zero-dayIn this special edition, Tenable leaders forecast key 2026 trends, including: AI will make attacks more plentiful and less costly; machine identities will become the top cloud risk; preemptive cloud and exposure management will dethrone runtime detection; and automated remediation gets the go-ahead. Key takeaways AI will supercharge the speed and volume of traditional cyber…
-
Wie KI die Cybersicherheit neu gestaltet
Tags: ai, ciso, cloud, cyber, cyberattack, cybersecurity, cyersecurity, data, encryption, gartner, governance, group, guide, hacker, incident response, infrastructure, microsoft, phishing, resilience, risk, sans, soc, supply-chain, threat, tool, vulnerability-managementKünstliche Intelligenz und insbesondere Generative KI dringt immer tiefer in die Sicherheitsprozesse vor.Generative KI (GenAI) ist zu einem allgegenwärtigen Werkzeug in Unternehmen geworden. Laut einer Umfrage der Boston Consulting Group nutzen 50 Prozent der Unternehmen die Technologie, um Arbeitsabläufe neu zu gestalten. 77 Prozent der Befragten sind überzeugt, dass KI-Agenten in den nächsten drei bis…
-
Mentorship & Diversity: Shaping the Next Generation of Cyber Experts
Patricia Voight, CISO at Webster Bank, shares her expertise on advancing cybersecurity careers, combating financial crimes, and championing diversity in a rapidly changing industry. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-careers/mentorship-and-diversity-shaping-the-next-generation-of-cyber-experts
-
Mentorship & Diversity: Shaping the Next Generation of Cyber Experts
Patricia Voight, CISO at Webster Bank, shares her expertise on advancing cybersecurity careers, combating financial crimes, and championing diversity in a rapidly changing industry. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-careers/mentorship-and-diversity-shaping-the-next-generation-of-cyber-experts
-
Equifax Europe CISO: Notorious breach spurred cybersecurity transformation
Tags: access, ai, attack, authentication, awareness, breach, business, ceo, cio, ciso, cloud, computer, control, corporate, cyber, cyberattack, cybercrime, cybersecurity, data, defense, dora, espionage, finance, framework, google, government, identity, infrastructure, intelligence, network, nis-2, phishing, regulation, risk, risk-management, security-incident, service, strategy, technology, threat, updateCloud as a new technological axis: Equifax’s $3 billion migration to the cloud, “which had been brewing for about seven years” and which the company says is the largest technological investment in its history, has involved moving more than 300 systems, over 30 product families, and thousands of customers to the company’s cloud platform, Equifax Cloud, in Spain…
-
Daran scheitert Passwordless
Passwortlose Authentifizierung im Unternehmen einzuführen, ist nur auf dem Papier einfach.Etliche Enterprise-CISOs versuchen schon seit mehr als einer Dekade, Passwörter hinter sich zu lassen. Weil aber diverse Legacy-Systeme ausschließlich auf Kennwörter ausgelegt sind, stoßen sie dabei immer wieder auf technische Hürden. Das spiegelt auch der aktuelle “ID IQ Report 2026″ von RSA (Download gegen Daten)…
-
So geht Post-Incident Review
Post-Incident Reviews können dazu beitragen, die richtigen Lehren aus Sicherheitsvorfällen zu ziehen wenn sie richtig aufgesetzt sind.Angenommen, Ihr Unternehmen wird von Cyberkriminellen angegriffen, kommt dabei aber mit einem blauen Auge davon, weil die Attacke zwar spät, aber noch rechtzeitig entdeckt und abgewehrt werden konnte ohne größeren Business Impact. Jetzt einfach wie bisher weiterzumachen und die…
-
Security chaos engineering matters when nothing is broken
Tags: cisoIn this Help Net Security video, Brian Blakley, CISO at Bellini Capital, explains why security chaos engineering matters beyond theory. He shares lessons from real … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/29/security-chaos-engineering-video/
-
CISOs are managing risk in survival mode
CISOs carry expanding responsibility as cybersecurity budgets rise, AI adoption spreads, and board expectations grow. Risk management now depends on faster decisions, stronger … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/29/ciso-risk-management/
-
Tipps für CISOs, die die Branche wechseln wollen
Tipps für CISOs mit “Vertical-Switch-Ambitionen”.In der Außenperspektive sollte es für Menschen, die es zum Chief Information Security Officer gebracht haben, eigentlich kein Problem sein, die Branche zu wechseln. In der Realität stellen viele Sicherheitsentscheider allerdings regelmäßig fest, dass das Gegenteil der Fall ist: Wenn man einmal in einer bestimmten Branche tätig ist, gestaltet es sich…
-
Getting a Tighter Grip on Third-Party AI Risk in Healthcare
Third-party security threats remain one of the most critical risks facing the healthcare sector. But now the increasing use of artificial intelligence by vendors adds a new layer of third-party concerns, said independent consultant Rick Doten, former healthplan CISO at Centene Corp. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/getting-tighter-grip-on-third-party-ai-risk-in-healthcare-i-5512
-
The End of Excuses: 10 Cybersecurity Investments Every CISO Must Make by 2026
Coupang’s First seen on thecyberexpress.com Jump to article: thecyberexpress.com/2026-10-technologies-cisos-will-invest-in/
-
The Global Data Residency Crisis: How Enterprises Can Navigate Geolocation, Storage, and Privacy Compliance Without Sacrificing Performance
A Comprehensive Technical Guide for CTOs, CISOs, and Identity Architects First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/the-global-data-residency-crisis-how-enterprises-can-navigate-geolocation-storage-and-privacy-compliance-without-sacrificing-performance/
-
ServiceNow’s $7.75 billion cash deal for Armis illustrates shifting strategies
Tags: access, ai, attack, authentication, automation, business, ceo, cio, ciso, computing, control, cyber, governance, identity, incident response, intelligence, iot, risk, service, strategy, tool, update, vulnerabilityVisibility is the key: “For decades, the CIO’s white whale has been a precise, real-time Configuration Management Database [CMDB]. Most are outdated the moment they are populated,” said Whisper Security CEO Kaveh Ranjbar. The Armis acquisition “is an admission that in an era of IoT, OT, and edge computing, you cannot rely on manual entry…
-
6 Ways to move from security questionnaires to self-serve trust
Tags: cisoIn this session of the Strategic CISOs webinar series, Sravish Sridhar (CEO, TrustCloud) sat down with Myke Lyons (CISO, Cribl) and Jon Zayicek (Customer Security Assurance Leader, Cribl) to break down how Cribl built a customer trust program that helps buyers self-serve proof, reduces questionnaire drag, and gives security a clear line of sight to…The…
-
Why outsourced cyber defenses create systemic risks
Tags: access, ai, attack, backdoor, breach, business, ciso, cloud, compliance, corporate, cyber, cybercrime, cybersecurity, data, defense, detection, dora, exploit, finance, framework, GDPR, governance, government, hacker, healthcare, infrastructure, law, malicious, monitoring, moveIT, msp, nis-2, ransomware, regulation, resilience, risk, software, strategy, supply-chain, threat, tool, vulnerability, zero-trustRisk categories of outsourced IT & cybersecurity: When you outsource, responsibility shifts, but accountability never leaves you. The risks fall into clear categories. Operational risks The most basic risk is fragile continuity. In 2017, British Airways outsourced parts of its IT operations. A system outage grounded flights worldwide. The vendor contract delivered savings, but it…
-
Agentic AI already hinting at cybersecurity’s pending identity crisis
Agentic AI’s identity crisis: Authentication and agentic experts interviewed, three of whom estimate that less than 5% of enterprises experimenting with autonomous agents have deployed agentic identity systems, say the reasons for this lack of security hardening are varied.First, many of these efforts are effectively shadow IT, where a line of business (LOB) executive has…
-
Der Aufstieg des Chief Trust Officers: Wo passt der CISO hinein?
Tags: ai, ceo, cio, ciso, compliance, cyersecurity, finance, governance, grc, office, risk, risk-management, soc, software, vulnerabilityDer Chief Trust Officer steht für einen Wandel von der Verteidigung von Systemen hin zur Sicherung der Glaubwürdigkeit.Immer mehr Unternehmen heben Vertrauen als Unterscheidungsmerkmal für ihr Geschäft hervor. Durch Datenschutzverletzungen, Bedenken hinsichtlich der Produktsicherheit und Unsicherheiten in Bezug auf künstliche Intelligenz hat das Vertrauen der Kunden in den vergangenen Jahren stark gelitten.Wie aus dem Edelman…
-
Preparing Healthcare Workers for Secure, Responsible AI Use
Preparing a healthcare workforce to responsibly engage with AI tools without over relying on automation or undermining human oversight will require awareness training akin to phishing exercises, said Skip Sorrels, field CTO and CISO at security firm Claroty. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/preparing-healthcare-workers-for-secure-responsible-ai-use-i-5510
-
What CISOs should know about the SolarWinds lawsuit dismissal
Responsibility without authority is the real risk: At the heart of the SolarWinds lawsuit was a familiar problem for security leaders: responsibility without authority. The dynamic that caught Tim Brown in the SEC’s jaws is that, despite his experience, seniority, and title, he, like most CISOs, carries tremendous responsibility without any real organizational authority to…
-
What CISOs should know about the SolarWinds lawsuit dismissal
Responsibility without authority is the real risk: At the heart of the SolarWinds lawsuit was a familiar problem for security leaders: responsibility without authority. The dynamic that caught Tim Brown in the SEC’s jaws is that, despite his experience, seniority, and title, he, like most CISOs, carries tremendous responsibility without any real organizational authority to…
-
Building cyber talent through competition, residency, and real-world immersion
In this Help Net Security interview, Chrisma Jackson, Director of Cybersecurity Mission Computing Center and CISO at Sandia National Laboratories, reflects on where the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/22/chrisma-jackson-sandia-national-laboratories-recruiting-cybersecurity-professionals/
-
Kirsten Davies Confirmed as Pentagon CIO
Former Unilever CISO to Lead Department of Defense IT. A former Unilever executive is officially the next U.S. Department of Defense CIO. The Pentagon CIO is the principal technology advisor to Pentagon leadership and manages the department’s information management and IT, and many other critical systems. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/kirsten-davies-confirmed-as-pentagon-cio-a-30353
-
CISO Spotlight: Lefteris Tzelepis on Leadership, Strategy, and the Modern Security Mandate
Lefteris Tzelepis, CISO at Steelmet /Viohalco Companies, was shaped by cybersecurity. From his early exposure to real-world attacks at the Greek Ministry of Defense to building and leading security programs inside complex enterprises, his career mirrors the evolution of the CISO role itself. Now a group CISO overseeing security across multiple organizations, Lefteris brings a…
-
AI Agents are Manthe-Middle Attacks
After 25 years defending against man-in-the-middle attacks, a security veteran explains why most AI agents replicate the same architectural risks”, creating compliance gaps, opaque decision-making, and zero-trust violations CISOs can’t ignore. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/ai-agents-are-man-in-the-middle-attacks/
-
AI isn’t one system, and your threat model shouldn’t be either
In this Help Net Security interview, Naor Penso, CISO at Cerebras Systems, explains how to threat model modern AI stacks without treating them as a single risk. He discusses … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/19/naor-penso-cerebras-systems-threat-modeling-al-optimized-infrastructure/
-
AI Agents are Manthe-Middle Attacks
After 25 years defending against man-in-the-middle attacks, a security veteran explains why most AI agents replicate the same architectural risks”, creating compliance gaps, opaque decision-making, and zero-trust violations CISOs can’t ignore. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/ai-agents-are-man-in-the-middle-attacks/