Tag: ciso
-
Treating AI agents like service accounts for federated query security
In this interview with Help Net Security, Paras Malhotra, CISO at Starburst, explains how the company handles data governance across federated query environments. Topics … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/09/paras-malhotra-starburst-federated-query-security/
-
AI Exploit Risks Pushing Healthcare Security Shift
MultiCare Health CISO Jason Elrod on Need for Faster Cyber Resilience. Emerging AI tools can identify and exploit software vulnerabilities within minutes, forcing healthcare organizations to rethink cyber strategies. Jason Elrod, CISO of MultiCare Health System, explains why exploitability management, microsegmentation and AI-driven resilience matter more than ever. First seen on govinfosecurity.com Jump to article:…
-
95 Prozent der CISOs stehen unter Druck, Compliance-relevante Probleme der Cybersicherheit zurückzustellen
Checkmarx hat die Ergebnisse seines diesjährigen <> vorgestellt. Demnach nutzen inzwischen 96 Prozent der Entwicklerinnen und Entwickler KI-Tools in ihrer IDE und bewerten deren Nutzen überwiegend positiv. Allerdings geben lediglich 18 Prozent an, bereits während der Entwicklung kontinuierliche Sicherheitsprüfungen durchzuführen. Gleichzeitig geben 95 Prozent der CISOs an, unter Druck zu stehen, […] First seen on…
-
Lost in translation: Cybersecurity board reporting for CISOs
Cybersecurity board reports don’t always land. At the Security and Risk Management Summit 2026, Gartner analysts suggested a novel way to communicate cyber-risk to corporate directors. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366643884/Lost-in-translation-Cybersecurity-board-reporting-for-CISOs
-
The CISO Inbox Is Not a Sales Funnel
Inversion6 CISO Ian Thornton-Trump on What Cybersecurity Startups Get Wrong. CISOs are bombarded with more than 400 cold outreach attempts a month – ignoring nearly all of them. If vendors want to break through, they need to stop selling and start solving, said Ian Thornton-Trump, CISO at Inversion6. First seen on govinfosecurity.com Jump to article:…
-
‘Don’t panic’: AI reality checks dominate major cybersecurity conference
CISOs and their colleagues should focus on network security basics, not AI vendors’ overhyped promises, analysts said at an annual Gartner cybersecurity event. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ai-cybersecurity-hype-reality-check-gartner/821867/
-
Zoom CISO: AI as a Security Enabler, Not Role-Replacer
As Zoom’s CISO, Sandra McLeod discusses the challenges of securing a global communication platform, the promise of AI-driven security workflows, and advice for aspiring cybersecurity leaders. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/zoom-ciso-ai-security-enabler-role-replacer
-
What CISOs need to do about post-quantum migration in the next 24 months
In this Help Net Security video, Garfield Jones, SVP Global Strategy and Research, QuSecure, lays out what CISOs should do over the next 24 months. A recent Google paper moved … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/03/post-quantum-migration-timeline-video/
-
Zoom CISO: AI as Security Enabler, Not Role-Replacer
As Zoom’s CISO, Sandra McLeod, discusses the challenges of securing a global communication platform, the promise of AI-driven security workflows, and advice for aspiring cybersecurity leaders. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/zoom-ciso-ai-security-enabler-role-replacer
-
For CISOs, dawn of OpenAI Daybreak brings good and bad news
OpenAI Daybreak shows how AI reshapes vulnerability discovery. But AI-driven security tools raise accountability questions and fuel the AI arms race between defenders and attackers. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366643546/For-CISOs-dawn-of-OpenAI-Daybreak-brings-good-and-bad-news
-
Turning tension into collaboration: How CIOs and CISOs can lead together
If properly managed and channeled, age-old friction between IT and cybersecurity can create a more resilient organization. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/turning-tension-into-collaboration-how-cios-cisos-can-lead-together/821610/
-
Infosecurity Europe: Tabletop Exercise to Test How CISOs Respond to Major Supermarket Cyber-Attack
Semperis is set to bring ‘Enter the War Room: A Tabletop Experience’ to Infosecurity Europe to help cybersecurity leaders prepare to face real incidents First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/infosecurity-europe-semperis/
-
MegadolonKampagne erschüttert Software-Lieferkette
Tausende Github-Repositorys wurden mit Malware infiziert, die Anmeldedaten stiehlt. Die neueste Bedrohungskampagne von Megadolon erschüttert die ohnehin schon stark belastete Software-Lieferkette. Ein Kommentar von Shane Barney, CISO von Keeper Security <<Die Megalodon-Kampagne zeigt, wo das Risiko in der Software-Lieferkette tatsächlich liegt. Innerhalb von nur sechs Stunden schoben Angreifer bösartige Commits in über 5.500 Github-Repositorys ein…
-
Week in review: Infostealer dropped via FortiClient EMS flaw, exploited Trend Micro Apex One flaw
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Coinflow CISO on crypto payments security under AI pressure Crypto payment … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/31/week-in-review-infostealer-dropped-via-forticlient-ems-flaw-exploited-trend-micro-apex-one-flaw/
-
SANS Institute publiziert Umfrage: CTI von CISOs überwiegend unterschätzt
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/sans-institute-umfrage-cti-cisos-gerigschaetzung
-
Ransomware Viele CISOs würden Lösegeld zahlen
Cyberangriffe mit Ransomware bleiben für Unternehmen weltweit eine der größten Bedrohungen. Besonders problematisch sind dabei nicht nur gestohlene Daten, sondern vor allem die Folgen für den laufenden Betrieb. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/ransomware-cisos-loesegeld-zahlen
-
7 Questions CISOs Must Answer on AI Threats, Supply Chain Risk and Cyber Resilience
First seen on scworld.com Jump to article: www.scworld.com/native/7-questions-cisos-must-answer-on-ai-threats-supply-chain-risk-and-cyber-resilience
-
Mythos-Level AI Is Creating a Tech Debt Crisis
Advanced AI Models Find More Holes Than Enterprise Security Teams Can Plug. Artificial intelligence models such as Anthropic’s Mythos are rapidly exposing decades of hidden software security debt, forcing CIOs and CISOs to rethink vulnerability management, remediation capacity and the trade-offs between availability and breach prevention. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/mythos-level-ai-creating-tech-debt-crisis-a-31750
-
New Jamf CEO Sees AI Advances as Apple Security Driver
CEO Beth Tschida: AI Developers’ Apple Preference Could Strengthen Jamf’s Position. Chief Technology Officer Beth Tschida takes over as CEO of Minneapolis-based Jamf with a mandate to define how the Apple management and security vendor uses AI internally while helping CISOs govern shadow AI, identity and policy controls across enterprise Apple fleets. First seen on…
-
How CISOs Should Prep for Agentic-Ready AI BOMs
Finding ways to document both component and execution attributes for AI bill of materials (AI BOM). First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/how-cisos-should-prep-for-agentic-ready-ai-boms
-
GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise
GitHub CISO Alexis Wales has named the malicious VS Code extension behind the breach they suffered at the hands of the threat group TeamPCP: Nx Console, a popular developer … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/21/github-grafana-breach-root-cause-nx-console/
-
Instructure cyberattack reignites ransom payment debate
Instructure struck a deal to recover its stolen data — likely paying a hefty ransom. For CISOs, deciding whether to negotiate with cybercriminals should come down to business risk. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366642963/Instructure-cyberattack-reignites-ransom-payment-debate
-
What It’ll Take to Make AI BOMs Usable in a Modern Security Program
Five ways CISOs can prepare for consuming AI Bill of Materials and influence the direction of how they’re generated. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/make-ai-bom-usable-modern-security-program
-
Typosquatting Is No Longer a User Problem. It’s a Supply Chain Problem
AI-generated lookalike domains are now embedded inside the third-party scripts running on your web properties. Here’s why your current stack can’t see them, and what detection actually requires.Download the CISO Expert Guide to Typosquatting in the AI Era →TL;DR Typosquatting is no longer a user problem. Attackers now embed lookalike domains inside legitimate third-party scripts.…
-
7 tips for accelerating cyber incident recovery
Tags: attack, awareness, backup, breach, business, ceo, cio, ciso, cloud, communications, control, cyber, cybersecurity, data, defense, finance, framework, governance, incident, incident response, infection, insurance, international, lessons-learned, malicious, malware, monitoring, nist, risk, service, technology, threat, updateEmphasize scoping and containment from the outset: Because you can’t recover from what you can’t stop, scoping and containment should be the absolute first priority during incident recovery, says Amit Basu, CIO and CISO at freight shipping firm International Seaway.”Before anything else, you must stop the bleeding,” he says. This means understanding the true scope…
-
More money is going to physical security, but it’s often CISOs that oversee it: EY
Organizations should centralize physical security and cybersecurity so both are adequately prepared for, the consulting firm says in a survey report. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/more-money-physical-security-cisos-oversee/820240/
-
More money is going to physical security, but it’s often CISOs that oversee it: EY
Organizations should centralize physical security and cybersecurity so both are adequately prepared for, the consulting firm says in a survey report. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/more-money-physical-security-cisos-oversee/820240/
-
What CISOs need to land a board role
Tags: business, ciso, control, corporate, cyber, cybersecurity, finance, governance, government, intelligence, jobs, resilience, risk, skills, strategy, trainingTips for CISOs aiming for a board role: For CISOs interested in contributing to global vendor boards, Morelli advises focusing on becoming a partner, not just a customer. This requires the ability to articulate how a product’s evolution impacts the risk profile of an entire sector.For non-industry or public boards, CISOs must be comfortable contributing…