Tag: ciso
-
From StackStorm to DeepTempo
And what does it tell us about Cybersecurity? As the founding CEO of StackStorm and now DeepTempo, I’ve seen how the needs of CISOs and SOCs have changed over the last 10+ years. New challenges and a better color scheme! When we started StackStorm, the cybersecurity landscape was different. Our power users rarely asked for more alerts”Š”,…
-
Are Your Cloud NHIs Truly Protected?
Are You Doing Enough to Secure Your Cloud NHIs? Is your organization’s cloud security robust enough to protect your non-human identities (NHIs)? This is a question that has been increasingly haunting CISOs, cybersecurity professionals, and businesses thriving in the cloud. With cloud computing continues to revolutionize industries like finance, travel, healthcare, and DevOps, the need……
-
Docuseries Explores Mental, Physical Hardships of CISOs
During CISO: The Worst Job I Ever Wanted, several chief information security officers (CISOs) tell their stories and reveal how difficult it is to be in a role that’s still undefined despite being around for decades. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-careers/docuseries-explores-mental-physical-hardships-ciso
-
ISMG Editors: Infosecurity Europe Conference 2025 Wrap-Up
Also: AI’s Promise and Pitfalls and Why Community, Communication, and Basics Matter. Live from Infosecurity Europe 2025 in London, ISMG editors and guest CISO Ian Thornton-Trump wrap up a week of standout insights – from AI-driven security and operational resilience to supply chain risk and mental health in cyber. A celebration of community, innovation and…
-
CISOs must translate cyber threats into business risk
To manage risk effectively and secure board-level buy-in, CISOs must stop talking about technology and start speaking the language of business, according to a senior Check Point executive First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366625493/CISOs-must-translate-cyber-threats-into-business-risk
-
Cybersecurity Snapshot: Experts Issue Best Practices for Migrating to Post-Quantum Cryptography and for Improving Orgs’ Cyber Culture
Tags: access, attack, best-practice, business, cio, ciso, communications, computer, computing, conference, corporate, crypto, cryptography, cyber, cybersecurity, data, defense, email, encryption, finance, government, group, ibm, identity, incident, incident response, infrastructure, jobs, lessons-learned, metric, microsoft, mitre, monitoring, nist, risk, service, strategy, technology, threat, tool, training, update, vulnerability, vulnerability-management, warfareCheck out a new roadmap for adopting quantum-resistant cryptography. Plus, find out how your company can create a better cybersecurity environment. In addition, MITRE warns about protecting critical infrastructure from cyber war. And get the latest on exposure response strategies and on CISO compensation and job satisfaction. Dive into five things that are top of…
-
CISOs urged to push vendors for roadmaps on post-quantum cryptography readiness
No ‘forklift upgrade’ needed: There is a misconception that change is difficult but the task of modernizing systems to make them PQC-ready can be broken down into chunks, advised Anne Leslie, cloud risk and controls leader for EMEA at IBM.”Businesses can only go as fast as partners and suppliers,” Leslie cautioned.Madelein van der Hout, senior…
-
#Infosec2025: Cybersecurity Lessons From Maersk’s Former CISO
2017 ransomware attack on shipping company A P Moller Maersk marked a turning point for the cybersecurity industry, according to its former CISO Adam Banks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/infosec2025-lessons-maersk-ciso/
-
Announcing our Series A – Impart Security
Tags: ai, api, application-security, attack, ceo, ciso, cloud, cve, defense, detection, framework, healthcare, infrastructure, monitoring, risk, saas, technology, threat, tool, vulnerability, wafToday, we’re announcing our $12 million Series A led by Madrona. This funding represents more than capital”, it validates our solution to what I call the ‘last mile problem’ in application security. Here’s a scenario every security professional will recognize: Your team demos an impressive application security tool that catches sophisticated attacks in real-time. The…
-
Elevating the CISO to Business Enabler With CRQ – Kovrr
Articles related to cyber risk quantification, cyber risk management, and cyber resilience. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/06/elevating-the-ciso-to-business-enabler-with-crq-kovrr/
-
#Infosec2025: Know Your Audience to Make an Impact, CISOs Tell Their Peers
A panel of CISOs at Infosecurity Europe urged their peers to use risk management and clear communication to tame a chaotic cyber landscape First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/infosec2025-know-your-audience/
-
How GitLab is tapping AI in DevSecOps
GitLab CISO Josh Lemos explains how the company is weaving AI, through its Duo tool, into the entire software development lifecycle to enhance efficiency and automate incident response First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366625222/How-GitLab-is-tapping-AI-in-DevSecOps
-
Redefining Cyber Value: Why Business Impact Should Lead the Security Conversation
Security teams face growing demands with more tools, more data, and higher expectations than ever. Boards approve large security budgets, yet still ask the same question: what is the business getting in return? CISOs respond with reports on controls and vulnerability counts but executives want to understand risk in terms of financial exposure, operational impact,…
-
#Infosec2025: UK Retail Hack Was Subtle, Not Complex, Says River Island CISO
The attacks on UK retailers are “a wake-up call” for the industry, said River Island’s Information Security Officer First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/uk-retail-hack-river-island-ciso/
-
Get out of the audit committee: Why CISOs need dedicated board time
Tags: ai, business, ciso, cyber, cybersecurity, data, framework, mitigation, resilience, risk, risk-management, strategy, technology, threat, updateThe full partnership model between CISO and board: Full and frank security discussions are more than just a ‘nice to have’. The SEC has indicated it expects public companies with senior leadership to be transparent in how they assess and communicate cybersecurity risks.By extension, CISOs have an important role in communicating risks to senior leadership…
-
Cyber Resilience in Zeiten geopolitischer Unsicherheit
Tags: cio, ciso, cloud, compliance, cyber, cyberattack, firewall, governance, infrastructure, monitoring, resilience, risk, risk-analysis, siem, update, vulnerability-managementCyberbedrohungen existieren längst nicht mehr im luftleeren Raum sie entstehen im Spannungsfeld von Geopolitik, regulatorischer Zersplitterung und einer stetig wachsenden digitalen Angriffsfläche.Cybersecurity ist heute ein rechtliches, operatives und geopolitisches Thema. Für CIOs und CISOs ist die Botschaft eindeutig: Resilienz bedeutet nicht mehr nur, zu reagieren, sondern vorbereitet zu sein. Vorbereitung heißt, Systeme und Teams aufzubauen,…
-
What the Arc Browser Story Reveals About the Future of Browser Security
By Dakshitaa Babu, Security Researcher, SquareX In a candid letter that Joshua Miller, CEO of Arc Browser, wrote to the community, he revealed a truth the tech industry has been dancing around: “the dominant operating system on desktop wasn’t Windows or macOS anymore”Š”, “Šit was the browser.” The evidence is everywhere”Š”, “Šcloud revenue surging year…
-
Why Identity Security Still Lags in Healthcare Sector
Identity security is still one of the most underinvested areas of cybersecurity across the healthcare sector, regardless of the depth of cyber resources available to many different types and sizes of entities, said Hugo Lai, CISO at Temple University Health System. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/identity-security-still-lags-in-healthcare-sector-i-5480
-
The Forgotten Details of Ransomware Response Plans
While healthcare organizations often know in general what they need to do in case they’re faced with a ransomware attack, the devil is in the details of how comprehensive and well-rehearsed that incident preparedness plan is for optimal response, said Rick Doten, vice president and healthplan CISO at Centene Corp. First seen on govinfosecurity.com Jump…
-
#Infosec2025: Simplicity Should Guide Cybersecurity Purchasing Decisions
Experts argue that CISOs should avoid product duplication and simplify their language to ensure budget is spent wisely First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/infosec2025-cybersecurity/
-
#Infosec2025: UK Retail Hack Was ‘Subtle, Not Complex,’ Says River Island CISO
The attacks on UK retailers are “a wake-up call” for the industry, said River Island’s Information Security Officer First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/uk-retail-hack-river-island-ciso/
-
Cybersecurity’s ‘rare earth’ skills: Scarce, high-value, and critical for future defense
Tags: ai, attack, business, ciso, computing, crypto, cryptography, cyber, cybersecurity, data, defense, detection, intelligence, jobs, programming, risk, skills, strategy, supply-chain, technology, threat, trainingAdvanced threat hunting expertise Like the rarest elements, professionals who can proactively identify novel threats and adversary techniques before they cause damage are scarce and extremely valuable. Why are these skills rare? Many factors have led to this scenario:Complex skill requirements: Effective threat hunters need a unique combination of skills, including deep cyber knowledge, programming…
-
6 ways CISOs can leverage data and AI to better secure the enterprise
Tags: advisory, ai, antivirus, attack, automation, breach, business, ciso, cloud, compliance, computer, corporate, cyber, cyberattack, cybersecurity, data, detection, firewall, framework, governance, guide, infrastructure, LLM, login, ml, network, programming, risk, risk-analysis, service, siem, soc, software, technology, threat, tool, trainingEmphasize the ‘learning’ part of ML: To be truly effective, models need to be retrained with new data to keep up with changing threat vectors and shifting cyber criminal behavior.”Machine learning models get smarter with your help,” Riboldi says. “Make sure to have feedback loops. Letting analysts label events and adjust settings constantly improves their…
-
Rethinking governance in a decentralized identity world
Decentralized identity (DID) is gaining traction, and for CISOs, it’s becoming a part of long-term planning around data protection, privacy, and control. As more … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/04/governance-decentralized-identity/
-
CISOs need better tools to turn risk into action
Many organizations are overwhelmed by the complexity of their IT systems, making it difficult to manage cybersecurity risks, according to a new Ivanti report. The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/04/ciso-exposure-management/
-
What Tackling the SaaS Security Problem Means to Me
By Kevin Hanes, CEO of Reveal Security When I reflect on the years I spent leading one of the world’s largest Security Operations Centers (SOCs) and incident response teams, the lessons learned aren’t just war stories”¦they’re a playbook for how we should rethink our responsibilities in the face of today’s fast-evolving attack surfaces. Back then,…
-
Is Your CISO Navigating Your Flight Path?
If your CISO isn’t wielding influence with the CEO and helping top leaders clearly see the flight path ahead, your company is dangerously exposed. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/ciso-navigating-your-flight-path