Tag: ciso
-
Rethinking AppSec: How DevOps, containers, and serverless are changing the rules
Application security is changing fast. In this Help Net Security interview, Loris Gutic, Global CISO at Bright, talks about what it takes to keep up. Gutic explains how … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/07/loris-gutic-bright-rethinking-appsec/
-
Bridging Cyber and Physical Threats
CISO Sean Atkinson on Proactive, Integrated Approach to Hybrid Threat Defense. Center for Internet Security CISO Sean Atkinson calls for integrated threat intelligence, stronger community collaboration, and enhanced playbooks to confront rising hybrid threats that exploit gaps across cybersecurity and physical domains. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/bridging-cyber-physical-threats-a-28314
-
Nation-State Actors Continue to Exploit Weak Passwords, MFA
Trellix’s John Fokker Advises CISOs to Prioritize Patching, MFA, Network Visibility. Threat actors aren’t rushing to adopt AI tools to exploit vulnerabilities. They still prefer a victim with weak passwords, bad MFA, bad patching. It is the easiest way to make money for criminals so they don’t have to invest in AI, said John Fokker,…
-
Use of Agentic AI in Cybersecurity Needs More Transparency
Elastic CISO Mandy Andress on Deploying More AI Agents for Cybersecurity Tasks. Agentic AI has introduced significant changes in cybersecurity operations in terms of efficiency and speed. Mandy Andress, CISO at Elastic, discussed why more needs to be done to trust AI agents to perform cybersecurity tasks and how to enhance transparency in AI decision-making.…
-
CISOs Transform Into Business-Critical Digital Risk Leaders
Google’s Phil Venables on How AI Creates Structural Advantage in Security. Amid rising cyberthreats, security leaders are using AI tools to drive business enablement and risk management across their organizations, creating unprecedented opportunities for team transformation and career advancement, said Phil Venables, strategic security advisor at Google. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cisos-transform-into-business-critical-digital-risk-leaders-a-28296
-
What it really takes to build a resilient cyber program
In this Help Net Security interview, Dylan Owen, CISO at Nightwing, talks about what it really takes to build an effective defense: choosing the right frameworks, setting up … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/06/dylan-owen-nightwing-cyber-defense-strategy/
-
10 Kennzahlen, die CISOs weiterbringen
Geht es um Security-Kennzahlen, sollten CISOs sich auf das Wesentliche fokussieren. Die Security-Performance zu messen, gehört vielleicht nicht zu den aufregendsten Aufgaben eines CISOs kann allerdings sehr nützlich sein, um eine ganze Reihe von Herausforderungen zu bewältigen. Neben der Erkenntnis darüber, wie effektiv ihre Security-Bemühungen sind, können Sicherheitsentscheider mit den richtigen Kennzahlen unter anderem auch…
-
Perfection is a Myth. Leverage Isn’t: How Small Teams Can Secure Their Google Workspace
Let’s be honest: if you’re one of the first (or the first) security hires at a small or midsize business, chances are you’re also the unofficial CISO, SOC, IT Help Desk, and whatever additional roles need filling. You’re not running a security department. You are THE security department. You’re getting pinged about RFPs in one…
-
Security Professionals: Stay Aware of Current Events
Ballistic Ventures’ Kevin Mandia on How CISOs Can Lead Through Economic Turbulence. In uncertain times, CISOs must balance people and technology, says Kevin Mandia, general partner, Ballistic Ventures. Security budgets face less risk, but efficiency is crucial. AI adoption will accelerate, vendor consolidation will strengthen defenses and SMBs may benefit from outsourcing security. First seen…
-
CISO vs CFO: why are the conversations difficult?
Tags: ai, attack, breach, business, ciso, compliance, cyber, cyberattack, cybersecurity, finance, insurance, jobs, metric, ransomware, RedTeam, risk, risk-management, saas, strategy, technology, threat, toolmight happen, which often means the best outcome is nothing happens. That’s a tough sell.”Although a single cyberattack can wipe out millions of dollars, CFOs and CISOs often approach cybersecurity from fundamentally different perspectives. Bridging this divide requires more than just better communication, it demands, as Argyle put it, a shift in mindset. The disconnect…
-
How CISOs can talk cybersecurity so it makes sense to executives
CISOs know cyber risk is business risk. Boards don’t always see it that way.”‹ For years, CISOs have struggled to get boards to understand security beyond buzzwords. Many … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/05/ciso-talk-cybersecurity-executives/
-
Inside the Relentless Liability Pressures Facing CISOs
SolarWinds CISO Tim Brown’s Case Shows Personal, Legal and Health Risks for CISOs. CISOs face tremendous stress in dealing with regulatory scrutiny and legal exposure in the wake of a data breach. SolarWinds CISO Tim Brown shares the personal and professional impact of Securities and Exchange Commission charges against him after the 2020 SolarWinds supply…
-
Why NHIs Leave Security Experts Satisfied
Tags: cisoWhy is Satisfaction with NHIs Paramount in Security Expertise? When it comes to managing security, Non-Human Identities (NHIs) have become a critical focus for many CISOs and security professionals. This growing importance prompts the question: Why does satisfaction with NHIs play a significant role in demonstrating security expertise? Why NHIs are Essential for Security Management……
-
AI Narrows the Cyber Gap Between Attackers and Defenders
NightDragon CEO Dave DeWalt Sees Cautious Optimism With Agentic AI. Advances in scalable AI and agentic technologies are creating a long-awaited shift in the defender-offender dynamic. With autonomy and agentic capabilities entering production, CISOs may soon deploy 100,000 autonomous agents instead of hiring more staff, said Dave DeWalt, CEO of NightDragon. First seen on govinfosecurity.com…
-
Prepare to Start Implementing Quantum-Safe Algorithms
ISC2 CISO Jon France on Why Quantum Resilience Falls Squarely Under the CISO. Quantum computing is at a tipping point, moving from theoretical math to deployable physics, said Jon France, CISO at ISC2. So, security teams need to start addressing the implementation of quantum-safe algorithms now, beginning with the five new safe algorithms released by…
-
AI Bots Take Over Cybersecurity at HDFC Bank
HDFC Bank’s Sameer Ratolikar on the Automation Shift in Security. HDFC Bank’s CISO Sameer Ratolikar shares the bank’s vision of becoming an AI-first institution, emphasizing architectural simplicity, agentic AI for threat detection and balancing automation with human expertise to enhance cybersecurity and customer experience. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ai-bots-take-over-cybersecurity-at-hdfc-bank-a-28241
-
Rethinking Cybersecurity With AI Agents
Anthropic’s Jason Clinton Discusses the Benefits and Challenges of AI Agents. AI agents will be crucial in the software development life cycle to eliminate bugs, improving the quality of software, which could significantly reduce security vulnerabilities. Although managing AI agents for identity and access controls will be hard, said Jason Clinton, CISO at Anthropic. First…
-
Why CISOs Are Adopting DevSecOps for Secure Software Development
CISOs adopting DevSecOps strategically enhance security measures while ensuring fast-paced software development, responding to the growing landscape of cyber threats. Integrating security practices throughout the entire development lifecycle is critical for organizations seeking to reduce vulnerabilities without sacrificing innovation speed. The DevSecOps Imperative DevSecOps builds upon the DevOps foundation by embedding security practices directly into…
-
Microsoft ernennt Deputy-CISO für Europa
Microsoft ernennt einen Deputy-CISO für Europa.Die immer lauter werdenden Rufe nach einer digitalen Souveränität Europas angesichts des erratisch agierenden Mannes im Weißen Haus lassen Microsoft um seine Geschäfte bangen. Der jüngste Coup nach der Ankündigung eines Investitionsprogramms in EU-Rechenzentren, frei von US-Zugriffen: Für Europa wird ein Deputy-CISO im Rahmen des Microsoft Cybersecurity Governance Council ernannt.Die…
-
Neurohacks to outsmart stress and make better cybersecurity decisions
Think like a hacker: For neuroscientist, business professor at Columbia University, and former hacker Moran Cerf, the link between cybersecurity and neuroscience is instinctive. He points out that working in cybersecurity, particularly as a hacker, is often about understanding how people think and then spotting the gaps.That same shift in understanding, tuning into how the…
-
The Myth of the Perfect CISO: A Multitalented Master of All
Ellis of YL Ventures on How Modern CISOs Must Lead, Not Master Every Discipline. There were never many ‘do everything’ CISOs. Today there are even fewer. But with a specialist area, strong overview and ability to channel expertise, CISOs can align with business goals, embrace the business enabler role, demonstrate quick wins, and ensure their…
-
Application Security in 2025 CISO’s Priority Guide
Application security in 2025 has become a defining concern for every Chief Information Security Officer (CISO) as organizations accelerate their digital transformation journeys. The explosion of cloud-native applications, microservices, and APIs has created a complex web of interconnected systems. This complexity, while enabling rapid innovation, has also expanded the attack surface, making applications prime targets…