Tag: ciso
-
Data Trust Takes Center Stage at Healthcare Security Summit
CISOs, Regulators and Innovators Unite in New York to Safeguard Healthcare’s Future. From discussions on health data explosion to the keynote on AI deployment, the Healthcare Security Summit: New York offered practical strategies to manage data risks, ensure continuity of patient care and prepare for a regulatory landscape that is rapidly reshaping cybersecurity priorities. First…
-
6 Ways CISOs Are Using AI to Prioritize Critical Vulnerabilities
Just like AI is transforming business operations, it’s revolutionizing how CISOs handle vulnerabilities. AI-powered vulnerability prioritization helps reduce alert noise, focus on high-risk issues, and automate remediation, enabling security teams to act faster, stay ahead of threats, and strengthen their organization’s overall security posture. The post 6 Ways CISOs Are Using AI to Prioritize Critical…
-
CSO Awards winners highlight security innovation and transformation
Tags: ai, attack, automation, awareness, best-practice, business, ciso, cloud, compliance, conference, control, cyber, cybersecurity, data, defense, detection, finance, flaw, framework, governance, group, guide, infrastructure, intelligence, login, malicious, metric, mitre, network, penetration-testing, phishing, privacy, programming, risk, risk-management, service, siem, skills, soc, software, technology, threat, tool, training, update, vulnerability, vulnerability-managementFSU tackles third-party risk with tighter vendor management program: Organization: Florida State UniversityProject: Third-Party Risk Management ProgramSecurity leader: Bill Hunkapiller, CISOOfficials at Florida State University wanted to ensure that data shared with outside entities was well protected. To achieve that, CISO Bill Hunkapiller and his team revamped its third-party risk management program so that the…
-
Agentic AI der neue Horror für Sicherheitsentscheider?
Tags: ai, antivirus, api, breach, ciso, compliance, cyberattack, cybersecurity, cyersecurity, detection, governance, law, mail, malware, monitoring, risk, service, supply-chain, tool, vulnerabilityKI ist mittlerweile in den meisten Unternehmen gesetzt. Im Trend liegen aktuell vor allem Systeme mit autonomen Fähigkeiten bei denen die potenziellen Sicherheitsrisiken besonders ausgeprägt sind.KI-Agenten werden im Unternehmensumfeld immer beliebter und zunehmend in Workflows und Prozesse integriert. Etwa in den Bereichen Softwareentwicklung, Kundenservice und -Support, Prozessautomatisierung oder Employee Experience. Für CISOs und ihre Teams…
-
When Business Moves Fast, Security Gets Left Behind in MA
Mergers and acquisitions (M&A) often unfold at breakneck speed, driven by business opportunity and shareholder expectations. But as Dave Lewis, global advisory CISO at 1Password, explains, cybersecurity risks are still too often left as an afterthought. Lewis points to a recent example involving Salesforce apps and SalesLoft, where an acquired company carried unresolved security issues..…
-
Cybersecurity in smart cities under scrutiny
Tags: 5G, attack, breach, ciso, control, cyber, cyberattack, cybersecurity, data, detection, governance, government, infrastructure, intelligence, international, iot, monitoring, network, service, strategy, technology, tool, vulnerability, zero-trustEnrique DomÃnguez, Accenture Accenture. En la imagen, Enrique DomÃnguez.Rosa DÃaz Moles, director of public sector at S2GRUPO, also highlights smart cities’ complexity and their resulting cybersecurity issues.The digital transformation of public services involves “an accelerated convergence between IT and OT systems, as well as the massive incorporation of connected IoT devices,” she explains, which gives rise…
-
Cybersecurity in smart cities under scrutiny
Tags: 5G, attack, breach, ciso, control, cyber, cyberattack, cybersecurity, data, detection, governance, government, infrastructure, intelligence, international, iot, monitoring, network, service, strategy, technology, tool, vulnerability, zero-trustEnrique DomÃnguez, Accenture Accenture. En la imagen, Enrique DomÃnguez.Rosa DÃaz Moles, director of public sector at S2GRUPO, also highlights smart cities’ complexity and their resulting cybersecurity issues.The digital transformation of public services involves “an accelerated convergence between IT and OT systems, as well as the massive incorporation of connected IoT devices,” she explains, which gives rise…
-
Voice of the CISO von Proofpoint – Wachsende Sorgen deutscher CISOs
Tags: cisoFirst seen on security-insider.de Jump to article: www.security-insider.de/cisos-zweifeln-an-cyberabwehr-menschliche-fehler-genai-einsatz-a-ac9f79f5e96b78251088475e5271eea1/
-
Cybersecurity in smart cities, under scrutiny
Tags: 5G, attack, breach, ciso, control, cyber, cyberattack, cybersecurity, data, detection, governance, government, infrastructure, intelligence, international, iot, monitoring, network, service, strategy, technology, tool, vulnerability, zero-trustEnrique DomÃnguez, Accenture Accenture. En la imagen, Enrique DomÃnguez.Rosa DÃaz Moles, director of public sector at S2GRUPO, also highlights smart cities’ complexity and their resulting cybersecurity issues.The digital transformation of public services involves “an accelerated convergence between IT and OT systems, as well as the massive incorporation of connected IoT devices,” she explains, which gives rise…
-
Agencies increasingly dive into AI for cyber defense, acting federal CISO says
Mike Duffy said feds are looking at ways to use it even more for cybersecurity. First seen on cyberscoop.com Jump to article: cyberscoop.com/federal-agencies-ai-cyber-defense-mike-duffy-ciso/
-
Meet ShadowLeak: ‘Impossible to detect’ data theft using AI
Tags: ai, attack, business, ciso, cybersecurity, data, data-breach, email, exploit, gartner, governance, injection, LLM, malicious, RedTeam, resilience, risk, sans, service, sql, supply-chain, technology, theft, tool, update, vulnerabilityWhat CSOs should do: To blunt this kind of attack, he said CSOs should:treat AI agents as privileged actors: apply the same governance used for a human with internal resource access;separate ‘read’ from ‘act’ scopes and service accounts, and where possible sanitize inputs before LLM (large language model) ingestion. Strip/neutralize hidden HTML, flatten to safe…
-
How Top CISOs Approach Exposure Management in the Context of Managing Cyber Risk
Tags: ai, attack, best-practice, business, ciso, control, cvss, cyber, cybersecurity, data, framework, group, intelligence, leak, metric, monitoring, risk, software, strategy, threat, update, vulnerability, vulnerability-managementWondering what your peers think of exposure management? New reports from the Exposure Management Leadership Council, a CISO working group sponsored by Tenable, offer insights. Key takeaways The CISOs who make up the Exposure Management Leadership Council see exposure management as a strategic and game-changing approach to unified proactive security. They believe exposure management can…
-
AI Threats Top Focus at London Financial Services Summit
CISOs, Regulators, Innovators Unite to Strengthen Resilience in Financial Services. The London Financial Services Summit tackled today’s most urgent issues, from AI-powered fraud and third-party risks to compliance mandate, equipping participants with insights to secure finance in an era of volatility and disruption. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ai-threats-top-focus-at-london-financial-services-summit-a-29474
-
How CISOs Can Drive Effective AI Governance
AI’s growing role in enterprise environments has heightened the urgency for Chief Information Security Officers (CISOs) to drive effective AI governance. When it comes to any emerging technology, governance is hard but effective governance is even harder. The first instinct for most organizations is to respond with rigid policies. Write a policy document, circulate a…
-
AI is altering entry-level cyber hiring, and the nature of the skills gap
The certification trap and broken pipelines: Other experts argued that an over reliance on CVs and certifications is one of the biggest barriers to hiring success in cybersecurity because it acts to shut out otherwise qualified candidates.”Despite bringing valuable experience and perspectives, people with 10 years of work experience are put off because there is…
-
Where CISOs need to see Splunk go next
Tags: ai, api, automation, cisco, ciso, cloud, communications, compliance, conference, crowdstrike, cybersecurity, data, data-breach, detection, finance, framework, google, incident response, intelligence, jobs, metric, microsoft, open-source, RedTeam, resilience, risk, router, siem, soar, strategy, tactics, threat, tool, vulnerabilityResilience resides at the confluence of security and observability: There was also a clear message around resilience, the ability to maintain availability and recover quickly from any IT or security event.From a Cisco/Splunk perspective, this means a more tightly coupled relationship between security and observability.I’m reminded of a chat I had with the chief risk…
-
Rethinking AI Data Security: A Buyer’s Guide
Generative AI has gone from a curiosity to a cornerstone of enterprise productivity in just a few short years. From copilots embedded in office suites to dedicated large language model (LLM) platforms, employees now rely on these tools to code, analyze, draft, and decide. But for CISOs and security architects, the very speed of adoption…
-
No More Blind Spots: Achieving Complete SDLC Visibility in a Multi-Cloud World
Tags: access, attack, breach, business, ciso, cloud, compliance, container, control, data, exploit, identity, infrastructure, least-privilege, monitoring, programming, risk, service, software, threat, vulnerabilityStruggling with a messy, multi-cloud environment? Learn how Tenable’s unified cloud security approach helps you eliminate dangerous blind spots, attain complete visibility and control, and secure your assets from the first line of code to full production. Key takeaways Fragmented multi-cloud environments create risky blind spots, making unified visibility essential to identify and manage security…
-
Warning: Hackers have inserted credential-stealing code into some npm libraries
Tags: api, attack, authentication, ciso, cloud, credentials, github, google, hacker, Hardware, incident response, malware, mfa, monitoring, open-source, phishing, sans, software, supply-chain, threatMore than 40 packages affected: One of the researchers who found and flagged the hack Monday was French developer François Best, and it was also described in blogs from StepSecurity, Socket, ReversingLabs and Ox Security. These blogs contain a full list of compromised packages and indicators of compromise.Researchers at Israel-based Ox Security said there was a…
-
CrowdStrike bets big on agentic AI with new offerings after $290M Onum buy
Tags: ai, api, ciso, control, crowdstrike, cybersecurity, data, data-breach, detection, marketplace, password, risk, service, soc, trainingCrowdStrike’s Agentic Security Platform: CrowdStrike developed its Agentic Security Platform precisely to help organizations keep pace with increasingly AI-equipped adversaries. “The increasing speed of the adversary, the increasing use of generative AI means from a defensive standpoint, we want to leverage these technologies as well to match and hopefully exceed the speed and efficiency of…
-
From prevention to rapid response: The new era of CISO strategy
Tags: access, attack, authentication, automation, awareness, breach, ciso, control, credentials, cybersecurity, data, finance, fintech, infrastructure, Intruder, malicious, monitoring, network, privacy, radius, resilience, service, strategy, threat, zero-trustBreaches will happen, so how do we deal with the fallout?CISOs are now spending less energy trying to keep every threat at bay. They know attackers will get in, but the question is, what’s next? The new mindset is about stopping intruders from moving around and escalating the damage.This shift means investing in sharper visibility,…
-
How AI-powered ZTNA will protect the hybrid future
Tags: access, ai, authentication, automation, business, ciso, cloud, compliance, control, data, healthcare, identity, infrastructure, skills, strategy, tool, vpn, zero-trustThe multi-cloud access management reality: The complexity I’m witnessing goes beyond traditional VPN sprawl challenges. Take a healthcare enterprise I worked with: patient management on AWS, legacy billing on-premises, analytics on Azure and disaster recovery in a third cloud. Each environment has different access controls, identity providers and security policies. A nurse accessing patient data…
-
How AI-powered ZTNA will protect the hybrid future
Tags: access, ai, authentication, automation, business, ciso, cloud, compliance, control, data, healthcare, identity, infrastructure, skills, strategy, tool, vpn, zero-trustThe multi-cloud access management reality: The complexity I’m witnessing goes beyond traditional VPN sprawl challenges. Take a healthcare enterprise I worked with: patient management on AWS, legacy billing on-premises, analytics on Azure and disaster recovery in a third cloud. Each environment has different access controls, identity providers and security policies. A nurse accessing patient data…
-
CISOs grapple with the realities of applying AI to security functions
Tags: ai, automation, breach, business, ceo, ciso, compliance, cybersecurity, data, detection, email, endpoint, finance, governance, incident response, intelligence, law, malicious, malware, microsoft, risk, service, soc, threat, toolThe agentic edge: The financial services is often an early adopter of cutting-edge security technologies.Erin Rogers, SVP and director of cybersecurity risk and compliance at BOK Financial, tells CSO that AI-based upgrades are helping threat detection and response systems to autonomously analyze threats, make real-time decisions, and adapt responses, significantly improving early detection and mitigation.While…
-
CISOs grapple with the realities of applying AI to security functions
Tags: ai, automation, breach, business, ceo, ciso, compliance, cybersecurity, data, detection, email, endpoint, finance, governance, incident response, intelligence, law, malicious, malware, microsoft, risk, service, soc, threat, toolThe agentic edge: The financial services is often an early adopter of cutting-edge security technologies.Erin Rogers, SVP and director of cybersecurity risk and compliance at BOK Financial, tells CSO that AI-based upgrades are helping threat detection and response systems to autonomously analyze threats, make real-time decisions, and adapt responses, significantly improving early detection and mitigation.While…
-
Building security that protects customers, not just auditors
Tags: cisoIn this Help Net Security interview, Nir Rothenberg, CISO at Rapyd, discusses global differences in payment security maturity and the lessons that can be learned from leading … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/16/nir-rothenberg-rapyd-payment-security-maturity/
-
Building security that protects customers, not just auditors
Tags: cisoIn this Help Net Security interview, Nir Rothenberg, CISO at Rapyd, discusses global differences in payment security maturity and the lessons that can be learned from leading … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/16/nir-rothenberg-rapyd-payment-security-maturity/
-
New ransomware Yurei adopts open-source tools for double-extortion campaigns
Tags: access, attack, authentication, backup, breach, ciso, cloud, control, data, edr, extortion, flaw, intelligence, Internet, mfa, network, open-source, phishing, powershell, ransomware, resilience, risk, service, switch, threat, tool, windowsBigger risks beyond downtime: The double-extortion ransomware appears to be an early version, as it has loopholes. Ransomware often targets and deletes shadow copies to block victims from using Windows’ built-in recovery options. But Yurei did not delete the shadow copies, which, if enabled, can allow the victim to restore their files to a previous…