Tag: ciso
-
Avnet unlocks vendor lock-in and reinvents security data management
Tags: ai, attack, business, cio, ciso, cloud, compliance, conference, control, cybersecurity, data, LLM, microsoft, PCI, siem, strategy, technology, toolOwn and manage its data directly rather than leaving it siloed in vendor systems.Start large-scale extract, transform, and load (ETL) operations, allowing engineers to run analytics and AI-based use cases like retrieval-augmented generation (RAG).Reduce costs associated with rigid SIEM licensing and storage tiers.Improve compliance with new PCI DSS v4.0 requirements for automated log review in…
-
SHARED INTEL QA: Inside the mind of a hacker, shadowing adversaries across API pathways
In today’s digital economy, business starts with the application. Increasingly, the critical activity lives in the APIs that support it. Related: The hidden cost of API security laspses For Jamison Utter, Field CISO at A10 Networks, this moment marks… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/shared-intel-qa-inside-the-mind-of-a-hacker-shadowing-adversaries-across-api-pathways/
-
Black Hat USA 2025 CISO Podcast Series Episode 5 Out Now
Episode 5 of the Black Hat USA 2025 CISO Podcast Series First seen on thecyberexpress.com Jump to article: thecyberexpress.com/black-hat-usa-2025-ciso-podcast-episode-5/
-
Why Compliance-First Cybersecurity Programs Fail (And What Actually Works)
Most B2B companies build cybersecurity programs backwards – starting with compliance instead of real security. Learn why this approach fails and how fractional CISO services can help you build effective security that actually prevents breaches while achieving compliance. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/why-compliance-first-cybersecurity-programs-fail-and-what-actually-works/
-
Pressure on CISOs to stay silent about security incidents growing
Tags: access, breach, business, cio, ciso, corporate, credentials, credit-card, crowdstrike, cybersecurity, data, data-breach, email, finance, framework, group, hacker, iam, identity, incident response, insurance, law, mfa, ransomware, sap, security-incident, software, theft, threat, training‘Intense pressure’ to keep quiet about security incidents: CSO spoke to two other former CISOs who reported pressures to stay silent about suspected security incidents. Both CISOs requested to remain anonymous due to end-of-contract confidentiality agreements made with previous employers.”While working inside a Fortune Global 500 company in Europe, I witnessed this multiple times,” one…
-
Cutting through CVE noise with real-world threat signals
CISOs are dealing with an overload of vulnerability data. Each year brings tens of thousands of new CVEs, yet only a small fraction ever become weaponized. Teams often fall … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/04/nucleus-insights-vulnerability-management/
-
Cutting through CVE noise with real-world threat signals
CISOs are dealing with an overload of vulnerability data. Each year brings tens of thousands of new CVEs, yet only a small fraction ever become weaponized. Teams often fall … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/04/nucleus-insights-vulnerability-management/
-
How Tampa General Hospital worked to quantify cyber risk
The medical center’s CIO and CISO teamed up to translate security decisions into dollars and cents. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/tampa-general-hospital-cio-ciso-cyber-risk/759132/
-
Zero Trust bereitet CISOs Probleme
Tags: access, ai, ceo, ciso, cloud, compliance, cyber, cybersecurity, cyersecurity, gartner, germany, iot, password, risk, startup, strategy, technology, vulnerability, zero-trustLaut einer Umfrage ist die Umsetzung von Zero Trust für die meisten CISOs nicht leicht.Laut einem aktuellen Bericht von Accenture haben fast neun von zehn Sicherheitsverantwortlichen (88 Prozent) erhebliche Schwierigkeiten damit, Zero-Trust in ihren Unternehmen umzusetzen. ‘Diese Schwachstelle erstreckt sich auch auf die physische Welt, da 80 Prozent ihre cyber-physischen Systeme nicht wirksam schützen können”,…
-
Zero Trust bereitet CISOs Probleme
Tags: access, ai, ceo, ciso, cloud, compliance, cyber, cybersecurity, cyersecurity, gartner, germany, iot, password, risk, startup, strategy, technology, vulnerability, zero-trustLaut einer Umfrage ist die Umsetzung von Zero Trust für die meisten CISOs nicht leicht.Laut einem aktuellen Bericht von Accenture haben fast neun von zehn Sicherheitsverantwortlichen (88 Prozent) erhebliche Schwierigkeiten damit, Zero-Trust in ihren Unternehmen umzusetzen. ‘Diese Schwachstelle erstreckt sich auch auf die physische Welt, da 80 Prozent ihre cyber-physischen Systeme nicht wirksam schützen können”,…
-
Zero-Trust bereitet CISOs Probleme
Tags: access, ai, ceo, ciso, cloud, compliance, cyber, cybersecurity, cyersecurity, gartner, germany, iot, password, risk, startup, strategy, technology, vulnerability, zero-trustLaut einer Umfrage ist die Umsetzung von Zero Trust für die meisten CISOs nicht leicht.Laut einem aktuellen Bericht von Accenture haben fast neun von zehn Sicherheitsverantwortlichen (88 Prozent) erhebliche Schwierigkeiten damit, Zero-Trust in ihren Unternehmen umzusetzen. ‘Diese Schwachstelle erstreckt sich auch auf die physische Welt, da 80 Prozent ihre cyber-physischen Systeme nicht wirksam schützen können”,…
-
How the generative AI boom opens up new privacy and cybersecurity risks
Privacy and cybersecurity risks: Another major problem lies in potential privacy and cybersecurity breaches, both for end users and for the companies themselves.Panda warns how AIs fed with large amounts of personal data can become a gateway to fraud or to create much more sophisticated and infallible attacks if they fall into the wrong hands.…
-
A CISO’s guide to monitoring the dark web
Tags: access, attack, authentication, breach, ciso, cloud, credentials, cyber, cybercrime, dark-web, data, data-breach, detection, extortion, guide, identity, incident response, intelligence, law, leak, marketplace, mfa, monitoring, okta, risk, saas, service, supply-chain, technology, threat, vpn, vulnerabilityIs your company data on the dark web? Here’s what to look for and what do if your data now lives on the dark web. Sıla Özeren / Picus Security If you’re looking for broader threats against your organization, pay close attention to what initial access brokers (IABs) are offering for sale on the dark…
-
How the generative AI boom opens up new privacy and cybersecurity risks
Privacy and cybersecurity risks: Another major problem lies in potential privacy and cybersecurity breaches, both for end users and for the companies themselves.Panda warns how AIs fed with large amounts of personal data can become a gateway to fraud or to create much more sophisticated and infallible attacks if they fall into the wrong hands.…
-
A CISO’s guide to monitoring the dark web
Tags: access, attack, authentication, breach, ciso, cloud, credentials, cyber, cybercrime, dark-web, data, data-breach, detection, extortion, guide, identity, incident response, intelligence, law, leak, marketplace, mfa, monitoring, okta, risk, saas, service, supply-chain, technology, threat, vpn, vulnerabilityIs your company data on the dark web? Here’s what to look for and what do if your data now lives on the dark web. Sıla Özeren / Picus Security If you’re looking for broader threats against your organization, pay close attention to what initial access brokers (IABs) are offering for sale on the dark…
-
How the generative AI boom opens up new privacy and cybersecurity risks
Privacy and cybersecurity risks: Another major problem lies in potential privacy and cybersecurity breaches, both for end users and for the companies themselves.Panda warns how AIs fed with large amounts of personal data can become a gateway to fraud or to create much more sophisticated and infallible attacks if they fall into the wrong hands.…
-
A CISO’s guide to monitoring the dark web
Tags: access, attack, authentication, breach, ciso, cloud, credentials, cyber, cybercrime, dark-web, data, data-breach, detection, extortion, guide, identity, incident response, intelligence, law, leak, marketplace, mfa, monitoring, okta, risk, saas, service, supply-chain, technology, threat, vpn, vulnerabilityIs your company data on the dark web? Here’s what to look for and what do if your data now lives on the dark web. Sıla Özeren / Picus Security If you’re looking for broader threats against your organization, pay close attention to what initial access brokers (IABs) are offering for sale on the dark…
-
AI will drive purchases this year, but not without questions
AI is moving into security operations, but CISOs are approaching it with a mix of optimism and realism. A new report from Arctic Wolf shows that most organizations are … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/03/report-ai-in-security-operations/
-
Warning: Flaws in Copeland OT controllers can be leveraged by threat actors
Tags: access, authentication, ciso, control, cybersecurity, exploit, flaw, group, identity, incident response, intelligence, Internet, network, penetration-testing, risk, service, threat, tool, update, vulnerability, zero-trustCSO. “Persons responsible for the management of OT devices are focused on production and reliability of service, not security. As a result, you frequently encounter OT devices that are insecure.”To ensure security, organizations have to move towards a zero trust architecture for deploying OT devices, Beggs said. That includes verifying user identity, enforcing multifactor authentication,…
-
TDL 002 – Defending the DNS: How Quad9 Protects the Internet with John Todd
Tags: access, apple, attack, business, china, ciso, communications, control, country, crime, cyber, cybersecurity, data, defense, dns, email, encryption, firewall, google, ibm, india, infrastructure, intelligence, Internet, jobs, law, malicious, malware, network, phishing, privacy, service, strategy, technology, threat, tool, zero-trustSummary The Defender’s Log episode features John Todd from Quad9, discussing their mission to protect the internet through secure DNS. Quad9, a non-profit launched in 2017 with founding partners Global Cyber Alliance, Packet Clearing House, and IBM, provides a free, global recursive DNS resolver that blocks malicious domains. Todd emphasizes that Quad9’s success is a…
-
Proving Security’s Value in the Age of AI: Why CISOs Must Use CRQ to Compete for Budget
A CISO at a major fast-food retailer recently told me: “No security investments will be approved unless I make the AI case. I need to show that each investment either Read More First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/proving-securitys-value-in-the-age-of-ai-why-cisos-must-use-crq-to-compete-for-budget/
-
Proving Security’s Value in the Age of AI: Why CISOs Must Use CRQ to Compete for Budget
A CISO at a major fast-food retailer recently told me: “No security investments will be approved unless I make the AI case. I need to show that each investment either Read More First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/proving-securitys-value-in-the-age-of-ai-why-cisos-must-use-crq-to-compete-for-budget/
-
Proving Security’s Value in the Age of AI: Why CISOs Must Use CRQ to Compete for Budget
A CISO at a major fast-food retailer recently told me: “No security investments will be approved unless I make the AI case. I need to show that each investment either Read More First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/proving-securitys-value-in-the-age-of-ai-why-cisos-must-use-crq-to-compete-for-budget/
-
CISSP certification: Requirements, training, exam, and cost
Tags: access, business, china, ciso, cloud, computer, credentials, cybersecurity, government, guide, infosec, jobs, linkedin, network, risk, risk-management, skills, trainingWho should get a CISSP?: CISSP has been called the “gold standard” of security certifications. “From the hiring side, the CISSP remains one of the most valued certifications I look for,” says Ankit Gupta, Senior Security Engineer at Exeter Finance. “It shows a candidate has a firm grasp of security principles across multiple domains, and…
-
Cyberrisiko KI-Coding Angriffsfläche steigt durch unsicheren Code
Checkmarx hat die Ergebnisse des jährlichen Reports ‘Future of Application Security in the Era of AI” veröffentlicht. Die Studie zeichnet ein umfassendes Bild davon, wie KI-gestützte Softwareentwicklung die Risikolandschaft nachhaltig verändert und gibt konkrete Handlungsempfehlungen für das kommende Jahr. Befragt wurden rund 1.500 CISOs, AppSec-Verantwortliche und Entwickler aus Nordamerika, Europa und dem asiatisch-pazifischen Raum. […]…
-
Agentic AI: A CISO’s security nightmare in the making?
Tags: access, ai, antivirus, api, attack, automation, ciso, compliance, cybersecurity, data, defense, detection, email, endpoint, exploit, framework, governance, law, leak, malicious, malware, open-source, privacy, risk, service, strategy, supply-chain, tool, vulnerabilityFree agents: Autonomy breeds increased risks: Agentic AI introduces the ability to make independent decisions and act without human oversight. This capability presents its own cybersecurity risk by potentially leaving organizations vulnerable.”Agentic AI systems are goal-driven and capable of making decisions without direct human approval,” Joyce says. “When objectives are poorly scoped or ambiguous, agents…
-
12 Days Left to Nominate Yourself for the Prestigious CSO30 Awards 2025 Celebrating Security Leadership & Innovation
The CSO30 Awards are a mark of excellence, recognizing CISOs and CSOs who have fundamentally changed the way their organizations are protected and operate, while driving positive business outcomes through effective risk mitigation strategies.Winners join an exclusive community of security leaders celebrated globally, with recognition spanning the U.S., Europe, ASEAN, Asia/Pacific, and now the Middle…
-
Women cyber leaders are on the rise, and paying it forward
Tags: ciso, cloud, cyber, cybersecurity, data, defense, finance, google, group, insurance, international, jobs, lessons-learned, network, office, privacy, risk, service, skills, software, strategy, supply-chain, technologyCarol Lee Hobson, CISO, PayNearMe PayNearMeStill, companies could be doing more to bring women into cybersecurity positions, says Lauren Winchester, vice president of cyber risk services at Travelers.”Women make up more than half of the population yet represent roughly 20% of the cybersecurity workforce. While the number of women in cyber has increased over the…