Tag: ciso
-
7 key trends defining the cybersecurity market today
Tags: access, ai, attack, cisco, ciso, cloud, compliance, control, crowdstrike, cyber, cybersecurity, data, defense, detection, endpoint, fortinet, gartner, google, governance, group, ibm, intelligence, microsoft, ml, network, okta, resilience, risk, service, siem, startup, strategy, technology, threat, tool, vulnerability, zero-trustMarket leaders are gaining share: The cybersecurity market has a dizzying number of single-product vendors, but a handful of powerful platform providers have risen above the pack and are gaining market share.According to research firm Canalys, the top 12 vendors benefited the most from customers taking early steps to transition to platforms. Collectively, they accounted…
-
Building cyber resilience in banking: Expert insights on strategy, risk, and regulation
In this Help Net Security interview, Matthew Darlage, CISO at Citizens, discusses key strategies for strengthening cyber resilience in banks. He underlines that adherence to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/04/matthew-darlage-citizens-banks-cyber-resilience/
-
Manufacturers still poorly prepared for cyberattacks as IT/OT converge
Tags: attack, breach, ciso, control, cyber, cyberattack, cybersecurity, iot, ransomware, resilience, risk, security-incident, service, technology, threatAs IT and operations technology (OT) converge, manufacturers find themselves increasingly under cyberattack, with many organizations unprepared for the challenge.According to a recent study by Omdia, 80% of manufacturing companies experienced a significant increase in security incidents in the past year. However, only 45% have taken adequate precautions regarding their cybersecurity, while 13% are not prepared at…
-
CISO vs. CIO: Where security and IT leadership clash (and how to fix it)
The dynamic between CISOs and CIOs has always been complex. While both roles are essential to an organization’s success, their priorities often put them at odds. The CIO … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/04/ciso-vs-cio/
-
Fighting Back: 4 Essential Ransomware Defense Strategies for CISOs in 2025
Focus on Cyber Hygiene, Advanced Tools and Rapid Response to Outsmart Attackers Modern cyberthreats require modern defense tactics. Ransomware now employs multilayered extortion tactics that target operations and reputations. With 68% of breaches involving human error, CISOs and leaders must focus on cyber hygiene, advanced security tools and rapid response strategies. First seen on govinfosecurity.com…
-
Data breach liability strains cyber execs, says SolarWinds CISO
First seen on scworld.com Jump to article: www.scworld.com/brief/data-breach-liability-strains-cyber-execs-says-solarwinds-ciso
-
Beyond Compliance: Why CIOs CISOs Must Lead with AI-Driven Strategic Performance Intelligence
Compliance isn’t enough. Learn why CIOs & CISOs must lead with AI-driven Strategic Performance Intelligence to enhance security, governance, and resilience. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/beyond-compliance-why-cios-cisos-must-lead-with-ai-driven-strategic-performance-intelligence/
-
SolarWinds CISO says security execs are ‘nervous’ about individual liability for data breaches
Tim Brown didn’t call for indemnification laws, but suggested that CISOs dealing with legal implications for cyberattacks is stressful and a distraction from their core work. First seen on cyberscoop.com Jump to article: cyberscoop.com/tim-brown-solarwinds-liability-cyberlawcon/
-
Is your enterprise ‘cyber resilient’? Probably not. Here’s how other boards fixed that
Tags: backup, breach, business, ciso, cloud, compliance, control, cyber, cyberattack, cybersecurity, endpoint, finance, framework, governance, incident, metric, monitoring, nist, resilience, risk, service, strategy, supply-chain, tool, training, vulnerability, vulnerability-managementLockheed Martin: Lockheed Martin introduced its Cyber Resiliency Level (CRL) Framework and corresponding Scoreboard in 2018, illustrating a more formalized approach to measuring cyber resilience during this period. The company’s Cyber Resiliency Scoreboard includes tools like a questionnaire and dashboard for measuring the maturity levels of six categories, including Cyber Hygiene and Architecture.MIT: The Balanced Scorecard for Cyber Resilience (BSCR) provides…
-
SANS Institute und Anvilogic bieten Einblicke in die Bedrohungserkennung
Erkennungsspezialisten, CISOs, Sicherheitsmanager und Cybersicherheitsexperten werden aus erster Hand über die neuesten Branchentrends, Best Practices und die wachsende Rolle der KI im Sicherheitsbetrieb informiert. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sans-institute-und-anvilogic-bieten-einblicke-in-die-bedrohungserkennung/a40005/
-
Vier Punkte, die CISOs jetzt unbedingt priorisieren sollten
Vier Security-Themen, die in diesem Jahr (und darüber hinaus) ganz oben auf jeder CISO-Agenda stehen sollten. 44 Prozent der CISOs zeigen sich machtlos: Zwischen 2023 und 2024 waren sie nicht in der Lage, Sicherheitsvorfälle mithilfe ihrer Sicherheitslösungen rechtzeitig zu erkennen [1]. Diese Zahl, die aus den Ergebnissen der Hybrid-Cloud-Studie von Gigamon stammt, zeigt: Trotz… First…
-
5 things to know about ransomware threats in 2025
Tags: access, attack, authentication, awareness, backup, breach, ciso, cloud, control, credentials, cyber, dark-web, data, data-breach, defense, detection, encryption, exploit, extortion, finance, fraud, group, healthcare, identity, incident response, infrastructure, Internet, iot, law, leak, mfa, monitoring, network, password, ransom, ransomware, risk, scam, service, software, sophos, supply-chain, technology, threat, tool, update, vpn, vulnerability, zero-day2. Mid-size organizations are highly vulnerable: Industry data shows mid-size organizations remain highly vulnerable to ransomware attacks. “CISOs need to be aware that ransomware is no longer just targeting large companies, but now even mid-sized organizations are at risk. This awareness is crucial,” says Christiaan Beek, senior director, threat analytics, at Rapid7.Companies with annual revenue…
-
What CISOs need from the board: Mutual respect on expectations
Tags: business, ceo, ciso, compliance, control, cyber, cybersecurity, finance, framework, governance, metric, risk, risk-management, skills, strategy, technology, threat, update, vulnerabilityPart 500. While this legislation was groundbreaking for being very prescriptive in what cyber controls are required, there was in earlier drafts indications that each board should have suitably cyber-qualified members.Similar guidelines were established with the Australian Institute of Company Directors (AICD) drafting its Cyber Governance Principles, which were recently refreshed. The timing of this…
-
The compliance illusion: Why your company might be at risk despite passing audits
For many CISOs, compliance can feel like a necessary evil and a false sense of security. While frameworks like ISO 27001, SOC 2, and PCI DSS offer structured guidelines, they … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/26/compliance-security-illustion/
-
Unmanaged Devices: The Overlooked Threat CISOs Must Confront
No matter the strategy, companies must approach securing unmanaged devices with sensitivity and respect for employee privacy. First seen on darkreading.com Jump to article: www.darkreading.com/remote-workforce/unmanaged-devices-overlooked-threat-cisos-must-confront
-
How to create an effective incident response plan
Tags: access, advisory, attack, backup, breach, business, ceo, ciso, communications, corporate, cyber, cybersecurity, email, endpoint, exploit, finance, governance, guide, incident, incident response, insurance, law, lessons-learned, malicious, monitoring, network, office, phone, ransomware, risk, security-incident, service, strategy, supply-chain, technology, threat, updateEstablish a comprehensive post-incident communications strategy: Another key element that can make or break an incident response strategy is communications. Without clear communications among the major stakeholders of the business, a company might experience much longer downtimes or the loss of vital processes for extended periods.”How are you going to go about communicating? With whom?…
-
CIO des Jahres 2025 Wettbewerb startet
Siegerinnen und Sieger des vergangenen Jahres jubeln über ihre CIO des Jahres Awards. Machen Sie mit und bewerben Sie sich dann stehen Sie vielleicht im Oktober 2025 auf der großen Gala-Bühne und dürfen sich über die renommierteste IT-Auszeichnung Deutschlands freuen. cio.de / Tobias TschepeEs ist wieder so weit: Der renommierteste IT-Award Deutschlands ist startklar. Bis…
-
The CISO’s dilemma of protecting the enterprise while driving innovation
CISOs are constantly navigating the challenge of protecting their organizations while ensuring business agility and innovation. For example, as companies move workloads to the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/25/ciso-protecting-enterprise-driving-innovation/
-
Strategic? Functional? Tactical? Which type of CISO are you?
Tags: breach, business, ceo, cisco, ciso, cloud, compliance, cybersecurity, finance, governance, group, guide, healthcare, infrastructure, jobs, risk, service, skills, startup, strategy, technology, trainingTransformational, as in program-builders or turnaround agents.Operational, often early-career CISOs who are closer to the technology and work at small-to-midsize companies where they still perform some technical duties.Compliance, that is, risk experts typically found in highly regulated industries.Steady-state CISOs, who, in opposition to the transformational type, keep everything on an even keel.Customer-facing CISOs, usually found…
-
How CISOs can sharpen their board pitch for IAM buy-in
Tags: access, automation, breach, business, ciso, cloud, compliance, control, cybersecurity, data, finance, guide, iam, identity, metric, risk, security-incident, strategy, supply-chainthe top focus area going into 2025. However, communicating IAM’s value to the board remains a challenge”, it isn’t enough for these security leaders to craft effective IAM strategies”, they must also secure their board’s support.CISOs know that executive buy-in is critical for obtaining the necessary funding and setting the right tone from the top. The…
-
What is SIEM? Improving security posture through event log data
Tags: access, ai, api, automation, ciso, cloud, compliance, data, defense, detection, edr, endpoint, firewall, fortinet, gartner, google, guide, ibm, infrastructure, intelligence, kubernetes, LLM, microsoft, mitigation, mobile, monitoring, network, openai, regulation, risk, router, security-incident, service, siem, soar, soc, software, threat, toolAt its core, a SIEM is designed to parse and analyze various log files, including firewalls, servers, routers and so forth. This means that SIEMs can become the central “nerve center” of a security operations center, driving other monitoring functions to resolve the various daily alerts.Added to this data are various threat intelligence feeds that…
-
Katie Arrington Returns to Pentagon as DoD CISO
New Pentagon CISO Appointed as Pentagon Budget Cuts Loom. The White House appointed a Trump ally and former Department of Defense cybersecurity official as DOD CISO, an unexpected return to the Pentagon for an official previously removed under a cloud of security concerns. Arrington returns to the Pentagon just as it faces budget cuts. First…
-
Trump’s DoD CISO pick previously faced security clearance suspension
Tags: cisoHey, at least Katie Arrington brings a solid resume First seen on theregister.com Jump to article: www.theregister.com/2025/02/19/trumps_pentagon_ciso_pick_was/
-
Energy CISO: Agencies can’t implement zero trust alone
Federal IT and cybersecurity officials said companies who sell zero trust technologies to the government must do more to make them interoperable. First seen on cyberscoop.com Jump to article: cyberscoop.com/zero-trust-federal-government-vendors-interoperable/
-
CISO success story: Predicting cyber risk (accurately) is easier with this guy’s formula
This article was written by Danny Bradbury and originally appeared in Focal Point magazine. First seen on csoonline.com Jump to article: www.csoonline.com/article/3828287/ciso-success-story-predicting-cyber-risk-accurately-is-easier-with-this-guys-formula.html
-
From Defense to Offense: Inside-Out Data Security Strategies for CISOs in 2025
Challenging the status quo and advocates for “inside-out” security, placing data at the heart of the strategy from the very beginning, rather than securing it last. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/from-defense-to-offense-inside-out-data-security-strategies-for-cisos-in-2025/
-
CISO Conversations: Kevin Winter at Deloitte and Richard Marcus at AuditBoard
Tags: cisoSecurityWeek speaks with Kevin Winter, Global CISO at Deloitte, and Richard Marcus, CISO at AuditBoard. The post CISO Conversations: Kevin Winter at Deloitte and Richard Marcus at AuditBoard appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/ciso-conversations-kevin-winter-at-deloitte-and-richard-marcus-at-auditboard/