Tag: ciso
-
CISOs: Stop trying to do the lawyer’s job
Tags: breach, business, ciso, compliance, cybersecurity, data, email, finance, group, guide, incident response, international, jobs, law, privacy, RedTeam, risk, risk-management, security-incident, service, skills, strategy, technology, training, updateThere’s a joke that’s been floating around boardrooms for years: “What’s the difference between lawyers and engineers? Lawyers don’t think they’re engineers.”This light-hearted jab highlights a fundamental difference between the two professions. Engineers, and by extension CISOs, focus on building and fixing things, learning a wide array of skills, sometimes sticking their hands into technologies…
-
Why 24/7 Security Monitoring Matters for Your Company
Gary Perkins, CISO at CISO Global Cyber threats don’t take evenings or weekends off, and neither should your security team. Companies need peace of mind knowing that dedicated professionals are continuously monitoring their infrastructure and data, ensuring both proactive prevention and rapid response to potential incidents. The Role of Expert Analysts in Securing Your Company……
-
The SolarWinds $4.4 billion acquisition gives CISOs what they least want: Uncertainty
Tags: attack, breach, business, cisa, ciso, cyber, cybersecurity, finance, government, group, risk, risk-management, service, software, strategy, supply-chain, tool, updateWhen SolarWinds on Friday announced a $4.4 billion cash deal for it to be acquired by private equity (PE) firm Turn/River Capital, it delivered the last thing that nervous enterprise CISOs want: Uncertainty, to be followed by more uncertainty.”Whenever a security company gets acquired by private equity, you never want to throw a party,” said…
-
ISMG Editors: AI Security Wake-Up Call From DeepSeek
Tags: ai, api, ciso, data, data-breach, governance, leak, open-source, risk, risk-management, vulnerabilityAlso: Addressing AI Vulnerabilities and Governance Challenges. DeepSeek, an advanced open-source AI model, is under scrutiny for its safety guardrails failing multiple security tests and a data leak that exposed user information and API keys. Sam Curry, CISO at Zscaler, discusses AI security, risk management and upcoming U.S. policy changes. First seen on govinfosecurity.com Jump…
-
AI Security is API Security: What CISOs and CIOs Need to Know
Just when CIOs and CISOs thought they were getting a grip on API security, AI came along and shook things up. In the past few years, a huge number of organizations have adopted AI, realizing innumerable productivity, operational, and efficiency benefits. However, they’re also having to deal with unprecedented API security challenges. Wallarm’s Annual 2025…
-
CIOs and CISOs grapple with DORA: Key challenges, compliance complexities
Tags: access, automation, banking, business, cio, ciso, communications, compliance, control, country, cyber, cybersecurity, data, dora, finance, framework, GDPR, governance, jobs, law, monitoring, network, nis-2, penetration-testing, privacy, regulation, resilience, risk, risk-management, service, skills, supply-chain, technology, threat, tool, training, vulnerabilityIn force since January, the Digital Operational Resilience Act (DORA) has required considerable effort from CIOs and CISOs at 20 types of financial entities to achieve compliance. For many, the journey is not complete.”In the past months, financial entities targeted by DORA have been busy internally defining roles and responsibilities related to ICT security, identifying…
-
Federal Cyber Workers Can Now Accept Trump Resignation Offer
CISO Buyout Offers, Industry-Wide Skills Shortage Raise Fears of Cybersecurity Gaps. The Cybersecurity and Infrastructure Security Agency has reversed an exemption for its staffers to participate in the administration’s “Fork in the Road” resignation program, as lawmakers and security experts warn of a growing cyber workforce shortage threatening U.S. national security. First seen on govinfosecurity.com…
-
21% of CISOs pressured to not report compliance issues
Tags: awareness, breach, business, ceo, ciso, compliance, control, corporate, cybersecurity, data, dora, finance, framework, governance, incident response, infrastructure, insurance, law, nis-2, regulation, resilience, risk, security-incident, trainingCISOs are increasingly getting caught between business pressures and regulatory obligations, leaving them struggling to balance corporate loyalty and legal accountability.To wit: One in five (21%) security leaders have been pressured by other executives or board members not to report compliance issues at their companies, according to a recent study by security vendor Splunk.The same…
-
Webinar Today: Defenders on the Frontline Incident Response and Threat Intel Under the Microscope
Join this panel of CISOs and threat-intel professionals for a deep-dive on aligning incident response and threat intelligence with broader business objectives. The post Webinar Today: Defenders on the Frontline Incident Response and Threat Intel Under the Microscope appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/ciso-forum-webinar-defenders-on-the-frontline-incident-response-and-threat-intel-under-the-microscope/
-
Anomalies are not Enough
Tags: ai, attack, ciso, communications, country, cybersecurity, data, data-breach, defense, email, government, LLM, mail, marketplace, mitre, ml, network, resilience, risk, service, siem, threat, toolMitre Att&ck as Context Introduction: A common theme of science fiction authors, and these days policymakers and think tanks, is how will the humans work with the machines, as the machines begin to surpass us across many dimensions. In cybersecurity humans and their systems are at a crossroads, their limitations daily exposed by ever more innovative,…
-
It pays to know how your cybersecurity stacks up
Like all other business leaders, chief information security officers (CISOs) could find themselves on the unemployment line if something on their watch goes seriously sideways.But what if CISOs simply aren’t demonstrating enough business value?With companies cutting costs, proving cybersecurity programs are good for the business has become vital to protecting budgets and jobs. That’s why…
-
CISO Forum Webinar: Defenders on the Frontline Incident Response and Threat Intel Under the Microscope
Join this panel of CISOs and threat-intel professionals for a deep-dive on aligning incident response and threat intelligence with broader business objectives. The post CISO Forum Webinar: Defenders on the Frontline Incident Response and Threat Intel Under the Microscope appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/ciso-forum-webinar-defenders-on-the-frontline-incident-response-and-threat-intel-under-the-microscope/
-
Cybersecurity Training for Executives: What Business Leaders Need to Know
In an era marked by high-profile cyber breaches, ransomware attacks, and violence committed against high-profile enterprise employees, the imperative for focused cybersecurity training for executives has escalated dramatically. For CISOs and enterprise cybersecurity specialists, crafting a tailored cybersecurity training program for your organization’s executives is not just a precaution”, it is a strategic imperative. Here’s…
-
Cyber Insights 2025: The CISO Outlook
There has never been a single job description for the CISO the role depends upon each company, its maturity, its size and resources, and the risk tolerance of boards. The post Cyber Insights 2025: The CISO Outlook appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cyber-insights-2025-the-ciso-outlook/
-
7 tips for improving cybersecurity ROI
Tags: advisory, ai, attack, business, ciso, compliance, control, corporate, cyber, cybersecurity, data, defense, detection, exploit, finance, gartner, group, incident response, infrastructure, intelligence, metric, monitoring, network, privacy, resilience, risk, risk-assessment, risk-management, service, siem, software, strategy, technology, threat, tool, vulnerability, wafWhen it comes to cybersecurity investments, smart money is directed toward initiatives that deliver the greatest protection at the lowest possible cost. But what appears to be a straightforward calculation can often be anything but.CISOs perennially face challenges securing adequate funding to safeguard the enterprise, placing them often in difficult positions attempting to stretch resources…
-
39% of IT leaders fear major incident due to excessive workloads
Enterprise security operations teams find themselves stretched thin and contending with an escalating cyber threat landscape today. Many are understaffed and underfunded, leaving CISOs on edge about the consequences for the enterprise, and their careers.A recent survey from Adaptavist about fallout from last summer’s CrowdStrike outage found that two out of five (39%) IT leaders…
-
The CISO’s role in advancing innovation in cybersecurity
Tags: access, advisory, ai, attack, best-practice, business, ceo, ciso, conference, cyber, cybersecurity, finance, network, phone, risk, startup, strategy, technology, threat, toolCybersecurity leaders have an advantage when it comes to innovation given their front seat facing new and old threats. That is why many CISOs are playing an active role in shaping emerging solutions, which also gives them a clear understanding of where current solutions fall short.”CISOs can play a part in supporting innovation by shaping…
-
CISO enlists agentic AI reinforcements for SecOps
AI agents are already in the hands of adversaries. One aerospace CISO has begun to use them to augment his SecOps staff and even the score. First seen on techtarget.com Jump to article: www.techtarget.com/searchitoperations/news/366617888/CISO-enlists-agentic-AI-reinforcements-for-SecOps
-
DORA erfordert robuste Risikomanagementprozesse über die gesamte Lieferkette hinweg
Der Finanzsektor ist mit regulatorischen Anforderungen bestens vertraut, doch DORA stellt insbesondere im Bereich Drittanbieter und Lieferketten neue Herausforderungen dar. Eine durchgehende Compliance erfordert die Anpassung von Risikomanagementprozessen und Service-Level-Agreements. Ein Kommentar von Andre Troskie, EMEA Field CISO bei Veeam. Im Gegensatz zu anderen Wirtschaftsbereichen, die ebenfalls die NIS2 einhalten müssen, sind dem Finanzsektor strenge Vorschriften…
-
CISOs are moving closer to the board, but budget hurdles remain
In recent years, CISOs have often felt that their board of directors did not take them seriously. This key issue for cybersecurity, however, is turning around, with 82% of CISOs now reporting directly to their CEOs, versus 47% in 2023, according to a survey by Splunk.Splunk’s report, which surveyed 500 CISOs, CSOs, and similar security officers,…
-
Want to be an effective cybersecurity leader? Learn to excel at change management
Tags: authentication, awareness, business, cio, ciso, cloud, compliance, corporate, cybersecurity, finance, fraud, group, guide, Hardware, identity, jobs, password, privacy, risk, risk-management, service, skills, software, strategy, technology, threat, vulnerability, zero-trustIf there’s one thing that’s inevitable in cybersecurity, it’s change. Ever-evolving technology requires new protections, threats seem to multiply and morph on a daily basis, and even the humblest pieces of software and hardware demand constant updating to stay secure.That work has been increasing as the importance, visibility, and impact of security initiatives have ramped…
-
DeepSeek: The Silent AI Takeover That Could Cripple Markets and Fuel China’s Cyberwarfare
David Jemmett, CEO & Founder of CISO Global Unlike Western AI systems governed by privacy laws and ethical considerations, DeepSeek operates under a regime notorious for state-sponsored hacking, surveillance, and cyber espionage. With AI-driven automation at its disposal, China can rapidly scale its cyberattacks, embedding malware, manipulating financial markets, and eroding trust in global AI……
-
5 ways boards can improve their cybersecurity governance
Tags: attack, breach, business, ciso, cloud, cyber, cybersecurity, data, election, endpoint, finance, gartner, governance, government, group, identity, incident, india, infrastructure, jobs, middle-east, network, ransomware, regulation, risk, skills, technology, threat, trainingAs chairman of the board for Cinturion Group, Richard Marshall is intimately involved in ensuring the security of the fiber optic network his company is constructing from India through the Middle East and on to Europe.The monumental Trans Europe Asia System (TEAS) will be difficult enough to build given it will be buried beneath thousands…
-
DeepSeek AI angegriffen?
Tags: ai, attack, ceo, china, ciso, cyberattack, cybersecurity, cyersecurity, ddos, infrastructure, nvidia, openai, saas, service, startup, vulnerability -
The cybersecurity skills gap reality: We need to face the challenge of emerging tech
The cybersecurity skills shortage remains a controversial topic. Research from ISC2 states that the current global workforce of cybersecurity professionals stands at 5.5 million, but the workforce currently needs 10.2 million, a gap of 4.8 million people.Skeptics (and there are lots of them) say hogwash! They claim that these numbers are purely self-serving for ISC2,…
-
74% of CISOs are increasing crisis simulation budgets
In the aftermath of 2024’s high-profile cybersecurity incidents, including NHS, CrowdStrike, 23andMe, Transport for London, and Cencora, CISOs are reassessing their … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/28/cisos-crisis-simulation-budgets/