Tag: ciso
-
What Is IAM for Agentic AI? The New Perimeter of Trust in 2026
6 min readMost CISOs fear AI agent risks, but legacy IAM can’t govern autonomous systems. A new identity model built on attestation is emerging. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/what-is-iam-for-agentic-ai-the-new-perimeter-of-trust-in-2026/
-
AI Usage Monitoring: How to See Everything Your Employees Are Doing with AI FireTail Blog
Tags: access, ai, ciso, compliance, control, data, detection, GDPR, guide, login, monitoring, network, regulation, risk, toolApr 29, 2026 – Lina Romero – What is AI usage monitoring? AI usage monitoring is the practice of logging, tracking, and analysing how employees and systems interact with AI tools, both sanctioned and unsanctioned. FireTail provides centralised AI activity logging that gives security teams a real-time view of AI usage across the entire organisation.…
-
Minnesota’s CISOs: Homegrown Talent Securing Finance, Insurance, and Beyond
Minnesota has produced a quietly strong CISO community, particularly in financial services and insurance. The leaders in this feature are based in the Twin Cities metro or built the core of their careers there, and their work spans credit unions, community banking, wealth management, payment technology, title insurance, and one of the most consequential public…The…
-
Minnesota’s CISOs: Homegrown Talent Securing Finance, Insurance, and Beyond
Minnesota has produced a quietly strong CISO community, particularly in financial services and insurance. The leaders in this feature are based in the Twin Cities metro or built the core of their careers there, and their work spans credit unions, community banking, wealth management, payment technology, title insurance, and one of the most consequential public…The…
-
Identity discovery: The overlooked lever in strategic risk reduction
If you ask a CISO what keeps them up at night, the answer usually isn’t “lack of tools.” It’s uncertainty. Uncertainty about what they don’t see. Uncertainty about how far an … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/29/delinea-identity-discovery-strategy/
-
NSA Chief During Snowden Affair Shares Regrets, Reflections 13 Years Later
Chris Inglis was the head civilian in charge at the NSA when the Snowden leak exploded. He gets candid about mistakes the organization made, and what CISOs need to know about spotting potential threats, media disclosures, and enculturation. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/nsa-chief-during-snowden-affair-13-years-later
-
Checkmarx Confirms Security Incident Involving GitHub Repository Exposure
Tags: application-security, ciso, cyber, cybercrime, data, data-breach, github, group, security-incidentApplication security provider Checkmarx has officially confirmed a new security incident involving the exposure of its internal GitHub repository. On April 27, 2026, Udi-Yehuda Tamar, the company’s VP of Platform Engineering and Global CISO, revealed that a cybercriminal group successfully leaked Checkmarx data on the dark web. This alarming development stems from an earlier security…
-
What CISOs need to get right as identity enters the agentic era
Tags: access, ai, ciso, conference, control, credentials, cybersecurity, defense, governance, identity, jobs, least-privilege, malicious, mfa, monitoring, phishing, risk, technology, toolWilcox and Adams are speaking at the CSO Cybersecurity Awards & Conference, May 1113. Reserve your place.As a result, Adams says CISOs will increasingly need to adopt an identity-centric security architecture and there are several key tenets to consider.Build a strong foundation before layering on complexity. The instinct when modernizing an identity program, says Adams, is…
-
The CISOs Protecting Michigan’s Campuses, Classrooms, and Research
Higher education cybersecurity in Michigan runs from flagship research universities handling federally funded science and sensitive health data to community colleges serving working adults with lean security teams and limited budgets. The environments are different in scale but not in consequence. Student records, research data, clinical systems, and the personal information of tens of thousands…The…
-
Trust, Risk, and the CISOs Protecting Michigan’s Financial Institutions
Financial services cybersecurity in Michigan does not all look the same. The CISOs in this feature are securing a wealth management firm, a specialty insurance group, a farm credit institution, a community bank, a credit union serving a major university’s community, and another credit union with a decade of continuous security leadership. The regulatory frameworks,…The…
-
How CISOs Need To Prepare For The Claude Mythos Era Of Cyberattacks: Experts
As CISOs rethink their approaches to exposure management and cyber defense following revelations about Anthropic’s Claude Mythos and AI-powered vulnerability discovery, gaining improved visibility and implementing compensating controls are the most important steps for many organizations alongside shifting to accelerated patching cycles, cybersecurity experts tell CRN. First seen on crn.com Jump to article: www.crn.com/news/security/2026/how-cisos-need-to-prepare-for-the-claude-mythos-era-of-cyberattacks-experts
-
The $700 million question: How cyber risk became a market cap problem
Cyber risk used to be the kind of problem you could delegate. Something for the CISO, the IT team, and maybe an external auditor to worry about once a year. That comfort zone is gone. In the last decade, a new reality has set in: a single cyber incident can erase hundreds of millions of…The…
-
KI-Verbote funktionieren nicht – Shadow Agentic AI ist ein blinder Fleck für CISOs
First seen on security-insider.de Jump to article: www.security-insider.de/shadow-agentic-ai-blinder-fleck-ciso-governance-a-6852d63872d509008a26bb22db090a6e/
-
Protecting Michigan’s Patients: The State’s Healthcare CISOs
Michigan’s healthcare sector is one of the most complex in the Midwest, spanning academic medical centers, regional health systems, long-term care, and the statewide associations that set the security standards many smaller organizations depend on. The leaders in this feature are not working in comparable environments. They are securing a $500 million long-term care operator,…The…
-
Securing the Machine: Michigan’s Automotive CISOs
Few industries present a more complex cybersecurity challenge than automotive. The modern vehicle is a networked platform. The manufacturing floor is a convergence of IT and operational technology. The supply chain spans dozens of countries and thousands of vendors. And the competitive pressure to digitize, electrify, and connect everything runs directly against the security instinct…The…
-
The Bluegrass State’s Security Leaders: Kentucky CISOs to Know
Kentucky’s cybersecurity leadership spans government, academic medicine, community healthcare, manufacturing technology, banking, and global software platforms. The CISOs in this feature have built programs inside environments as different as a city government and a Fortune-level enterprise acquisition, but they share a common thread: careers shaped by the specific demands of the institutions and industries Kentucky…The…
-
CISO Diaries: Thomas Kopeinig-Gatterer on Intelligent Risk, Resilience, and Security at the Speed of Change
Cybersecurity leadership today is less about building walls and more about helping organizations make better decisions under uncertainty. In CISO Diaries, we speak with leading security executives around the world to understand how they navigate that reality: how they structure their days, make judgment calls under pressure, build trust across the business, and think about…The…
-
TekStream Targets Proactive Security With ImagineX Cyber Buy
Acquisition Adds Advisory, GRC and Vulnerability Services to ImagineX’s MDR Core. TekStream acquired ImagineX’s cyber division to integrate advisory, vulnerability management and GRC with its MDR services, aiming to help CISOs defend against faster, AI-driven attacks by unifying proactive and reactive security into a single operational model. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/tekstream-targets-proactive-security-imaginex-cyber-buy-a-31507
-
New US House privacy bills raise hard questions about enterprise data collection
Tags: access, ai, awareness, banking, business, cio, ciso, compliance, credentials, data, finance, framework, governance, group, identity, insurance, Internet, jobs, law, privacy, regulation, risk, service, strategy, supply-chainWhere privacy law overlaps with AI governance: The SECURE Data Act does not contain broad, standalone AI governance rules, but it still touches AI in meaningful ways.The bill includes opt-outs for fully automated profiling used for decisions with legal or similarly significant effects. That language can clearly implicate some uses of AI, particularly in hiring,…
-
TDL 020 – Why DNS Is Your First Line of Cyber Defense – Chris Buijs
Tags: access, attack, automation, business, cisco, ciso, cloud, container, corporate, country, cyber, cybersecurity, data, ddos, defense, dns, encryption, endpoint, finance, firewall, group, hacker, ibm, infrastructure, Internet, iot, jobs, malicious, microsoft, network, office, phone, programming, router, saas, service, software, startup, strategy, switch, technology, threat, tool, training, update, usa, vulnerability, zero-trustIn Episode 20 of The Defender’s Log, host David Redekop sits down with Amsterdam-based tech veteran Chris Buijs to discuss the often-overlooked backbone of internet security: DNS (Domain Name System). The “Set-it-and-Forget-it” Trap Buijs, who transitioned from an electrician to a network architect, notes that many organizations treat DNS as a “utility” rather than a…
-
TDL 020 – Why DNS Is Your First Line of Cyber Defense – Chris Buijs
Tags: access, attack, automation, business, cisco, ciso, cloud, container, corporate, country, cyber, cybersecurity, data, ddos, defense, dns, encryption, endpoint, finance, firewall, group, hacker, ibm, infrastructure, Internet, iot, jobs, malicious, microsoft, network, office, phone, programming, router, saas, service, software, startup, strategy, switch, technology, threat, tool, training, update, usa, vulnerability, zero-trustIn Episode 20 of The Defender’s Log, host David Redekop sits down with Amsterdam-based tech veteran Chris Buijs to discuss the often-overlooked backbone of internet security: DNS (Domain Name System). The “Set-it-and-Forget-it” Trap Buijs, who transitioned from an electrician to a network architect, notes that many organizations treat DNS as a “utility” rather than a…
-
Top Cybersecurity Marketing Agencies in 2026: The Specialists Who Actually Understand the Industry
Cybersecurity is one of the hardest industries to market. Buyers are CISOs who can spot a generalist agency in seconds. Here are the top 7 cybersecurity marketing agencies of 2026, each with real security expertise, proprietary buyer data, and proven client results to help you pick right. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/top-cybersecurity-marketing-agencies-in-2026-the-specialists-who-actually-understand-the-industry/
-
What the Mythos-Ready Briefing Says About Credentials
The Mythos-ready briefing names secrets rotation, NHI governance, and honeytokens as critical controls. Zero-days don’t replace credential attacks; they accelerate them. Credential security deserves to move up every CISO’s priority list. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/what-the-mythos-ready-briefing-says-about-credentials/
-
What the Mythos-Ready Briefing Says About Credentials
The Mythos-ready briefing names secrets rotation, NHI governance, and honeytokens as critical controls. Zero-days don’t replace credential attacks; they accelerate them. Credential security deserves to move up every CISO’s priority list. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/what-the-mythos-ready-briefing-says-about-credentials/
-
Cloudsmith Raises $72M for Software Supply-Chain Security
Recent Package Compromises Pushed Software Component Trust to the Security Agenda. Cloudsmith raised a $72 million Series C led by TCV to expand policy enforcement, auditability and real-time package risk analysis as CISOs focus more closely on software supply-chain threats tied to open-source dependencies, AI-assisted development and compromised artifacts. First seen on govinfosecurity.com Jump to…
-
Measuring Cyber Risk Performance: How CISOs Can Report to the Board
<div cla Cybersecurity has matured significantly over the past decade. Most enterprise cyber risk management programs now operate with sophisticated tooling, continuous monitoring, formalized governance models, and structured risk management processes. Yet one challenge remains persistent across industries and companies of varying levels of digital maturity: translating cyber risk into language that resonates in the…
-
A year in, Zoom’s CISO reflects on balancing security and business
In this Help Net Security interview, Sandra McLeod, CISO at Zoom, reflects on her first year in the role. She talks about moving from reactive firefighting to business … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/23/sandra-mcleod-zoom-ciso-leadership/
-
Sicherheit für Identitäten und Daten Identität ist der Zugangsweg, Daten sind das Ziel
Zu der Arbeit an einem modernen PC-Arbeitsplatz gehört heute der Umgang mit mehreren persönlichen Benutzerkonten genauso selbstverständlich dazu wie Maus und Tastatur. In Unternehmen stehen CISOs und IT-Mitarbeiter deshalb vor der Aufgabe, immer mehr Benutzeridentitäten verwalten und umfassend absichern zu müssen. Doch damit nicht genug: Sie sind auch dafür verantwortlich, Ordnung in rasant wachsende Datenmengen…