Tag: ciso

How to Prepare for EU AI Act Compliance by February 2nd

Jan 28, 2025 12:03 AM

Tags: ai, ciso, compliance

As the February 2nd deadline approaches, CISOs and CCOs face the pressing task of aligning their organizations with the EU AI Act’s stringent requirements. Chapter 1, Article 4 mandates AI literacy for all staff involved in AI operations, while Chapter 2, Article 5 prohibits certain practices that could infringe on fundamental rights. This article explores……
Crisis Simulations: A Top 2025 Concern for CISOs

Jan 28, 2025 12:03 AM

Tags: ciso, cybersecurity

CISOs are planning to adjust their budgets this year to reflect their growing concerns for cybersecurity preparedness in the event of a cyberattack. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/crisis-simulations-2025-concern-cisos
CISOs Are Gaining C-Suite Swagger, but Has It Come With a Cost?

Jan 27, 2025 5:03 PM

Tags: ceo, ciso

The number of CISOs who report directly to the CEO is up sharply in recent years, but many still say it’s not enough to secure adequate resources. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/cisos-gaining-c-suite-swagger
CISOs Boost Crisis Simulation Budgets Amid High-Profile Cyber-Attacks

Jan 27, 2025 2:03 PM

Tags: attack, ciso, cyber

74% of CISOs plan to increase their cyber crisis simulation budgets in 2025 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ciso-boost-crisis-simulation/
CISOs’ top 12 cybersecurity priorities for 2025

Jan 27, 2025 11:03 AM

Tags: access, ai, api, attack, authentication, automation, awareness, business, cio, ciso, cloud, compliance, control, corporate, cybersecurity, data, detection, framework, governance, identity, incident response, infrastructure, intelligence, jobs, mitigation, monitoring, mssp, oracle, penetration-testing, privacy, risk, risk-management, service, strategy, technology, threat, training, usa, zero-trust

Security chief Andrew Obadiaru’s to-do list for the upcoming year will be familiar to CISOs everywhere: advance a zero-trust architecture in the organization; strengthen identity and access controls as part of that drive; increase monitoring of third-party risks; and expand the use of artificial intelligence in security operations.”Nothing is particularly new, maybe AI is newer,…
Cybersecurity needs women, and it needs to treat them better

Jan 27, 2025 8:03 AM

Tags: cio, ciso, computer, cyber, cyberattack, cybersecurity, data-breach, group, healthcare, jobs, service, skills, technology, training

The participation of women in cybersecurity is vital, a non-negotiable proposition. Forget any current handwringing over diversity and equity; it’s fundamental that the contribution of women to the profession has made cybersecurity better.The proverbial door was kicked open long ago for women, who have made major contributions to the development of information security. But it’s…
The Security Risk of Rampant Shadow AI

Jan 23, 2025 6:22 PM

Tags: ai, ciso, LLM, risk

While employees want to take advantage of the increased efficiency of GenAI and LLMs, CISOs and IT teams must be diligent and stay on top of the most up-to-date security regulations. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/security-risk-rampant-shadow-ai
CISOs stehen unter Druck – Compliance fordert ihren Tribut von IT-Sicherheitsverantwortlichen

Jan 23, 2025 3:22 PM

Tags: ciso, compliance

First seen on security-insider.de Jump to article: www.security-insider.de/cybersecurity-kommunikation-zwischen-abteilung-vorstand-a-5cff9c51254f348f7b97bf2104bb3940/
CISOs Dramatically Increase Boardroom Influence but Still Lack Soft Skills

Jan 23, 2025 2:22 PM

Tags: ceo, ciso, skills

Splunk reveals that 82% of CISOs now report directly to the CEO, but many lack EQ First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisos-increase-boardroom-influence/
Geben Sie LLM-Alarmismus keine Chance!

Jan 23, 2025 6:22 AM

Tags: ai, ciso, cybercrime, hacking, LLM, malware, phishing, ransomware, risk, social-engineering, tool, vulnerability
CISOs are juggling security, responsibility, and burnout

Jan 23, 2025 6:22 AM

Tags: ciso, risk

This article gathers excerpts from multiple reports, presenting statistics and insights that may be valuable for CISOs, helping them with informed decision-making, risk … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/23/ciso-statistics-insights/
Is Your Automation Exposing Critical Data?

Jan 23, 2025 6:22 AM

Tags: automation, business, ciso, data, identity

Is Automation Compromising Your Data Security? In modern business environments, how secure is your automation process? Alarmingly, many companies are unknowingly exposing critical data due to inadequate Non-Human Identity (NHI) and Secrets Management practices. This emerging field is crucial to maintaining data integrity and has become a high-priority concern for many CISOs, IT professionals, and……
Mastercard’s multi-year DNS cut-and-paste nightmare

Jan 23, 2025 5:22 AM

Tags: attack, ceo, ciso, control, cybersecurity, data, dns, finance, hacking, Internet, linkedin, mail, network, phishing, risk, service, threat

Due to a Domain Name System (DNS) setting error, which the security researcher who discovered it said was almost certainly a cut-and-paste problem, Mastercard had a DNS record with a missing character for almost five years. That error would have allowed attackers to potentially take over the subdomain, create a bogus site that mimics the…
Rethinking Credential Security

Jan 23, 2025 5:22 AM

Tags: ciso, credentials

Whether you’re a CISO or a security professional this Q&A is packed with credential security insights you can implement today. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/rethinking-credential-security/
25 on 2025: APAC security thought leaders share their predictions and aspirations

Jan 22, 2025 8:22 PM

Tags: access, advisory, ai, api, attack, authentication, awareness, best-practice, breach, business, ciso, cloud, compliance, control, cryptography, csf, cyber, cyberattack, cybercrime, cybersecurity, dark-web, data, data-breach, deep-fake, detection, disinformation, encryption, endpoint, exploit, extortion, finance, framework, fraud, government, group, hacking, Hardware, identity, incident, incident response, infrastructure, injection, intelligence, international, iot, malicious, malware, microsoft, monitoring, network, nist, phishing, privacy, ransomware, regulation, resilience, risk, risk-management, scam, service, skills, social-engineering, software, spear-phishing, strategy, supply-chain, tactics, technology, threat, tool, training, update, vulnerability, warfare, zero-trust

As threat actors and security teams harness the growing potential of artificial intelligence (AI), who will prevail? From generative AI (GenAI) to agentic AI, we look through the lens of 25 of Asia-Pacific’s thought leaders in security and dive into their predictions and goals for the year. src=”https://b2b-contenthub.com/wp-content/uploads/2025/01/Athikom.jpg?quality=50&strip=all” alt=”athikom” loading=”lazy” width=”400px”>Athikom Kanchanavibhu Chief Information Security…
2024 Most Inspiring Women in Cyber Winners: Where Are They Now?

Jan 22, 2025 2:22 PM

Tags: ceo, ciso, cyber, cybersecurity

Over the past five years, The Most Inspiring Women in Cyber Awards have celebrated some of the most exceptional women from across the cybersecurity industry. From new starters and students to CEOs and CISOs, the awards aim to celebrate outstanding individuals at every level of the industry. No deed is too small for recognition and…
Cybersecurity is tough: 4 steps leaders can take now to reduce team burnout

Jan 22, 2025 7:22 AM

Tags: ai, attack, breach, business, ciso, compliance, control, corporate, cybercrime, cybersecurity, group, incident response, international, jobs, risk, soc, tactics, threat

Working in cybersecurity is only getting harder. Cybercriminals continue to up their game as security teams scramble to catch up with attack tactics and techniques. Organizations put near-impossible demands on their security departments, often with little or no support.The “always-on” nature of many roles in cybersecurity (from SOC analyst to incident response to the CISO)…
Security chiefs whose companies operate in the EU should be exploring DORA now

Jan 22, 2025 7:22 AM

Tags: attack, business, ciso, compliance, conference, corporate, cyber, cybersecurity, data, detection, dora, finance, framework, GDPR, incident, network, regulation, resilience, risk, service, technology, threat, vulnerability

If your enterprise operates in Europe, you should care about the Digital Operational Resilience Act (DORA), which took effect on January 17. DORA, also known as Directive (EU) 2022/2555 of the European Parliament, aims to enhance and build the EU’s cybersecurity capabilities and it has been hanging like the Sword of Damocles over the heads…
Acronis CISO on why backup strategies fail and how to make them resilient

Jan 22, 2025 6:22 AM

Tags: backup, ciso, strategy

In this Help Net Security interview, Gerald Beuchelt, CISO at Acronis, discusses common backup strategy pitfalls, reasons for backup failures, and offers actionable advice for … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/22/gerald-beuchelt-acronis-backup-strategy/
CISO Top 10 Priorities for Q1 2025: Key Findings and Evolving Focus

Jan 21, 2025 9:23 PM

Tags: ciso

First seen on scworld.com Jump to article: www.scworld.com/perspective/ciso-top-10-priorities-for-q1-2025-key-findings-and-evolving-focus
Why CISOs Must Think Clearly Amid Regulatory Chaos

Jan 21, 2025 8:22 PM

Tags: ciso

Even as the rule book changes, the profession of the CISO remains unchanged: protecting the organization in a world of constant, continually evolving threats. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/cisos-must-think-clearly-amid-regulatory-chaos
7 top cybersecurity projects for 2025

Jan 21, 2025 12:22 PM

Tags: access, advisory, ai, backup, best-practice, breach, business, cio, ciso, cloud, compliance, control, cyber, cybersecurity, data, data-breach, detection, encryption, framework, google, governance, infrastructure, intelligence, law, mitigation, monitoring, network, resilience, risk, risk-management, service, strategy, technology, threat, tool, vulnerability

As 2025 dawns, CISOs face the grim reality that the battle against cyberattackers never ends. Strong and carefully planned cybersecurity projects are the best way to stay a step ahead of attackers and prevent them gaining the upper hand.”Urgency is the mantra for 2025,” says Greg Sullivan, founding partner of cybersecurity services firm CIOSO Global.…
Wie sich Cybersecurity mit KI im Jahr 2025 weiterentwickelt

Jan 21, 2025 6:22 AM

Tags: ai, ciso, cloud, cybersecurity, google, intelligence, mandiant, office, threat

Kürzlich veröffentlichte Google Cloud seinen Cybersecurity Forecast für das Jahr 2025 [1]. Der Bericht enthält zukunftsweisende Erkenntnisse mehrerer führender Sicherheitsverantwortlicher von Google Cloud darunter Google Threat Intelligence, Mandiant Consulting und das Office of the CISO von Google Cloud. Sie beschreiben unter anderem, wie die nächste Phase der künstlichen Intelligenz (KI) sowohl für Angreifer als… First…
Check Point veröffentlicht Security-Report 2025

Jan 20, 2025 3:22 PM

Tags: ciso, cyber, cyberattack, cyersecurity, software

Check Point Software Technologies hat seinen jährlichen Bericht ‘The State of Global Cyber Security 2025″ veröffentlicht. Angesichts eines alarmierenden Anstiegs der weltweiten Cyber-Angriffe um 44 Prozent im Vergleich zum Vorjahr enthüllt der Bericht neue Cyber-Trends, neue Taktiken von Hackern und gibt CISOs Anleitungen an die Hand, um unbeschadet durch das Jahr zu kommen. ‘Bei der Cybersicherheit…
How organizations can secure their AI code

Jan 20, 2025 8:22 AM

Tags: ai, application-security, awareness, backdoor, breach, business, chatgpt, ciso, compliance, control, credentials, crime, cybersecurity, data, data-breach, finance, github, healthcare, LLM, malicious, ml, open-source, organized, programming, risk, risk-management, software, startup, strategy, supply-chain, technology, tool, training, vulnerability

In 2023, the team at data extraction startup Reworkd was under tight deadlines. Investors pressured them to monetize the platform, and they needed to migrate everything from Next.js to Python/FastAPI. To speed things up, the team decided to turn to ChatGPT to do some of the work. The AI-generated code appeared to function, so they…
Midsize firms universally behind in slog toward DORA compliance

Jan 20, 2025 8:22 AM

Tags: ai, business, ciso, compliance, cybersecurity, dora, finance, germany, insurance, intelligence, monitoring, resilience, risk, service, skills, technology, tool

Beginning Friday, Jan. 17, all EU financial institutions are now required to operate in compliance with the Digital Operational Resilience Act (DORA). The EU directive aims to increase cybersecurity in the financial industry. However, studies show that many companies are still struggling with implementation.According to a November 2024 survey from metafinanz, the average level of…
Diese Security-Technologien haben ausgedient

Jan 20, 2025 6:22 AM

Tags: ai, authentication, bug-bounty, ciso, cloud, compliance, credentials, cyberattack, cyersecurity, firewall, gartner, Hardware, network, password, penetration-testing, risk, service, siem, strategy, tool, vpn, vulnerability, waf, zero-trust
US hits back against China’s Salt Typhoon group

Jan 18, 2025 5:22 AM

Tags: attack, backdoor, china, cisa, ciso, communications, computer, control, crypto, cve, cyber, cyberattack, cybersecurity, defense, detection, disinformation, espionage, exploit, finance, government, group, infosec, infrastructure, intelligence, ivanti, law, malicious, mandiant, microsoft, network, north-korea, office, tactics, technology, theft, threat, tool, vpn, vulnerability

The US is hitting back against the threat group, dubbed Salt Typhoon by Microsoft, which is allegedly behind recent cyber attacks against American telecommunications providers, as part of a wider campaign against Chinese-based hacking.On Friday the Department of the Treasury’s Office of Foreign Assets Control (OFAC) said it is sanctioning Sichuan Juxinhe Network Technology, a…
Back to the Basics For 2025: Securing Your Business

Jan 18, 2025 1:22 AM

Tags: business, ciso, cloud, cybersecurity, mfa, service, training

Gary Perkins, CISO at CISO Global Cybersecurity may seem complex, but it boils down to consistent implementation of best practices. Disabling unnecessary services, securing cloud configurations, enforcing MFA, training employees, and adopting a proactive security mindset are crucial steps to safeguarding your business. In 2025, prioritize these basics to significantly reduce your exposure to threats……
Cloud 3.0 Is Here: What CISOs Must Do Now

Jan 15, 2025 9:02 PM

Tags: ai, ceo, ciso, cloud, data, risk, strategy

CSA’s Jim Reavis on Why Generative AI Requires a Shift in Data Security Strategy. Over the past two years, AI enabled by a cloud interface has ushered in the age of cloud 3.0. The industry is evolving faster than anyone could predict, forcing organizations to rethink their security and risk strategies, said Jim Reavis, CEO…