Tag: ciso
-
Is Your CISO Ready to Flee?
Tags: cisoCompanies with $1 billion in revenue or less might want to give a heads-up to HR to kickstart the search for a new CISO, because according to a study from IANS Research, your current CISO might be out the door within a year. The 363 CISOs in SMBs surveyed for the 2025 Small and.. First…
-
How to conduct an effective post-incident review
Tags: breach, business, ciso, compliance, credentials, cyber, cybersecurity, detection, email, finance, governance, group, incident, incident response, lessons-learned, phishing, risk, service, software, tool, training, update, vulnerabilityPerform a root-cause analysis: Your post-incident review must include a root-cause analysis, Taylor says. “Identifying the underlying issues that caused the incident is essential for avoiding future cyber incidents,” he says.The post-incident review team should examine the root causes of the incident, whether they are technical, procedural, or human-related, and implement corrective actions and preventive…
-
Strategies to secure long-life IoT devices
In this Help Net Security interview, Rob ter Linden, CISO at Signify, discusses priorities for CISOs working on IoT security, including the need for compliant infrastructure, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/20/rob-ter-linden-signify-iot-devices-network-security/
-
CISOs flag gaps in GenAI strategy, skills, and infrastructure
95% of C-suite leaders say that GenAI is driving a new level of innovation in their organizations, according to NTT DATA. While CEOs and business leaders are committed to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/20/cisos-genai-adoption/
-
AI Index 2025: What’s changing and why it matters
Stanford recently released its AI Index 2025, and it’s packed with insights on how AI is changing. For CISOs, it’s a solid check-in on where things stand. It covers what the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/20/ai-index-2025/
-
Third-party risk management is broken, but not beyond repair
Getting to the root of the problem: The surge of TPRM tools has automated much of what was once a manual, resource-intensive process. These platforms were developed to simplify the creation, distribution, and completion of security questionnaires, addressing the operational burden organizations often face when conducting third-party risk audits. While they’ve brought much-needed efficiency, they’ve…
-
AI is changing cybersecurity roles, and entry-level jobs are at risk
Will humans remain essential in cybersecurity, or is AI set to take over? According to Wipro, many CISOs are leveraging AI to improve threat detection and response times and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/18/ai-humans-cybersecurity/
-
Why a Layered Approach Is Essential for Cybersecurity and Zero Trust
Today’s cybersecurity landscape is complex and unforgiving. Remote work, Saas, AI Agents, cloud migration, and ever-evolving cyber threats have exposed the limitations of relying on standalone security measures. To reduce risk, CISOs and IT leaders must embrace a layered cybersecurity… Read More First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/06/why-a-layered-approach-is-essential-for-cybersecurity-and-zero-trust/
-
Private 5G: New Possibilities, and Potential Pitfalls
While ushering in great operational value for organizations, private 5G networks add yet another layer to CISOs’ responsibilities. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/securing-private-5g-networks-new-challenges-for-cisos
-
8 tips for mastering multicloud security
Tags: access, attack, automation, business, ciso, cloud, compliance, conference, control, cybersecurity, data, detection, framework, google, governance, identity, intelligence, least-privilege, malware, microsoft, monitoring, okta, resilience, risk, service, siem, skills, software, strategy, technology, threat, tool, training, vulnerability2. Create unified security governance: A unified security governance model should be established, spanning all cloud environments and supported by centralized identity management, visibility, automation, and policy enforcement, advises Nigel Gibbons, director and senior advisor at security services firm NCC Group.This approach, Gibbons says, minimizes complexity and silos by creating consistent security controls across cloud…
-
Hackers love events. Why aren’t more CISOs paying attention?
When CISOs think about risk, they usually think about cloud platforms, laptops, and data centers. But live events like conferences, trade shows, product launches, and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/17/cybersecurity-at-live-events/
-
CISOs brace for a surge in domain-based cyber threats
Cybersecurity threats are growing more complex, and domain-based attacks are at the center of this shift. CSC’s CISO Outlook 2025 report, based on a survey of 300 security … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/17/domain-based-cyber-threats/
-
Security Is Only as Strong as the Weakest Third-Party Link
Third-party risks are increasing dramatically, requiring CISOs to evolve from periodic assessments to continuous monitoring and treating partner vulnerabilities as their own to enhance organizational resilience. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/security-strong-weakest-third-party-link
-
Erster Zero-Click-Angriff auf Microsoft 365 Copilot
Eine Lücke in Microsoft 365 Copilot ermöglicht es, sensible Daten zu stehlen.Stellen Sie sich einen Angriff vor, der so heimlich ist, dass er keine Klicks, keine Downloads und keine Warnungen erfordert es reicht eine einzelne E-Mail, die in Ihrem Posteingang landet. Das ist der Fall bei EchoLeak, einer kritischen Sicherheitslücke in Microsoft 365 Copilot. Sie…
-
Für CISOs: Finden Sie den richtigen Schutz für Ihr Unternehmen – Fünf wichtige Fragen, die Sie einem Cyber Security-Anbieter stellen sollten
First seen on security-insider.de Jump to article: www.security-insider.de/auswahl-cybersicherheitsanbieter-5-schluessel-fragen-a-9274bdeeaf9ce4468bfd36fb5df4bf41/
-
What CISOs are doing to lock in cyber talent before they bolt
Tags: business, ciso, control, credentials, cyber, cybersecurity, finance, jobs, skills, software, strategy, tool, training, vulnerabilityBuild teams from within: Recruiting talent from within the business and training existing employees, even those traditional IT roles, is what helped another CISO, Chapman shares. “I always ask CISOs, ‘Have you looked internally first?’” he says.He explains how the CISO of an industrial organization needed OT security engineers but found them hard to source.…
-
Why banks’ tech-first approach leaves governance gaps
In this Help Net Security interview, Rich Friedberg, CISO at Live Oak Bank, discusses how banks can better align cybersecurity efforts with broader cyber governance and risk … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/16/rich-friedberg-live-oak-bank-banking-cyber-governance/
-
Operationelle Resilienz Koordination & Kooperation im Fokus
Tags: bsi, business, ciso, cloud, cyber, cyberattack, cyersecurity, edr, iam, incident response, infrastructure, intelligence, RedTeam, resilience, strategy, threat, tool, zero-trustUm Unternehmen auf Cybervorfälle vorzubereiten, brauchen CISOs operationelle Resilienz.Die Aufgabe des CISOs besteht darin, sowohl technologische als auch prozessuale und organisatorische Voraussetzungen für die IT-Sicherheit seines Unternehmens zu schaffen. CISOs schaffen eine auf Resilienz abzielende Sicherheitsarchitektur, treiben die Integration interoperabler Plattformen voran und etablieren Prozesse zur kontinuierlichen Risikoüberwachung.Darüber hinaus sorgen sie für den Aufbau von…
-
Why CISOs need to understand the AI tech stack
As AI spreads, so do the risks. Security leaders are being asked to protect systems they don’t fully understand yet, and that’s a problem. A new report from the Paladin Global … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/16/ciso-ai-tech-stack/
-
Why CISOs Must Align Business Objectives & Cybersecurity
This alignment makes a successful CISO, but creating the same sentiment across business leadership creates a culture of commitment and greatly contributes to achieving goals. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/why-cisos-align-business-objectives-cybersecurity
-
Ungepatchte Lücken ermöglichen Übernahme von GitLab-Konten
Tags: access, authentication, best-practice, bug, ceo, ciso, cve, cvss, cyberattack, dos, github, gitlab, incident response, injection, jobs, mfa, password, risk, sans, service, software, update, vulnerabilityExperten warnen vor einem neuen Bug in GitLab.Eine neue Sicherheitslücke in der Ultimate Enterprise Edition von GitLab ist laut einem Experten ‘gefährlich” und muss schnell gepatcht werden.Die Schwachstelle mit der Bezeichnung CVE-2025-5121 ist eine von zehn, die GitLab am Mittwoch bei der Veröffentlichung von Bugfixes und Sicherheits-Updates für selbstverwaltete Installationen beschrieben hat.’Wir empfehlen dringend, alle…
-
What CISOs need to know about agentic AI
GenAI has been the star of the show lately. Tools like ChatGPT impressed everyone with how well they can summarize, write, and respond. But something new is gaining ground: … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/13/ciso-agentic-ai/
-
Securonix Buys ThreatQuotient for Integrated Threat Intel
ThreatQuotient Deal Brings Deeper Context to Alerts and Streamlines SOC Workflows. Securonix has acquired ThreatQuotient to modernize SOC platforms with external threat intelligence and agentic AI. The combined solution aims to help CISOs manage alert overload, boost detection precision and support global scale across regulated industries. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/securonix-buys-threatquotient-for-integrated-threat-intel-a-28681
-
From overwhelmed to in control: How CISOs can build defensible security programs from day one
First seen on scworld.com Jump to article: www.scworld.com/resource/from-overwhelmed-to-in-control-how-cisos-can-build-defensible-security-programs-from-day-one
-
2025 CSO Hall of Fame honorees
Tags: ceo, cio, ciso, corporate, cybersecurity, finance, google, group, infrastructure, international, jobs, risk, risk-management, sans, technologyMeg Anderson, VP & CISO (retired), Principal Financial Group Bob Bruns, CISO, Avanade Jonathan Chow, CISO, Genesys Mignona Cote, CISO, Infor Laura Deaner, Managing Director, CISO, The Depository Trust & Clearing Corporation (DTCC) George Finney, CISO, University of Texas System Michael Gordon, SVP & CISO, McDonald’s Ron Green, Cybersecurity Fellow/Former CSO, Mastercard Shawn Henry, CSO, CrowdStrike Todd Lukens, SVP, Security & Infrastructure, Nationwide Rishi Tripathi,…
-
AI is Redefining Cyber Risk Quantification: Here’s What Every CISO Needs to Know
For years, security leaders have been stuck in a reporting loop: patch volumes, CVSS scores, and red-yellow-green dashboards. These are useful”¦ until they hit the boardroom. That’s when things fall apart. “What does a CVSS score of 9.8 mean for our revenue?” “How exposed are we to real-world loss?” “How much should we budget for……
-
AI is Redefining Cyber Risk Quantification: Here’s What Every CISO Needs to Know
For years, security leaders have been stuck in a reporting loop: patch volumes, CVSS scores, and red-yellow-green dashboards. These are useful”¦ until they hit the boardroom. That’s when things fall apart. “What does a CVSS score of 9.8 mean for our revenue?” “How exposed are we to real-world loss?” “How much should we budget for……