Tag: ciso

#Infosec2025: UK Retail Hack Was Subtle, Not Complex, Says River Island CISO

Jun 5, 2025 1:54 PM

Tags: attack, ciso

The attacks on UK retailers are “a wake-up call” for the industry, said River Island’s Information Security Officer First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/uk-retail-hack-river-island-ciso/
Get out of the audit committee: Why CISOs need dedicated board time

Jun 5, 2025 9:54 AM

Tags: ai, business, ciso, cyber, cybersecurity, data, framework, mitigation, resilience, risk, risk-management, strategy, technology, threat, update

The full partnership model between CISO and board: Full and frank security discussions are more than just a ‘nice to have’. The SEC has indicated it expects public companies with senior leadership to be transparent in how they assess and communicate cybersecurity risks.By extension, CISOs have an important role in communicating risks to senior leadership…
Cyber Resilience in Zeiten geopolitischer Unsicherheit

Jun 5, 2025 6:54 AM

Tags: cio, ciso, cloud, compliance, cyber, cyberattack, firewall, governance, infrastructure, monitoring, resilience, risk, risk-analysis, siem, update, vulnerability-management

Cyberbedrohungen existieren längst nicht mehr im luftleeren Raum sie entstehen im Spannungsfeld von Geopolitik, regulatorischer Zersplitterung und einer stetig wachsenden digitalen Angriffsfläche.Cybersecurity ist heute ein rechtliches, operatives und geopolitisches Thema. Für CIOs und CISOs ist die Botschaft eindeutig: Resilienz bedeutet nicht mehr nur, zu reagieren, sondern vorbereitet zu sein. Vorbereitung heißt, Systeme und Teams aufzubauen,…
What the Arc Browser Story Reveals About the Future of Browser Security

Jun 5, 2025 5:54 AM

Tags: ai, antivirus, api, browser, ceo, chrome, ciso, crypto, data, email, github, infrastructure, jobs, LLM, macOS, malware, password, phishing, saas, software, startup, update, vulnerability, windows

By Dakshitaa Babu, Security Researcher, SquareX In a candid letter that Joshua Miller, CEO of Arc Browser, wrote to the community, he revealed a truth the tech industry has been dancing around: “the dominant operating system on desktop wasn’t Windows or macOS anymore”Š”, “Šit was the browser.” The evidence is everywhere”Š”, “Šcloud revenue surging year…
Why Identity Security Still Lags in Healthcare Sector

Jun 4, 2025 10:54 PM

Tags: ciso, cyber, cybersecurity, healthcare, identity

Identity security is still one of the most underinvested areas of cybersecurity across the healthcare sector, regardless of the depth of cyber resources available to many different types and sizes of entities, said Hugo Lai, CISO at Temple University Health System. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/identity-security-still-lags-in-healthcare-sector-i-5480
The Forgotten Details of Ransomware Response Plans

Jun 4, 2025 9:55 PM

Tags: attack, ciso, healthcare, ransomware

While healthcare organizations often know in general what they need to do in case they’re faced with a ransomware attack, the devil is in the details of how comprehensive and well-rehearsed that incident preparedness plan is for optimal response, said Rick Doten, vice president and healthplan CISO at Centene Corp. First seen on govinfosecurity.com Jump…
#Infosec2025: Simplicity Should Guide Cybersecurity Purchasing Decisions

Jun 4, 2025 4:55 PM

Tags: ciso, cybersecurity, guide

Experts argue that CISOs should avoid product duplication and simplify their language to ensure budget is spent wisely First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/infosec2025-cybersecurity/
#Infosec2025: UK Retail Hack Was ‘Subtle, Not Complex,’ Says River Island CISO

Jun 4, 2025 3:55 PM

Tags: attack, ciso

The attacks on UK retailers are “a wake-up call” for the industry, said River Island’s Information Security Officer First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/uk-retail-hack-river-island-ciso/
Cybersecurity’s ‘rare earth’ skills: Scarce, high-value, and critical for future defense

Jun 4, 2025 11:55 AM

Tags: ai, attack, business, ciso, computing, crypto, cryptography, cyber, cybersecurity, data, defense, detection, intelligence, jobs, programming, risk, skills, strategy, supply-chain, technology, threat, training

Advanced threat hunting expertise Like the rarest elements, professionals who can proactively identify novel threats and adversary techniques before they cause damage are scarce and extremely valuable. Why are these skills rare? Many factors have led to this scenario:Complex skill requirements: Effective threat hunters need a unique combination of skills, including deep cyber knowledge, programming…
6 ways CISOs can leverage data and AI to better secure the enterprise

Jun 4, 2025 10:54 AM

Tags: advisory, ai, antivirus, attack, automation, breach, business, ciso, cloud, compliance, computer, corporate, cyber, cyberattack, cybersecurity, data, detection, firewall, framework, governance, guide, infrastructure, LLM, login, ml, network, programming, risk, risk-analysis, service, siem, soc, software, technology, threat, tool, training

Emphasize the ‘learning’ part of ML: To be truly effective, models need to be retrained with new data to keep up with changing threat vectors and shifting cyber criminal behavior.”Machine learning models get smarter with your help,” Riboldi says. “Make sure to have feedback loops. Letting analysts label events and adjust settings constantly improves their…
Rethinking governance in a decentralized identity world

Jun 4, 2025 6:55 AM

Tags: ciso, data, governance, identity, privacy

Decentralized identity (DID) is gaining traction, and for CISOs, it’s becoming a part of long-term planning around data protection, privacy, and control. As more … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/04/governance-decentralized-identity/
CISOs need better tools to turn risk into action

Jun 4, 2025 6:55 AM

Tags: ciso, cybersecurity, ivanti, risk, tool

Many organizations are overwhelmed by the complexity of their IT systems, making it difficult to manage cybersecurity risks, according to a new Ivanti report. The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/04/ciso-exposure-management/
What Tackling the SaaS Security Problem Means to Me

Jun 3, 2025 6:54 PM

Tags: access, ai, api, attack, authentication, breach, business, ceo, ciso, cloud, control, credentials, crypto, data, data-breach, detection, exploit, google, identity, incident response, infrastructure, jobs, lessons-learned, login, mfa, microsoft, ml, mssp, saas, siem, threat, tool, zero-day

By Kevin Hanes, CEO of Reveal Security When I reflect on the years I spent leading one of the world’s largest Security Operations Centers (SOCs) and incident response teams, the lessons learned aren’t just war stories”¦they’re a playbook for how we should rethink our responsibilities in the face of today’s fast-evolving attack surfaces. Back then,…
Is Your CISO Navigating Your Flight Path?

Jun 3, 2025 5:54 PM

Tags: ceo, ciso

If your CISO isn’t wielding influence with the CEO and helping top leaders clearly see the flight path ahead, your company is dangerously exposed. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/ciso-navigating-your-flight-path
Interlock and the Kettering Ransomware Attack: ClickFix’s Persistence

Jun 3, 2025 4:54 PM

Tags: access, attack, breach, captcha, ciso, computer, control, credentials, cyberattack, data, data-breach, detection, endpoint, exploit, group, healthcare, HIPAA, incident response, injection, malicious, mobile, network, phishing, powershell, ransom, ransomware, risk, saas, service, technology, threat, tool, vulnerability

In healthcare, every minute of downtime isn’t just a technical problem”Š”, “Šit’s a patient safety risk. CNN recently reported that Kettering Health, a major hospital network in Ohio, was hit by a ransomware attack. According to CNN, the Interlock ransomware group claimed responsibility, sending a chilling reminder that healthcare remains a prime target for this particular…
#Infosec2025: Demand More of Your Vendors to Ease Quantum Transition, Say Experts

Jun 3, 2025 3:54 PM

Tags: ciso, regulation

CISOs should demand more of their vendors and use regulation as an ally to persuade board members to accelerate the transition to post-quantum safety First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/infosec2025-vendors-quantum/
‘In der Security geht es vor allem um Resilienz”

Jun 3, 2025 9:54 AM

Tags: ai, awareness, backup, business, cio, ciso, cyber, cyberattack, cyersecurity, deep-fake, governance, group, ransomware, resilience, social-engineering, strategy, tool, training, vulnerability

Timo Wandhöfer verantwortet als Group CISO beim Metallverarbeiter Klöckner & Co den Bereich Informationssicherheit und Business Continuity Management (BCM). Klöckner & Co SERansomware-Attacken zählen nach wie vor zu den größten Cyberbedrohungen in der Industrie. Wie schützen Sie Ihr Unternehmen vor solchen Angriffen? Und worauf kommt es dabei besonders an?Wandhöfer: Ja, das ist richtig. Auch bei…
Beyond Perimeter Defense: Making Attack Surface Management a Business Enabler

Jun 2, 2025 5:54 PM

Tags: attack, business, cio, ciso, cyber, defense, risk, threat

As cyber threats outpace traditional perimeter defenses, organizations face mounting risks in their digital transformation efforts. This article examines how Outpost24’s continuous attack surface management transforms security into a strategic business enabler, equipping CISOs, CIOs, and IT Directors with automated visibility and insights to pursue innovation with confidence and resilience. First seen on techrepublic.com Jump…
CISO Roles Take on Strategic Security Leadership Roles Beyond Cybersecurity as Organizations

Jun 2, 2025 1:54 PM

Tags: business, ciso, cyber, cybersecurity

A comprehensive analysis of over 800 Chief Information Security Officers reveals a fundamental transformation in the cybersecurity leadership landscape, with CISOs increasingly assuming strategic business responsibilities that extend far beyond traditional information security functions. The fifth annual CISO Compensation and Budget Survey conducted by IANS and Artico Search demonstrates that the modern CISO role is…
6 hard truths security pros must learn to live with

Jun 2, 2025 12:54 PM

Tags: ai, attack, breach, business, ciso, control, credentials, cyber, cyberattack, cybercrime, cybersecurity, data, data-breach, defense, detection, finance, fraud, gartner, hacker, ibm, insurance, jobs, network, phishing, resilience, risk, risk-management, skills, social-engineering, tactics, technology, threat, training, vulnerability

No matter how good you are, your organization will be victimized: This is a hard one to swallow, but if we take the “five stages of grief” approach to cybersecurity, it’s better to reach the “acceptance” level than to remain in denial because much of what happens is simply out of your control.A global survey…
CISO 3.0: Leading AI governance and security in the boardroom

Jun 2, 2025 7:55 AM

Tags: ai, ciso, cybersecurity, governance

In this Help Net Security interview, Aaron McCray, Field CISO at CDW, discusses how AI is transforming the CISO role from a tactical cybersecurity guardian into a strategic … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/02/aaron-mccray-cdw-cisos-ai-security/
Security awareness training isn’t stopping breaches. Can AI help?

Jun 2, 2025 6:55 AM

Tags: ai, awareness, ciso, training

In this Help Net Security video, Mick Leach, Field CISO at Abnormal AI, explores why security awareness training (SAT) is failing to reduce human error, the top cause of … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/02/security-awareness-training-ai-video/
Cybersecurity Snapshot: New Standard for AI System Security Published, While Study Finds Cyber Teams Boost Value of Business Projects

May 31, 2025 6:55 AM

Tags: access, ai, attack, authentication, awareness, best-practice, breach, business, ceo, ciso, cloud, compliance, computer, conference, control, cyber, cybersecurity, data, email, extortion, framework, group, guide, hacker, Hardware, intelligence, Internet, kubernetes, law, linux, login, metric, mfa, microsoft, mobile, phishing, ransom, ransomware, risk, service, software, supply-chain, technology, threat, tool, unauthorized, update, windows

Check out ETSI’s new global standard for securing AI systems and models. Plus, learn how CISOs and their teams add significant value to orgs’ major initiatives. In addition, discover what webinar attendees told Tenable about their cloud security challenges. And get the latest on properly decommissioning tech products; a cyber threat targeting law firms; and…
Cybersecurity Insights with Contrast CISO David Lindner – 05/30/25

May 30, 2025 11:55 PM

Tags: ai, ciso, cybersecurity, metric
The million-dollar CISO: Report reveals high pay, low satisfaction

May 30, 2025 10:55 PM

Tags: ciso

First seen on scworld.com Jump to article: www.scworld.com/news/the-million-dollar-ciso-report-reveals-high-pay-low-satisfaction
Million-dollar Salaries, Board Influence Mark the CISO’s Rise

May 30, 2025 8:55 PM

Tags: ciso

Five years post-pandemic, half of CISOs at enterprises with revenue of $20 billion or more now hold EVP- or SVP-level titles. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/million-dollar-salaries-board-influence-mark-the-cisos-rise/
Getting Exposure Management Right: Insights from 500 CISOs

May 30, 2025 6:55 PM

Tags: breach, ciso, flaw, penetration-testing

Pentesting isn’t just about finding flaws, it’s about knowing which ones matter. Pentera’s 2025 State of Pentesting report uncovers which assets attackers target most, where security teams are making progress, and which exposures still fly under the radar. Focus on reducing breach impact, not just breach count. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/getting-exposure-management-right-insights-from-500-cisos/
CISO Stature Rises, but Security Budgets Remain Tight

May 30, 2025 3:55 PM

Tags: ciso

The rate of compensation gains has slowed from the COVID years, and budgets remain largely static due to economic fears, but CISOs are increasingly gaining executive status and responsibilities. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/ciso-stature-rises-budgets-tight
From the “Department of No” to a “Culture of Yes”: A Healthcare CISO’s Journey to Enabling Modern Care

May 30, 2025 1:55 PM

Tags: ciso, healthcare

Breaking Out of the Security Mosh PitWhen Jason Elrod, CISO of MultiCare Health System, describes legacy healthcare IT environments, he doesn’t mince words: “Healthcare loves to walk backwards into the future. And this is how we got here, because there are a lot of things that we could have prepared for that we didn’t, because…
Passwortlose Authentifizierung wird für CISOs immer wichtiger

May 30, 2025 12:55 PM

Tags: ai, authentication, business, ciso, credentials, cyber, cyberattack, deep-fake, gartner, mfa, microsoft, password, phishing, risk, risk-management, social-engineering

Selbst MFA ist vor raffinierten, KI-gesteuerten Phishing-Angriffen nicht sicher. Biometrische Verfahren gelten als vielversprechende Alternative.Die rasante Entwicklung von KI-Agenten eröffnet Cyberkriminellen neue Angriffsmöglichkeiten, die insbesondere für Chief Information Security Officers (CISOs) eine erhebliche Herausforderung darstellen. Automatisierte Angriffe, die von KI gesteuert werden, können herkömmliche Sicherheitsmaßnahmen wie Passwörter und Multi-Faktor-Authentifizierung (MFA) zunehmend unterlaufen. Trotz weit verbreiteter…