Tag: ciso
-
Attention CISOs: The New EU PLD Product Liability Directive Is Effective Now Compliance and Cybersecurity Readiness Required
The European Union’s updated Product Liability Directive (PLD) takes effect this month, with a transition period through December 9, 2026. This update substantially changes how product liability applies to digital products sold in the EU. For Chief Information Security Officers (CISOs), understanding this change is crucial. The new PLD extends liability to digital products, including……
-
Building a robust security posture with limited resources
In this Help Net Security interview, Gareth Lindahl-Wise, CISO at Ontinue, discusses how business leaders can align innovation with cybersecurity, tackle the risks posed by … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/06/gareth-lindahl-wise-ontinue-maintaining-security-posture/
-
CISOs still cautious about adopting autonomous patch management solutions
Tags: automation, business, cisco, ciso, cloud, control, crowdstrike, cybersecurity, email, exploit, firmware, group, infosec, microsoft, open-source, regulation, risk, software, strategy, technology, update, vulnerability, windowsFailing to patch vulnerabilities keeps biting CISOs.The most recent evidence: Last month, the Five Eyes cybersecurity agencies in the US, the UK, Australia, Canada, and New Zealand reported that the top 15 vulnerabilities routinely exploited last year included one that dated back to 2020 (a Microsoft Netlogon hole); one that dated back to 2021 (in…
-
The CISO: Guardian of Data while Navigating Risk Strategic Insights for the Boardroom and Shaping Future Business
Tags: access, ai, breach, business, ciso, cloud, compliance, computing, control, cyber, data, defense, detection, encryption, guide, incident, monitoring, resilience, risk, risk-management, software, strategy, threat, vulnerabilityThe CISO: Guardian of Data while Navigating Risk Strategic Insights for the Boardroom and Shaping Future Business madhav Thu, 12/05/2024 – 06:03 CISOs have one of the most vital roles in organizations today. It is also one of the most challenging. That’s because, regardless of industry or location, organizational data has become a precious asset.…
-
Dear CEO: It’s time to rethink security leadership and empower your CISO
Tags: access, application-security, breach, business, ceo, ciso, compliance, control, cybersecurity, defense, finance, governance, jobs, resilience, risk, strategy, toolAs a CISO, I’ve spent years navigating the delicate balance of responsibility and authority, accountability, and autonomy. After writing “The CISO Paradox,” I was struck by how deeply the article resonated with others in the cybersecurity field.Many reached out to share their own stories and frustrations, all pointing to the same glaring misalignment: CISOs are…
-
Im Gespräch mit Sergej Epp – ‘Der CISO steht oft im Kreuzfeuer”
Tags: cisoFirst seen on security-insider.de Jump to article: www.security-insider.de/sergej-epp-ciso-sysdig-cybersicherheit-a-30fb0609cf997b8ca420a9c386377557/
-
European law enforcement breaks high-end encryption app used by suspects
Tags: awareness, backdoor, ciso, communications, computing, crime, crimes, cryptography, data, defense, encryption, endpoint, exploit, flaw, group, hacker, infrastructure, international, jobs, law, malware, monitoring, service, technology, threat, tool, vulnerabilityA group of European law enforcement agencies were able to crack a high-level encryption app that a group of suspects created to avoid law enforcement monitoring, according to a statement issued Tuesday by Europol. Europol, understandably, did not provide any specifics about how they broke the app, but encryption experts said that the most likely method…
-
Sergej Epp wechselt als CISO von Palo Alto zu Sysdig
Der führende Anbieter von Echtzeit-Cloud-Sicherheit, Sysdig, gab die Ernennung von Sergej Epp zum Chief Information Security Officer (CISO) und von Shanta Kohli zum Chief Marketing Officer (CMO) unter der Leitung von “‹CEO “‹Willam ‘Bill” Welch bekannt, der im vergangenen Monat in das Unternehmen eingetreten ist. Zusammen bringen Kohli und Epp fast vier Jahrzehnte Erfahrung im…
-
63% of companies plan to pass data breach costs to customers
Tags: breach, business, ceo, ciso, compliance, cybersecurity, data, data-breach, finance, ibm, privacy, risk, serviceConsumers may be more on the hook for paying for the rising costs of data breaches than they realize, as companies increasingly turn to price hikes as part of their post-breach cost-recovery strategies. According to a report from IBM earlier this year, nearly two-thirds of companies plan to pass along data breach costs directly to…
-
Talent overlooked: embracing neurodiversity in cybersecurity
In cybersecurity, diverse perspectives help in addressing complex, emerging threats. Increasingly, there’s a push to recognize that neurodiversity brings significant value to cybersecurity. However, neurodiverse people frequently face systemic barriers that hinder their success in the field.Neurodiversity refers to the way some people’s brains work differently to the neurotypical brain. This includes autism, ADHD (attention…
-
Data Risk Intelligence: Sichtbarkeit von Datenrisiken und proaktive Risikominderung neu definieren
Data Risk Intelligence kombiniert positions- und verhaltensbasierte Datenrisikoindikatoren, um Risiken für sensible Daten proaktiv zu erkennen und zu mindern. Erste Lösung, die die Datensicherheitsfunktionen der Imperva Data Security Fabric und der Thales CipherTrust Data Security Platform vereint, um CIOs, CISOs und Datenrisikospezialisten eine äußerst zuverlässige Risikobewertung von Daten zu bieten. Thales kündigt die… First seen…
-
BlackBerry Highlights Rising Software Supply Chain Risks in Malaysia
Tags: access, ai, attack, breach, ceo, ciso, communications, compliance, cyber, cyberattack, cybersecurity, data, detection, espionage, finance, framework, government, infrastructure, intelligence, international, Internet, iot, malware, mobile, monitoring, phishing, ransomware, regulation, resilience, risk, skills, software, strategy, supply-chain, threat, tool, training, vulnerabilityIn 2024, BlackBerry unveiled new proprietary research, underscoring the vulnerability of software supply chains in Malaysia and around the world.According to the study, 79% of Malaysian organizations reported cyberattacks or vulnerabilities in their software supply chains during the past 12 months, slightly exceeding the global average of 76%. Alarmingly, 81% of respondents revealed they had…
-
Treat AI like a human: Redefining cybersecurity
In this Help Net Security interview, Doug Kersten, CISO of Appfire, explains how treating AI like a human can change the way cybersecurity professionals use AI tools. He … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/03/doug-kersten-appfire-ai-oversight/
-
Does Your Company Need a Virtual CISO?
With cybersecurity talent hard to come by and companies increasingly looking for guidance and best practices, virtual and fractional chief information security officers can make a lot of sense. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/does-your-company-need-virtual-ciso
-
AWS launches tools to tackle evolving cloud security threats
The increasing sophistication and scale of cyber threats pose a growing challenge for enterprises managing complex cloud environments. Security teams often face overwhelming volumes of alerts, fragmented workflows, and limited tools to identify and respond to attack patterns spanning multiple events.Amazon Web Services (AWS) is addressing these challenges with two significant updates to its cloud…
-
Zeitgemäße Zugriffsverwaltung in wenigen Schritten optimieren
Tags: cisoCISOs sollten die genannten sechs Punkte bei der Prüfung ihrer IGA-Lösungen berücksichtigen, um ein klares Bild davon zu bekommen, wo sie auf dem Weg … First seen on infopoint-security.de Jump to article: www.infopoint-security.de/zeitgemaesse-zugriffsverwaltung-in-wenigen-schritten-optimieren/a37625/
-
Venafi Machine Identity Security Summit 2024 – Trends, die die Sicherheit von Maschinenidentitäten beeinflussen
Das sechste jährliche Gipfeltreffen bringt zukunftsorientierte CISOs, InfoSec-Führungskräfte, PKI-Administratoren, Plattformingenieure und andere Bran… First seen on infopoint-security.de Jump to article: www.infopoint-security.de/venafi-machine-identity-security-summit-2024-trends-die-die-sicherheit-von-maschinenidentitaeten-beeinflussen/a38206/
-
Der Weg zu einer sicheren Daten-Festung mit Data Governance
CISOs und CIOs sind in einer einzigartigen Position, um diese Zusammenarbeit voranzutreiben. Eine wirkungsvolle Option ist die Einrichtung eines Data … First seen on infopoint-security.de Jump to article: www.infopoint-security.de/der-weg-zu-einer-sicheren-daten-festung-mit-data-governance/a38651/
-
In der Verantwortung: Warum für CISOs viel auf dem Spiel steht
Tags: cisoArbeitsbelastung und das Schreckgespenst der persönlichen Haftung für Vorfälle belasten die Sicherheitsverantwortlichen so sehr, dass viele von ihnen … First seen on welivesecurity.com Jump to article: www.welivesecurity.com/de/business-security/in-der-verantwortung-warum-fur-cisos-viel-auf-dem-spiel-steht/
-
Blackbasta Alert Action for CISOs
Tags: cisoOperating SOCKS proxy We observed them managing at least one SOCKS proxy server that is publicly listed. Although we couldn’t verify it, we suspect th… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2024/05/31/blackbasta-alert-action-for-cisos/
-
The Impacts of the SEC Cyber Rules on Incident Disclosure, CISO Liability
First seen on duo.com Jump to article: duo.com/decipher/the-impact-of-sec-cyber-rules-on-incident-disclosure-ciso-liability
-
‘The Tidal Wave Coming At Everybody:’ The Issue of Data Sprawl and Identity
CISOs sound off on how security teams are approaching the massive sprawl of different data and accounts across their ecosystem, especially with the pr… First seen on duo.com Jump to article: duo.com/decipher/the-tidal-wave-coming-at-everybody-the-issue-of-data-sprawl-and-identity
-
Wendy Nather on the ‘Topics That Are Distracting CISOs’
Wendy Nather, distinguished cybersecurity leader and director of strategic engagements at Cisco, talks to Lindsey O’Donnell-Welch, executive editor wi… First seen on duo.com Jump to article: duo.com/decipher/wendy-nather-on-the-topics-that-are-distracting-cisos
-
Security-FinOps collaboration can reap hidden cloud benefits: 11 tips
For enterprises operating on the cloud, security and cost management are rising concerns.Typically, these issues are addressed in silos, with cyber teams and FinOps teams pursuing their charters and priorities separately, and with little thought given to collaboration opportunities between these teams that could be leveraged for better business results.As CIOs seek to gain more…
-
T-Mobile Says Sensitive Customer Data Wasn’t Impacted In China-Linked Attack
T-Mobile CISO Jeff Simon said a post Wednesday that ‘our defenses protected our sensitive customer information,’ in the wake of reports about a major hacking operation by a China-linked threat actor targeting internet service providers. First seen on crn.com Jump to article: www.crn.com/news/security/2024/t-mobile-says-sensitive-customer-data-wasn-t-impacted-in-china-linked-attack
-
Cybersecurity’s oversimplification problem: Seeing AI as a replacement for human agency
Tags: access, ai, awareness, business, ciso, computer, cyber, cybersecurity, data, election, infrastructure, intelligence, Internet, jobs, technology, threat, tool, trainingThere’s a philosophical concept called the Great Man Theory that suggests history is all about how significant individuals act as centers of gravity for society as a whole, think Alexander the Great, Napoleon Bonaparte, Queen Elizabeth I, or the founding fathers of the American Revolution.Recent research suggests that cybersecurity and related professions are developing a…