Tag: ciso
-
The rise of vCISO as a viable cybersecurity career path
Tags: advisory, business, ceo, cio, ciso, compliance, computer, control, country, cyber, cybersecurity, government, grc, group, guide, healthcare, incident response, infrastructure, ISO-27001, jobs, mobile, network, nist, risk, risk-assessment, risk-management, service, skills, strategy, technology, tool, trainingDamon Petraglia, vCISO and CISO on demand Blue Mantis Damon Petraglia A long-time cybersecurity pro with chops built up in the federal government world and through forensic investigation work, Damon Petraglia works as a vCISO and CISO on demand for the IT services firm Blue Mantis.”Where I am today as a vCISO is a culmination…
-
KI-Herausforderungen für CISOs und ihre Teams 2025 Mit KI gegen KI
CISOs müssen die neuen Cyberbedrohungen durch KI frühzeitig erkennen. Gleichzeitig müssen sie KI-basierte Lösungen einsetzen, um ihnen einen Schritt voraus zu sein. First seen on ap-verlag.de Jump to article: ap-verlag.de/ki-herausforderungen-fuer-cisos-und-ihre-teams-2025-mit-ki-gegen-ki/95654/
-
Why CISOs Must Prioritize Cybersecurity Culture in Remote Work
In the era of remote and hybrid work, Chief Information Security Officers (CISOs) are now tasked with cultivating a strong cybersecurity culture in remote work, extending far beyond traditional responsibilities like managing firewalls and monitoring networks. The shift to distributed teams has dissolved the traditional office perimeter, exposing organizations to new vulnerabilities and threats. Employees…
-
How to rationalize IDPs (without painful migrations)
For enterprise CIOs, CISOs, and IT leaders, managing multiple identity providers (IDPs) is a costly, complex, and security-intensive challenge. Whether due to M&A activities, multi-cloud strategies, or regulatory requirements, fragmented identity ecosystems drive up expenses, increase security risks, and hinder operational efficiency. Why organizations run multiple identity providers Large enterprises often run multiple Identity Providers……
-
Building IDP Resilience
In today’s digital economy, identity is more than just an authentication checkpoint”, it’s the backbone of user access, security, and continuity. And as CISOs and IAM architects work to modernize their identity systems, one imperative has moved from the sidelines to center stage: IDP resilience. When identity becomes a single point of failure Most enterprises…
-
Bringing Zero Trust Into the AI Era
University of Texas CISO George Finney on Zero Trust Challenges and His New Book. Enterprises need to mature their zero trust models to recognize how trust is inherently built into artificial intelligence and how to proactively identify vulnerabilities. George Finney, CISO at University of Texas Systems, says security teams need to be trained to spot…
-
RSA Conference 2025: How Agentic AI Is Redefining Trust, Identity, and Access at Scale
RSAC 2025 revealed that AI agents are reshaping trust and identity. Learn what top CISOs are doing about it and how the conversation about NHI governance is evolving. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/rsa-conference-2025-how-agentic-ai-is-redefining-trust-identity-and-access-at-scale/
-
Microsoft OneDrive move may facilitate accidental sensitive file exfiltration
want to make syncing easier, as it can create lots of security and IT headaches.The rollout was originally scheduled for this weekend (May 11), but sometime late on Thursday, the Microsoft page about the feature was changed to say that it was being pushed out in June. Microsoft did not immediately explain the delay, but discussions…
-
‘CISOs sprechen heute die Sprache des Business”
Nick Godfrey, Leiter des Office of the CISO bei Google Cloud Google CloudAls Senior Director und Leiter des Office of the CISO bei Google Cloud ist es die Aufgabe von Nick Godfrey, das Unternehmen beim Austausch zwischen CISOs rund um die Themen Cloud und Security zu unterstützen. Godfrey, selbst ehemaliger Sicherheitsverantwortlicher bei einem Finanzdienstleister, leitet…
-
AI in Zero Trust: Hype, Hope and Hidden Gaps
CISOs Seek Real Value as Vendors Tout the Latest Batch of AI-Driven Solutions. As the conversation shifts from generative to agentic AI, it’s clear that AI holds tremendous potential to ease zero trust fatigue, but only when guided by business context, quality data and human oversight. CISOs see AI as a basket of opportunities but…
-
CrowdStrike cuts 500 jobs in AI pivot, but flags risks
A CISO’s new mandate As security vendors trim traditional roles and lean more heavily on AI, will support, integration, and incident response suffer? Ali warned CISOs to “review vendor roadmaps for signs of over-prioritizing AI.”She cautioned that replacing essential human expertise, such as threat researchers or customer success teams, with automated systems like large language…
-
India-Pakistan conflict underscores your C-suite’s need to prepare for war
Tags: business, ciso, communications, conference, cyber, cyberattack, data-breach, disinformation, government, india, infrastructure, military, network, russia, service, supply-chain, ukraine, update, usa, vulnerabilityHow the India-Pakistan conflict raises the stakes: Should the conflict between these two nuclear powers escalate and become a full-blown war, the disruption to supply chains, research and development, and support services has the potential to be significant. Pakistan’s technical hubs in Karachi, Lahore, and Islamabad will be placed in jeopardy. India’s technical hubs in…
-
Why Identity Signals Are Replacing IOCs in Threat Intelligence
The CISO’s View: Too Many Alerts, Too Little Context Imagine a SOC analyst under pressure. Their screen is filled with IP addresses, malware hashes, geolocations, login alerts, and thousands of other signals. It’s a flood of noise. IOCs used to be the gold standard for cyber threat detection, but today? Attackers don’t need malware or……
-
Quantum supremacy: Cybersecurity’s ultimate arms race has China way in front
Tags: ai, authentication, automation, backup, banking, breach, business, china, ciso, computing, control, crypto, cryptography, cybersecurity, data, encryption, finance, government, healthcare, identity, infrastructure, jobs, military, ml, nist, risk, service, skills, technology, threat, update, vulnerability, zero-dayThe DeepSeek/Qwen factor: What we learned from recent AI advances, such as DeepSeek and Qwen, that caught the world by surprise is that China’s technology is much more advanced than anyone anticipated. I’d argue that this is a leading indicator that China’s quantum computing capabilities are also in absolute stealth-mode development and ahead of the…
-
Rethinking AppSec: How DevOps, containers, and serverless are changing the rules
Application security is changing fast. In this Help Net Security interview, Loris Gutic, Global CISO at Bright, talks about what it takes to keep up. Gutic explains how … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/07/loris-gutic-bright-rethinking-appsec/
-
Bridging Cyber and Physical Threats
CISO Sean Atkinson on Proactive, Integrated Approach to Hybrid Threat Defense. Center for Internet Security CISO Sean Atkinson calls for integrated threat intelligence, stronger community collaboration, and enhanced playbooks to confront rising hybrid threats that exploit gaps across cybersecurity and physical domains. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/bridging-cyber-physical-threats-a-28314
-
Nation-State Actors Continue to Exploit Weak Passwords, MFA
Trellix’s John Fokker Advises CISOs to Prioritize Patching, MFA, Network Visibility. Threat actors aren’t rushing to adopt AI tools to exploit vulnerabilities. They still prefer a victim with weak passwords, bad MFA, bad patching. It is the easiest way to make money for criminals so they don’t have to invest in AI, said John Fokker,…
-
Use of Agentic AI in Cybersecurity Needs More Transparency
Elastic CISO Mandy Andress on Deploying More AI Agents for Cybersecurity Tasks. Agentic AI has introduced significant changes in cybersecurity operations in terms of efficiency and speed. Mandy Andress, CISO at Elastic, discussed why more needs to be done to trust AI agents to perform cybersecurity tasks and how to enhance transparency in AI decision-making.…
-
CISOs Transform Into Business-Critical Digital Risk Leaders
Google’s Phil Venables on How AI Creates Structural Advantage in Security. Amid rising cyberthreats, security leaders are using AI tools to drive business enablement and risk management across their organizations, creating unprecedented opportunities for team transformation and career advancement, said Phil Venables, strategic security advisor at Google. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cisos-transform-into-business-critical-digital-risk-leaders-a-28296
-
What it really takes to build a resilient cyber program
In this Help Net Security interview, Dylan Owen, CISO at Nightwing, talks about what it really takes to build an effective defense: choosing the right frameworks, setting up … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/06/dylan-owen-nightwing-cyber-defense-strategy/
-
10 Kennzahlen, die CISOs weiterbringen
Geht es um Security-Kennzahlen, sollten CISOs sich auf das Wesentliche fokussieren. Die Security-Performance zu messen, gehört vielleicht nicht zu den aufregendsten Aufgaben eines CISOs kann allerdings sehr nützlich sein, um eine ganze Reihe von Herausforderungen zu bewältigen. Neben der Erkenntnis darüber, wie effektiv ihre Security-Bemühungen sind, können Sicherheitsentscheider mit den richtigen Kennzahlen unter anderem auch…
-
Perfection is a Myth. Leverage Isn’t: How Small Teams Can Secure Their Google Workspace
Let’s be honest: if you’re one of the first (or the first) security hires at a small or midsize business, chances are you’re also the unofficial CISO, SOC, IT Help Desk, and whatever additional roles need filling. You’re not running a security department. You are THE security department. You’re getting pinged about RFPs in one…
-
Security Professionals: Stay Aware of Current Events
Ballistic Ventures’ Kevin Mandia on How CISOs Can Lead Through Economic Turbulence. In uncertain times, CISOs must balance people and technology, says Kevin Mandia, general partner, Ballistic Ventures. Security budgets face less risk, but efficiency is crucial. AI adoption will accelerate, vendor consolidation will strengthen defenses and SMBs may benefit from outsourcing security. First seen…
-
CISO vs CFO: why are the conversations difficult?
Tags: ai, attack, breach, business, ciso, compliance, cyber, cyberattack, cybersecurity, finance, insurance, jobs, metric, ransomware, RedTeam, risk, risk-management, saas, strategy, technology, threat, toolmight happen, which often means the best outcome is nothing happens. That’s a tough sell.”Although a single cyberattack can wipe out millions of dollars, CFOs and CISOs often approach cybersecurity from fundamentally different perspectives. Bridging this divide requires more than just better communication, it demands, as Argyle put it, a shift in mindset. The disconnect…
-
How CISOs can talk cybersecurity so it makes sense to executives
CISOs know cyber risk is business risk. Boards don’t always see it that way.”‹ For years, CISOs have struggled to get boards to understand security beyond buzzwords. Many … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/05/ciso-talk-cybersecurity-executives/