Tag: ciso
-
Enhancements for BloodHound v7.0 Provide Fresh User Experience and Attack Path Risk Optimizations
Tags: access, attack, ciso, computer, control, cybersecurity, data, group, identity, incident response, metric, radius, risk, risk-assessment, threat, tool, update, vulnerability, vulnerability-managementGeneral Availability of Improved Analysis Algorithm and Security Posture Management Improvements The BloodHound team previewed several concepts in the last couple of releases that made it easier for customers to visualize attack paths and show improvements in identity risk reduction over time. This week’s release of BloodHound v7.0 includes significant enhancements focused on improving user experience…
-
Time to reimagine the CISO’s role as OT security takes center stage
Tags: cisoFirst seen on scworld.com Jump to article: www.scworld.com/perspective/time-to-reimagine-the-cisos-role-as-ot-security-takes-center-stage
-
The Current State of the CISO with Nick Kakolowski
Tags: cisoNick Kakolowski, senior research director for IANS, dives into a survey done in conjunction with Artico Search on the current state of the CISO. At its core, the study highlights how CISOs are facing an unprecedented expansion of responsibilities, with some thriving under the added scope and others struggling with burnout. Kakolowski explains that CISOs..…
-
CSO Award and Hall of Fame Nominations Open Now
Industry-Wide Recognition Winning a CSO Award affirms your organization’s commitment to excellence in cybersecurity and highlights your team’s success in tackling today’s biggest security challenges.Elite Networking The CSO Conference brings together top security leaders, industry experts, and academics worldwide. By attending, you’ll engage with peers, exchange ideas, and gain firsthand knowledge of emerging trends and…
-
Arvest Bank CISO on building a strong cybersecurity culture in banking
In this Help Net Security interview, Mike Calvi, CISO at Arvest Bank, discusses building a strong cybersecurity culture within the banking sector. He explains how leadership, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/02/11/mike-calvi-arvest-bank-banking-cybersecurity/
-
The Critical Role of CISOs in Managing IAM Including Non-Human Identities
NHIs outnumber human users in enterprises, yet many IAM strategies ignore them. Learn why CISOs must own NHI governance to prevent security breaches. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/the-critical-role-of-cisos-in-managing-iam-including-non-human-identities/
-
Datenleck durch GenAI-Nutzung
Tags: ai, chatgpt, ciso, compliance, data-breach, gartner, LLM, risk, strategy, tool, training, vulnerabilityViele Mitarbeiter teilen sensible Unternehmensdaten, wenn sie generative KI-Apps anwenden.Laut einem aktuellen Bericht über Gen-AI-Datenlecks von Harmonic enthielten 8,5 Prozent der Mitarbeiteranfragen an beliebte LLMs sensible Daten, was zu Sicherheits-, Compliance-, Datenschutz- und rechtlichen Bedenken führte.Der Security-Spezialist hat im vierten Quartal 2024 Zehntausende von Eingabeaufforderungen an ChatGPT, Copilot, Gemini, Claude und Perplexity analysiert. Dabei stellte…
-
Qualys führt Partner-Allianz für Managed Risk Operation Center (mROC) ein
mROC, powered by Qualys Enterprise TruRisk™ Management, beschleunigt die Umsatzmöglichkeiten für Partner, indem es CISOs hilft, Cyberrisiken als Geschäftsrisiken darzustellen First seen on infopoint-security.de Jump to article: www.infopoint-security.de/qualys-fuehrt-partner-allianz-fuer-managed-risk-operation-center-mroc-ein/a39728/
-
Qualys startet Partner-Allianz für Managed Risk Operation Center (mROC)
mROC, powered by Qualys Enterprise TruRisk™ Management, beschleunigt die Umsatzmöglichkeiten für Partner, indem es CISOs hilft, Cyberrisiken als Geschäftsrisiken darzustellen First seen on infopoint-security.de Jump to article: www.infopoint-security.de/qualys-fuehrt-partner-allianz-fuer-managed-risk-operation-center-mroc-ein/a39728/
-
CISOs: Stop trying to do the lawyer’s job
Tags: breach, business, ciso, compliance, cybersecurity, data, email, finance, group, guide, incident response, international, jobs, law, privacy, RedTeam, risk, risk-management, security-incident, service, skills, strategy, technology, training, updateThere’s a joke that’s been floating around boardrooms for years: “What’s the difference between lawyers and engineers? Lawyers don’t think they’re engineers.”This light-hearted jab highlights a fundamental difference between the two professions. Engineers, and by extension CISOs, focus on building and fixing things, learning a wide array of skills, sometimes sticking their hands into technologies…
-
Why 24/7 Security Monitoring Matters for Your Company
Gary Perkins, CISO at CISO Global Cyber threats don’t take evenings or weekends off, and neither should your security team. Companies need peace of mind knowing that dedicated professionals are continuously monitoring their infrastructure and data, ensuring both proactive prevention and rapid response to potential incidents. The Role of Expert Analysts in Securing Your Company……
-
The SolarWinds $4.4 billion acquisition gives CISOs what they least want: Uncertainty
Tags: attack, breach, business, cisa, ciso, cyber, cybersecurity, finance, government, group, risk, risk-management, service, software, strategy, supply-chain, tool, updateWhen SolarWinds on Friday announced a $4.4 billion cash deal for it to be acquired by private equity (PE) firm Turn/River Capital, it delivered the last thing that nervous enterprise CISOs want: Uncertainty, to be followed by more uncertainty.”Whenever a security company gets acquired by private equity, you never want to throw a party,” said…
-
ISMG Editors: AI Security Wake-Up Call From DeepSeek
Tags: ai, api, ciso, data, data-breach, governance, leak, open-source, risk, risk-management, vulnerabilityAlso: Addressing AI Vulnerabilities and Governance Challenges. DeepSeek, an advanced open-source AI model, is under scrutiny for its safety guardrails failing multiple security tests and a data leak that exposed user information and API keys. Sam Curry, CISO at Zscaler, discusses AI security, risk management and upcoming U.S. policy changes. First seen on govinfosecurity.com Jump…
-
AI Security is API Security: What CISOs and CIOs Need to Know
Just when CIOs and CISOs thought they were getting a grip on API security, AI came along and shook things up. In the past few years, a huge number of organizations have adopted AI, realizing innumerable productivity, operational, and efficiency benefits. However, they’re also having to deal with unprecedented API security challenges. Wallarm’s Annual 2025…
-
CIOs and CISOs grapple with DORA: Key challenges, compliance complexities
Tags: access, automation, banking, business, cio, ciso, communications, compliance, control, country, cyber, cybersecurity, data, dora, finance, framework, GDPR, governance, jobs, law, monitoring, network, nis-2, penetration-testing, privacy, regulation, resilience, risk, risk-management, service, skills, supply-chain, technology, threat, tool, training, vulnerabilityIn force since January, the Digital Operational Resilience Act (DORA) has required considerable effort from CIOs and CISOs at 20 types of financial entities to achieve compliance. For many, the journey is not complete.”In the past months, financial entities targeted by DORA have been busy internally defining roles and responsibilities related to ICT security, identifying…
-
Federal Cyber Workers Can Now Accept Trump Resignation Offer
CISO Buyout Offers, Industry-Wide Skills Shortage Raise Fears of Cybersecurity Gaps. The Cybersecurity and Infrastructure Security Agency has reversed an exemption for its staffers to participate in the administration’s “Fork in the Road” resignation program, as lawmakers and security experts warn of a growing cyber workforce shortage threatening U.S. national security. First seen on govinfosecurity.com…
-
21% of CISOs pressured to not report compliance issues
Tags: awareness, breach, business, ceo, ciso, compliance, control, corporate, cybersecurity, data, dora, finance, framework, governance, incident response, infrastructure, insurance, law, nis-2, regulation, resilience, risk, security-incident, trainingCISOs are increasingly getting caught between business pressures and regulatory obligations, leaving them struggling to balance corporate loyalty and legal accountability.To wit: One in five (21%) security leaders have been pressured by other executives or board members not to report compliance issues at their companies, according to a recent study by security vendor Splunk.The same…
-
Webinar Today: Defenders on the Frontline Incident Response and Threat Intel Under the Microscope
Join this panel of CISOs and threat-intel professionals for a deep-dive on aligning incident response and threat intelligence with broader business objectives. The post Webinar Today: Defenders on the Frontline Incident Response and Threat Intel Under the Microscope appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/ciso-forum-webinar-defenders-on-the-frontline-incident-response-and-threat-intel-under-the-microscope/
-
Anomalies are not Enough
Tags: ai, attack, ciso, communications, country, cybersecurity, data, data-breach, defense, email, government, LLM, mail, marketplace, mitre, ml, network, resilience, risk, service, siem, threat, toolMitre Att&ck as Context Introduction: A common theme of science fiction authors, and these days policymakers and think tanks, is how will the humans work with the machines, as the machines begin to surpass us across many dimensions. In cybersecurity humans and their systems are at a crossroads, their limitations daily exposed by ever more innovative,…
-
It pays to know how your cybersecurity stacks up
Like all other business leaders, chief information security officers (CISOs) could find themselves on the unemployment line if something on their watch goes seriously sideways.But what if CISOs simply aren’t demonstrating enough business value?With companies cutting costs, proving cybersecurity programs are good for the business has become vital to protecting budgets and jobs. That’s why…
-
CISO Forum Webinar: Defenders on the Frontline Incident Response and Threat Intel Under the Microscope
Join this panel of CISOs and threat-intel professionals for a deep-dive on aligning incident response and threat intelligence with broader business objectives. The post CISO Forum Webinar: Defenders on the Frontline Incident Response and Threat Intel Under the Microscope appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/ciso-forum-webinar-defenders-on-the-frontline-incident-response-and-threat-intel-under-the-microscope/
-
Cybersecurity Training for Executives: What Business Leaders Need to Know
In an era marked by high-profile cyber breaches, ransomware attacks, and violence committed against high-profile enterprise employees, the imperative for focused cybersecurity training for executives has escalated dramatically. For CISOs and enterprise cybersecurity specialists, crafting a tailored cybersecurity training program for your organization’s executives is not just a precaution”, it is a strategic imperative. Here’s…
-
Cyber Insights 2025: The CISO Outlook
There has never been a single job description for the CISO the role depends upon each company, its maturity, its size and resources, and the risk tolerance of boards. The post Cyber Insights 2025: The CISO Outlook appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cyber-insights-2025-the-ciso-outlook/
-
7 tips for improving cybersecurity ROI
Tags: advisory, ai, attack, business, ciso, compliance, control, corporate, cyber, cybersecurity, data, defense, detection, exploit, finance, gartner, group, incident response, infrastructure, intelligence, metric, monitoring, network, privacy, resilience, risk, risk-assessment, risk-management, service, siem, software, strategy, technology, threat, tool, vulnerability, wafWhen it comes to cybersecurity investments, smart money is directed toward initiatives that deliver the greatest protection at the lowest possible cost. But what appears to be a straightforward calculation can often be anything but.CISOs perennially face challenges securing adequate funding to safeguard the enterprise, placing them often in difficult positions attempting to stretch resources…
-
39% of IT leaders fear major incident due to excessive workloads
Enterprise security operations teams find themselves stretched thin and contending with an escalating cyber threat landscape today. Many are understaffed and underfunded, leaving CISOs on edge about the consequences for the enterprise, and their careers.A recent survey from Adaptavist about fallout from last summer’s CrowdStrike outage found that two out of five (39%) IT leaders…