Tag: ciso

CISO Top 10 Priorities for Q1 2025: Key Findings and Evolving Focus

Jan 21, 2025 9:23 PM

Tags: ciso

First seen on scworld.com Jump to article: www.scworld.com/perspective/ciso-top-10-priorities-for-q1-2025-key-findings-and-evolving-focus
Why CISOs Must Think Clearly Amid Regulatory Chaos

Jan 21, 2025 8:22 PM

Tags: ciso

Even as the rule book changes, the profession of the CISO remains unchanged: protecting the organization in a world of constant, continually evolving threats. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/cisos-must-think-clearly-amid-regulatory-chaos
7 top cybersecurity projects for 2025

Jan 21, 2025 12:22 PM

Tags: access, advisory, ai, backup, best-practice, breach, business, cio, ciso, cloud, compliance, control, cyber, cybersecurity, data, data-breach, detection, encryption, framework, google, governance, infrastructure, intelligence, law, mitigation, monitoring, network, resilience, risk, risk-management, service, strategy, technology, threat, tool, vulnerability

As 2025 dawns, CISOs face the grim reality that the battle against cyberattackers never ends. Strong and carefully planned cybersecurity projects are the best way to stay a step ahead of attackers and prevent them gaining the upper hand.”Urgency is the mantra for 2025,” says Greg Sullivan, founding partner of cybersecurity services firm CIOSO Global.…
Wie sich Cybersecurity mit KI im Jahr 2025 weiterentwickelt

Jan 21, 2025 6:22 AM

Tags: ai, ciso, cloud, cybersecurity, google, intelligence, mandiant, office, threat

Kürzlich veröffentlichte Google Cloud seinen Cybersecurity Forecast für das Jahr 2025 [1]. Der Bericht enthält zukunftsweisende Erkenntnisse mehrerer führender Sicherheitsverantwortlicher von Google Cloud darunter Google Threat Intelligence, Mandiant Consulting und das Office of the CISO von Google Cloud. Sie beschreiben unter anderem, wie die nächste Phase der künstlichen Intelligenz (KI) sowohl für Angreifer als… First…
Check Point veröffentlicht Security-Report 2025

Jan 20, 2025 3:22 PM

Tags: ciso, cyber, cyberattack, cyersecurity, software

Check Point Software Technologies hat seinen jährlichen Bericht ‘The State of Global Cyber Security 2025″ veröffentlicht. Angesichts eines alarmierenden Anstiegs der weltweiten Cyber-Angriffe um 44 Prozent im Vergleich zum Vorjahr enthüllt der Bericht neue Cyber-Trends, neue Taktiken von Hackern und gibt CISOs Anleitungen an die Hand, um unbeschadet durch das Jahr zu kommen. ‘Bei der Cybersicherheit…
How organizations can secure their AI code

Jan 20, 2025 8:22 AM

Tags: ai, application-security, awareness, backdoor, breach, business, chatgpt, ciso, compliance, control, credentials, crime, cybersecurity, data, data-breach, finance, github, healthcare, LLM, malicious, ml, open-source, organized, programming, risk, risk-management, software, startup, strategy, supply-chain, technology, tool, training, vulnerability

In 2023, the team at data extraction startup Reworkd was under tight deadlines. Investors pressured them to monetize the platform, and they needed to migrate everything from Next.js to Python/FastAPI. To speed things up, the team decided to turn to ChatGPT to do some of the work. The AI-generated code appeared to function, so they…
Midsize firms universally behind in slog toward DORA compliance

Jan 20, 2025 8:22 AM

Tags: ai, business, ciso, compliance, cybersecurity, dora, finance, germany, insurance, intelligence, monitoring, resilience, risk, service, skills, technology, tool

Beginning Friday, Jan. 17, all EU financial institutions are now required to operate in compliance with the Digital Operational Resilience Act (DORA). The EU directive aims to increase cybersecurity in the financial industry. However, studies show that many companies are still struggling with implementation.According to a November 2024 survey from metafinanz, the average level of…
Diese Security-Technologien haben ausgedient

Jan 20, 2025 6:22 AM

Tags: ai, authentication, bug-bounty, ciso, cloud, compliance, credentials, cyberattack, cyersecurity, firewall, gartner, Hardware, network, password, penetration-testing, risk, service, siem, strategy, tool, vpn, vulnerability, waf, zero-trust
US hits back against China’s Salt Typhoon group

Jan 18, 2025 5:22 AM

Tags: attack, backdoor, china, cisa, ciso, communications, computer, control, crypto, cve, cyber, cyberattack, cybersecurity, defense, detection, disinformation, espionage, exploit, finance, government, group, infosec, infrastructure, intelligence, ivanti, law, malicious, mandiant, microsoft, network, north-korea, office, tactics, technology, theft, threat, tool, vpn, vulnerability

The US is hitting back against the threat group, dubbed Salt Typhoon by Microsoft, which is allegedly behind recent cyber attacks against American telecommunications providers, as part of a wider campaign against Chinese-based hacking.On Friday the Department of the Treasury’s Office of Foreign Assets Control (OFAC) said it is sanctioning Sichuan Juxinhe Network Technology, a…
Back to the Basics For 2025: Securing Your Business

Jan 18, 2025 1:22 AM

Tags: business, ciso, cloud, cybersecurity, mfa, service, training

Gary Perkins, CISO at CISO Global Cybersecurity may seem complex, but it boils down to consistent implementation of best practices. Disabling unnecessary services, securing cloud configurations, enforcing MFA, training employees, and adopting a proactive security mindset are crucial steps to safeguarding your business. In 2025, prioritize these basics to significantly reduce your exposure to threats……
Cloud 3.0 Is Here: What CISOs Must Do Now

Jan 15, 2025 9:02 PM

Tags: ai, ceo, ciso, cloud, data, risk, strategy

CSA’s Jim Reavis on Why Generative AI Requires a Shift in Data Security Strategy. Over the past two years, AI enabled by a cloud interface has ushered in the age of cloud 3.0. The industry is evolving faster than anyone could predict, forcing organizations to rethink their security and risk strategies, said Jim Reavis, CEO…
World Economic Forum spotlights growing gap in cyber readiness

Jan 15, 2025 6:02 PM

Tags: ceo, ciso, cyber, ransomware, risk

Ransomware remains the top cyber risk concern among executives, but CISOs are almost twice as likely as CEOs to make that determination. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/wef-cyber-risk-outlook/737430/
The CFO may be the CISO’s most important business ally

Jan 15, 2025 11:02 AM

Tags: ai, business, cio, ciso, control, cyber, cybersecurity, data, finance, mitigation, network, phone, risk, skills, strategy, technology, threat

CISOs frequently encounter inherent conflicts with business colleagues in their day-to-day responsibilities. In many ways, this is the nature of setting security policies for an organization. But the goal for CISOs should be to reset this dynamic and forge a strong, collaborative alliance with their critical leadership counterparts.Take the CFO, for example. For many CISOs,…
Stop wasting money on ineffective threat intelligence: 5 mistakes to avoid

Jan 15, 2025 8:02 AM

Tags: business, ciso, compliance, cyber, cybersecurity, data, detection, edr, finance, group, incident response, infrastructure, intelligence, jobs, malware, monitoring, risk, risk-management, siem, soc, strategy, tactics, technology, threat, tool, update, vulnerability, vulnerability-management

Strong capabilities in cyber threat intelligence (CTI) can help take a cybersecurity program to the next level on many different fronts. When organizations choose quality sources of threat intelligence that are relevant to their technology environments and their business context, these external sources can not only power swifter threat detection but also help leaders better…
Note to CISOs: Mobile devices are endpoints!

Jan 14, 2025 9:04 PM

Tags: ciso, endpoint, mobile

First seen on scworld.com Jump to article: www.scworld.com/perspective/note-to-cisos-mobile-devices-are-endpoints
Beware cybersecurity tech that’s past its prime, 5 areas to check or retire

Jan 14, 2025 6:43 PM

Tags: access, advisory, ai, antivirus, attack, authentication, breach, bug-bounty, ciso, cloud, control, credentials, cyberattack, cybersecurity, data, data-breach, defense, detection, encryption, endpoint, firewall, Hardware, network, password, penetration-testing, risk, router, siem, software, strategy, switch, threat, tool, vpn, vulnerability, waf, zero-trust

Cybersecurity leaders can choose from an ever-expanding list of digital tools to help them ward off attacks and, based on market projections, they’re implementing plenty of those options.Gartner predicts a 15% increase in cybersecurity spending for 2025, with global expenditures expected to reach $212 billion in the upcoming year. The research and consulting firm says…
Gen AI strategies put CISOs in a stressful bind

Jan 14, 2025 10:47 AM

Tags: access, ai, attack, business, ciso, compliance, control, cybersecurity, data, exploit, injection, law, LLM, malicious, open-source, ransomware, risk, risk-management, saas, service, software, strategy, technology, unauthorized, vulnerability

Senior executive perceptions on the promise of generative AI are proving to be a siren song for many CISOs.According to a recent survey from NTT Data, 89% of C-suite executives “are very concerned about the potential security risks associated with gen AI deployments.” But, the report found, those same senior execs believe “the promise and…
Act fast to blunt a new ransomware attack on AWS S3 buckets

Jan 14, 2025 8:46 AM

Tags: access, ai, api, attack, authentication, breach, ciso, cloud, control, credentials, data, data-breach, encryption, exploit, extortion, github, iam, infosec, infrastructure, login, network, password, ransom, ransomware, risk, service, software, threat, unauthorized, vulnerability

CISOs are being warned to make sure employees take extra steps to protect their AWS access keys after word that a threat actor is using stolen login passwords for ransomware attacks.In a report issued today, researchers at Halcyon said the target is Amazon S3 buckets and the attack uses AWS’ own encryption to make data…
This is the year CISOs unlock AI’s full potential

Jan 14, 2025 8:46 AM

Tags: ai, ciso, intelligence

In 2025, CISOs will have powerful new capabilities as generative artificial intelligence (GenAI) continues to mature. Evolving beyond providing answers to questions, GenAI … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/14/genai-cisos/
Conveying Your Security Needs to the Board in Six Minutes or Less

Jan 14, 2025 8:46 AM

Tags: ciso

CISOs must take advantage by making the most of their limited time with effective and informative messaging. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/conveying-your-security-needs-to-the-board-in-six-minutes-or-less/
CISOs embrace rise in prominence, with broader business authority

Jan 13, 2025 11:26 AM

Tags: ai, attack, business, ceo, cio, ciso, compliance, control, corporate, cyber, cyberattack, cybersecurity, data, governance, healthcare, infrastructure, intelligence, network, privacy, regulation, risk, risk-management, security-incident, strategy, technology, threat, update

It’s a familiar refrain: As cybersecurity has become a core business priority, it is no longer a siloed operation, and the responsibilities of CISOs have grown, giving them greater prominence within the organization.According to CSO’s 2024 Security Priorities Study, 72% of security decision-makers say their role has grown to include additional responsibilities over the past…
GitHub CISO on security strategy and collaborating with the open-source community

Jan 13, 2025 6:26 AM

Tags: ciso, github, open-source, strategy

In this Help Net Security, Alexis Wales, CISO at GitHub, discusses how GitHub embeds security into every aspect of its platform to protect millions of developers and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/01/13/alexis-wales-github-ciso-security-strategy/
Payback-CISO: ‘Vorbereitung ist das A und O”

Jan 13, 2025 5:28 AM

Tags: automation, awareness, ciso, cyberattack, cyersecurity, firewall, germany, hacking, infrastructure, mail, nis-2, phishing, ransomware, risk, security-incident, strategy, tool, training

srcset=”https://b2b-contenthub.com/wp-content/uploads/2025/01/Nawid-Sayed.jpg?quality=50&strip=all 6016w, b2b-contenthub.com/wp-content/uploads/2025/01/Nawid-Sayed.jpg?resize=300%2C168&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2025/01/Nawid-Sayed.jpg?resize=768%2C432&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2025/01/Nawid-Sayed.jpg?resize=1024%2C576&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2025/01/Nawid-Sayed.jpg?resize=1536%2C864&quality=50&strip=all 1536w, b2b-contenthub.com/wp-content/uploads/2025/01/Nawid-Sayed.jpg?resize=2048%2C1152&quality=50&strip=all 2048w, b2b-contenthub.com/wp-content/uploads/2025/01/Nawid-Sayed.jpg?resize=1240%2C697&quality=50&strip=all 1240w, b2b-contenthub.com/wp-content/uploads/2025/01/Nawid-Sayed.jpg?resize=150%2C84&quality=50&strip=all 150w, b2b-contenthub.com/wp-content/uploads/2025/01/Nawid-Sayed.jpg?resize=854%2C480&quality=50&strip=all 854w, b2b-contenthub.com/wp-content/uploads/2025/01/Nawid-Sayed.jpg?resize=640%2C360&quality=50&strip=all 640w, b2b-contenthub.com/wp-content/uploads/2025/01/Nawid-Sayed.jpg?resize=444%2C250&quality=50&strip=all 444w” width=”1024″ height=”576″ sizes=”(max-width: 1024px) 100vw, 1024px”>Nawid Sayed, CISO bei Payback: “Um sich vor Cyberattacken zu schützen, gibt es nicht das eine Tool, sondern der Prozess ist hier entscheidend.” PaybackWelches Thema ist aus Ihrer…
SEC rule confusion continues to put CISOs in a bind a year after a major revision

Jan 10, 2025 8:18 AM

Tags: attack, breach, business, ciso, citrix, compliance, control, cyber, cyberattack, cybersecurity, data, government, incident, incident response, law, network, privacy, regulation, risk, security-incident, software, strategy, supply-chain

Confusion around when and how to report cybersecurity breaches continues to plague companies a year after revised US Securities and Exchange Commission (SEC) cybersecurity breach reporting rules came into effect, experts say.As the agency that regulates and enforces federal US securities laws continues to flex its enforcement muscles against organizations that violate the strict rules,…
8 Cyber Predictions for 2025: A CSO’s Perspective

Jan 10, 2025 1:18 AM

Tags: access, ai, attack, authentication, business, ceo, ciso, cloud, compliance, computing, control, credentials, cryptography, cyber, cyberattack, cybercrime, cybersecurity, data, defense, detection, encryption, exploit, extortion, firewall, framework, governance, group, hacker, hacking, healthcare, identity, intelligence, international, law, leak, malicious, mfa, microsoft, network, north-korea, organized, phishing, privacy, ransom, ransomware, regulation, risk, risk-management, service, social-engineering, software, strategy, supply-chain, theft, threat, tool, update, wifi, zero-trust

As we step into 2025, the cyberthreat landscape is once again more dynamic and challenging than the year before. In 2024, we witnessed a remarkable acceleration in cyberattacks of all types, many fueled by advancements in generative AI. For security leaders, the stakes are higher than ever. In this post, I’ll explore cyberthreat projections and…
New AI Challenges Will Test CISOs & Their Teams in 2025

Jan 9, 2025 11:20 PM

Tags: ai, ciso, threat

CISOs need to recognize the new threats AI can present, while also embracing AI-powered solutions to stay ahead of those threats. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/new-ai-challenges-test-ciso-teams-2025
How SASE Empowers CISOs to Combat Stress and Burnout

Jan 9, 2025 10:21 PM

Tags: ciso

First seen on scworld.com Jump to article: www.scworld.com/perspective/how-sase-empowers-cisos-to-combat-stress-and-burnout
4 cybersecurity trends to watch in 2025

Jan 9, 2025 7:20 PM

Tags: ciso, corporate, cybersecurity

Critical industries are up against;never before seen challenges to remain secure and operational, while regulatory pressures have completely upended the role of the CISO in corporate America. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cybersecurity-trends-outlook-2025/736929/
China-linked hackers target Japan’s national security and high-tech industries

Jan 9, 2025 2:20 PM

Tags: advisory, ai, attack, automation, breach, business, china, ciso, communications, corporate, cyber, cyberattack, cybersecurity, data, data-breach, defense, detection, endpoint, espionage, exploit, finance, government, group, hacker, healthcare, incident response, infrastructure, intelligence, malicious, malware, microsoft, network, organized, penetration-testing, phishing, powershell, risk, risk-management, social-engineering, spear-phishing, strategy, supply-chain, tactics, technology, threat, tool, training, vulnerability, windows, zero-day

Japan’s National Police Agency (NPA) and the National Center of Incident Readiness and Strategy for Cybersecurity (NISC) have exposed a long-running cyber espionage campaign, “MirrorFace” (also known as Earth Kasha), allegedly linked to China.The campaign, operational since 2019, has targeted Japanese organizations, businesses, and individuals, primarily to exfiltrate sensitive data related to national security and…
Fortinet CISO Details ‘Phish-Free’ Phishing Scheme Using PayPal

Jan 9, 2025 1:18 PM

Tags: ciso, email, finance, fortinet, microsoft, phishing

A bad actor is using a Microsoft 365 test domain and a self-created distribution list to bypass traditional email protections and entice victims to hand over their PayPal account information in what Fortinet’s CISO is calling a “phish-free” phishing campaign. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/fortinet-ciso-details-phish-free-phishing-scheme-using-paypal/