Tag: ciso

How CISOs can make smarter risk decisions

Dec 24, 2024 6:42 AM

Tags: ciso, cybersecurity, risk, threat

In this Help Net Security interview, Gavin Reid, CISO at HUMAN Security, talks about the latest cybersecurity threats and how attackers are becoming more sophisticated. He … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/24/gavin-reid-human-security-ciso-cybersecurity-threats/
Achieving Stability with Enhanced Secret Detection

Dec 24, 2024 1:44 AM

Tags: ciso, cybersecurity, data, detection, soc, threat

Is the Quest for Stability an Uphill Battle in Cybersecurity? In the vast landscape of data management and cybersecurity, professionals constantly grapple with threats that lurk in the shadows, invisible and unpredictable. The elusive nature of these threats often leaves CISOs, SOC teams, and other cybersecurity professionals wondering: how can stability be achieved in a……
How CISOs Can Communicate With Their Boards Effectively

Dec 23, 2024 10:43 PM

Tags: ciso

With the increased frequency of board reporting, CISOs need to ensure their interactions are brief, productive, and valuable. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/how-cisos-communicate-boards-effectively
CISO Reporting Structure Explained: How to Optimize Reporting for Cyber Risk Success

Dec 23, 2024 8:42 PM

Tags: business, ceo, ciso, cyber, cybersecurity, risk, strategy
Top 7 zero-day exploitation trends of 2024

Dec 23, 2024 10:42 AM

Tags: access, ai, attack, authentication, backdoor, botnet, breach, bug-bounty, business, china, ciso, cloud, computing, control, corporate, cve, cyberespionage, cybersecurity, data, data-breach, defense, email, endpoint, exploit, firewall, flaw, framework, github, google, government, group, hacker, identity, infrastructure, injection, Internet, ivanti, kev, leak, linux, malicious, malware, ml, monitoring, moveIT, network, north-korea, open-source, password, programming, pypi, ransomware, remote-code-execution, risk, service, software, sql, supply-chain, tool, training, unauthorized, update, vpn, vulnerability, windows, zero-day

Zero-day vulnerabilities saw big growth once again in 2024. With no patch available, zero-day flaws give attackers a significant jump on cybersecurity defense teams, making them a critical weapon for attacking enterprise systems.But while all zero-days are essential for CISOs and their team to be aware of, and for vendors to remedy in a timely…
US order is a reminder that cloud platforms aren’t secure out of the box

Dec 20, 2024 11:43 PM

Tags: access, best-practice, breach, business, cisa, ciso, cloud, control, cyber, cybersecurity, defense, fedramp, google, government, guide, identity, incident, incident response, infrastructure, intelligence, international, login, mfa, microsoft, monitoring, network, risk, saas, service, software, tool

This week’s binding directive to US government departments to implement secure configurations in cloud applications, starting with Microsoft 365 (M365), is a reminder to all CISOs that cloud platforms, even from major providers, aren’t completely secure out of the box.”Cloud stuff is easy to manage, easy to deploy,” said Ed Dubrovsky, chief operating officer and…
Cybersecurity Insights with Contrast CISO David Lindner – 12/20/24

Dec 20, 2024 7:42 PM

Tags: application-security, ciso, cloud, cybersecurity, data, risk, risk-assessment, skills, tool
CISO Challenges for 2025: Overcoming Cybersecurity Complexities

Dec 20, 2024 5:43 AM

Tags: business, ciso, cybersecurity, data, risk, strategy

As organizations recognize the immense value and criticality of your data and systems, cybersecurity has become intrinsically linked to business strategy. Chief Information Security Officers (CISOs) are increasingly expected to play a central role in shaping business decisions, assessing and mitigating risks, and ensuring that security strategies align with overall business objectives. This requires a……
How weaponized AI drives CISO burnout and what to do about it

Dec 19, 2024 9:46 PM

Tags: ai, ciso

First seen on scworld.com Jump to article: www.scworld.com/perspective/how-weaponized-ai-drives-ciso-burnout-and-what-to-do-about-it
The Year of Global AI and Cybersecurity Regulations: 7 GRC Predictions for 2025

Dec 19, 2024 7:43 PM

Tags: ai, ciso, compliance, cybersecurity, framework, grc, law, regulation

As 2025 approaches, emerging regulations and laws will affect how CISOs strategize and protect their organizations. With the increasing complexity of global compliance frameworks, understanding these changes is crucial for maintaining security and operational efficiency. Let’s discuss what I expect regarding regulatory shifts and their implications in 2025 and explore what CISOs and CCOs should……
So entgiften Sie Ihre Sicherheitskultur

Dec 19, 2024 2:43 PM

Tags: authentication, awareness, best-practice, business, ciso, cybersecurity, cyersecurity, data, germany, jobs, phishing, risk, sans, strategy, zero-trust
Top security solutions being piloted today, and how to do it right

Dec 19, 2024 11:44 AM

Tags: access, ai, api, attack, automation, business, cio, ciso, cloud, control, cyberattack, cybersecurity, data, defense, detection, edr, endpoint, finance, fintech, framework, gartner, identity, infosec, intelligence, login, marketplace, metric, network, penetration-testing, risk, service, software, startup, strategy, technology, threat, training, unauthorized, vulnerability, zero-trust

Ask almost any CISO and they will tell you the security landscape just keeps getting more complex. New products arise, technology categories blur, vendors gobble up competitors or venture into adjacent markets, and every once in a while a seismic advance like generative AI comes along to shake up everything.But with threat vectors constantly evolving…
Leadership skills for managing cybersecurity during digital transformation

Dec 19, 2024 6:42 AM

Tags: ciso, cybersecurity, skills, strategy

In this Help Net Security interview, Dan Lohrmann, CISO at Presidio, discusses the need for organizations to rethink their leadership and operational strategies and the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/19/dan-lohrmann-presidio-digital-transformation-risks/
Sehr geehrter CEO,

Dec 19, 2024 5:42 AM

Tags: access, business, ceo, ciso, cybersecurity, cyersecurity, risk, strategy, tool
The Importance of Empowering CFOs Against Cyber Threats

Dec 18, 2024 6:43 PM

Tags: ciso, cyber, finance, threat

Working closely with CISOs, chief financial officers can become key players in protecting their organizations’ critical assets and ensuring long-term financial stability. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/empowering-cfos-against-cyber-threats
Checkliste für CISOs – 5 Funktionen, die Ihre E-Mail-Sicherheitslösung braucht

Dec 18, 2024 4:42 PM

Tags: ciso, mail

First seen on security-insider.de Jump to article: www.security-insider.de/-email-sicherheitsloesung-schluesselfunktionen-a-763b22c5ed93ca7c7063e606d6611c7c/
SANS Cyber Leaders Podcast-Reihe bietet strategische Tools für CISOs

Dec 18, 2024 9:42 AM

Tags: ciso, cyber, cyersecurity, sans, tool

Im Gegensatz zu anderen Branchen-Podcasts konzentriert sich der Cyber Leaders Podcast darauf, den Zuhörern Einblicke in die Führungsebene zu geben, die ihnen helfen, den Zusammenhang zwischen Cybersicherheit und geschäftlicher Widerstandsfähigkeit herzustellen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sans-cyber-leaders-podcast-reihe-bietet-strategische-tools-fuer-cisos/a39312/
CISOs should stop freaking out about attackers getting a boost from LLMs

Dec 18, 2024 8:43 AM

Tags: ai, attack, automation, ciso, cyber, cybercrime, cybersecurity, defense, disinformation, exploit, hacker, hacking, infrastructure, LLM, malware, network, offense, penetration-testing, phishing, programming, ransomware, risk, social-engineering, startup, technology, threat, tool, vulnerability, warfare

A common refrain from cybersecurity professionals in recent years has been the need for a diversification of the CISO role to meet the demands of increased responsibility across numerous categories. In the past year, this refrain has grown louder, specifically around the topic of generative AI.Large language models (LLMs) have added a new dimension to…
CISO accountability: Navigating a landscape of responsibility

Dec 18, 2024 6:42 AM

Tags: ciso, compliance, risk

What was once primarily a technical role, CISOs now find themselves accountable for organizational risk, regulatory compliance, and even legal liabilities across the entire … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/18/ciso-accountability/
Lesson from latest SEC fine for not completely disclosing data breach details: ‘Be truthful’

Dec 18, 2024 5:42 AM

Tags: attack, breach, business, cio, ciso, cloud, compliance, control, corporate, credentials, cyber, cybersecurity, data, data-breach, email, finance, governance, government, group, incident, law, monitoring, network, risk, software, theft, threat, unauthorized

A $3.55 million civil penalty levied this week by a US financial regulator against a Michigan bank for filing misleading statements about the theft of 1.5 million people’s data is a reminder to leaders of all organizations to be upfront about cyber incidents.”The message is, ‘Be truthful with your disclosures,’” said Bob Zukis, executive director…
Ransomware Defender Risk: ‘Overconfidence’ in Security Tools

Dec 17, 2024 9:43 PM

Tags: ciso, defense, ransomware, risk, tool

CISOs at Organizations That Fell Victim Have a Different Story, 451 Research Finds Are your defenses against ransomware good enough to survive contact with the enemy? Don’t be so sure. A new study from market researcher 451 Research finds that overconfidence in security tooling remains an issue in the face of ransomware for organizations that…
Cybersecurity Marketing Predictions for 2025 Business Growth

Dec 17, 2024 2:42 PM

Tags: awareness, business, ciso, cybersecurity, risk, tool

Brand awareness is vital in cybersecurity because buyers”, often risk-averse professionals like CISOs, IT managers, and procurement teams”, rely on trusted brands when researching tools to protect their organizations. The post Cybersecurity Marketing Predictions for 2025 Business Growth appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cybersecurity-marketing-predictions-for-2025-business-growth/
XDR provider Arctic Wolf buys BlackBerry’s Cylance suite

Dec 16, 2024 8:44 PM

Tags: ai, business, ceo, ciso, cybersecurity, detection, edr, endpoint, government, infrastructure, office, phone, risk, service, soc, technology

US provider Arctic Wolf has struck a deal to buy BlackBerry’s Cylance endpoint security suite, which it will integrate into its Aurora extended detection and response (XDR) platform.Arctic Wolf said this morning that if the deal is approved by regulators, the company will be able to offer one of the largest open XDR security platforms…
Guarding against AI-powered threats requires a focus on cyber awareness

Dec 16, 2024 5:44 PM

Tags: ai, attack, awareness, breach, ciso, cloud, communications, cyber, cyberattack, cybercrime, cybersecurity, data, defense, fortinet, incident, incident response, malware, phishing, privacy, risk, risk-management, saas, social-engineering, technology, threat, training

Threat actors will always find nefarious uses for new technologies, and AI is no exception. Attackers are primarily using AI to enhance the volume and velocity of their attacks. They’re also using the technology to make phishing communications more believable with perfect grammar and context-aware personalization.As cybercriminals harness new technologies to advance their operations, it’s…
Amazon refuses Microsoft 365 deployment because of lax cybersecurity

Dec 16, 2024 2:42 PM

Tags: access, breach, ceo, ciso, cloud, compliance, control, cyberattack, cybersecurity, defense, finance, identity, infrastructure, microsoft, office, risk, russia, service, software, threat, tool, unauthorized

Amazon CISO CJ Moses has publicly shamed Microsoft security, halting his employer’s deployment of Microsoft 365 for a full year as the vendor tries to fix a long list of security problems that Amazon identified.Industry security executives were of two minds about the move. Some applauded Amazon, saying that the online retail giant, with $575…
Future of proposed US cybersecurity healthcare bills in doubt

Dec 16, 2024 10:42 AM

Tags: access, attack, authentication, breach, business, ceo, cio, ciso, citrix, compliance, credentials, cybersecurity, data, data-breach, email, finance, government, group, healthcare, infrastructure, jobs, law, mfa, penetration-testing, ransomware, regulation, risk, risk-analysis, risk-management, service, technology, theft, training, unauthorized, vulnerability

Six months after Congressional hearings that promised action on the massive Change Healthcare ransomware attack and data theft, three pieces of proposed legislation to tighten cybersecurity requirements on healthcare providers are waiting to be dealt with.But Senators have left the proposals too late in the legislative calendar: Experts say the issue will likely only be…
Security leaders top 10 takeaways for 2024

Dec 16, 2024 8:42 AM

Tags: access, ai, attack, automation, best-practice, breach, business, ciso, cloud, compliance, corporate, crowdstrike, cybercrime, cybersecurity, data, deep-fake, detection, email, finance, fraud, governance, group, guide, hacker, identity, incident response, infosec, ISO-27001, office, okta, phishing, privacy, programming, regulation, risk, risk-management, saas, security-incident, service, software, startup, strategy, technology, threat, tool, training, vulnerability

This year has been challenging for CISOs, with a growing burden of responsibility, the push to make cybersecurity a business enabler, the threat of legal liability for security incidents, and an expanding attack landscape.As the year comes to a close, CISOs reflect on some of the takeaways that have shaped the security landscape in 2024.…
Feeling Reassured with Top-Tier API Security Measures

Dec 15, 2024 5:05 AM

Tags: api, ciso, cybersecurity

Are You Maximizing Your API Security Measures? If you’re a CISO or a cybersecurity professional, you understand the importance of robust API security measures. But, do these measures ensure optimum protection when non-human identities (NHIs) are involved? The disconnect between security and R&D teams can lead to exploitable gaps in API security. A comprehensive approach……
Cybersecurity Insights with Contrast CISO David Lindner – 12/13/24

Dec 13, 2024 11:05 PM

Tags: breach, ciso, cve, cyber, cybersecurity, data, government, tool, update, vulnerability, zero-day
Thales and Imperva Win Big in 2024

Dec 13, 2024 1:05 PM

Tags: access, api, application-security, attack, authentication, banking, business, ciso, cloud, communications, compliance, conference, control, cyber, cybersecurity, data, ddos, defense, encryption, firewall, gartner, group, guide, iam, identity, infosec, insurance, intelligence, malicious, mfa, microsoft, monitoring, privacy, risk, saas, service, software, strategy, threat, usa

Thales and Imperva Win Big in 2024 madhav Fri, 12/13/2024 – 09:36 At Thales and Imperva, we are driven by our commitment to make the world safer, and nothing brings us more satisfaction than protecting our customers from daily cybersecurity threats. But that doesn’t mean we don’t appreciate winning the occasional award. In the year…