Tag: resilience
-
The innovative CISO’s bucket list: Human-led transformation at the core
Tags: ai, application-security, breach, business, ciso, cloud, compliance, control, data, defense, GDPR, governance, group, privacy, regulation, resilience, risk, risk-management, threat, toolBuilding a unified, integrated defense: The second major bucket list theme is breaking down the silos that perpetually plague security organizations. Application security (AppSec), cloud security (CloudSec) and governance, risk and compliance (GRC) groups all work from different spreadsheets and tools and often with different objectives. This model is inefficient, expensive and leaves massive gaps…
-
The innovative CISO’s bucket list: Human-led transformation at the core
Tags: ai, application-security, breach, business, ciso, cloud, compliance, control, data, defense, GDPR, governance, group, privacy, regulation, resilience, risk, risk-management, threat, toolBuilding a unified, integrated defense: The second major bucket list theme is breaking down the silos that perpetually plague security organizations. Application security (AppSec), cloud security (CloudSec) and governance, risk and compliance (GRC) groups all work from different spreadsheets and tools and often with different objectives. This model is inefficient, expensive and leaves massive gaps…
-
The innovative CISO’s bucket list: Human-led transformation at the core
Tags: ai, application-security, breach, business, ciso, cloud, compliance, control, data, defense, GDPR, governance, group, privacy, regulation, resilience, risk, risk-management, threat, toolBuilding a unified, integrated defense: The second major bucket list theme is breaking down the silos that perpetually plague security organizations. Application security (AppSec), cloud security (CloudSec) and governance, risk and compliance (GRC) groups all work from different spreadsheets and tools and often with different objectives. This model is inefficient, expensive and leaves massive gaps…
-
The Biggest Cyber Stories of the Year: What 2025 Taught Us
Tags: access, attack, authentication, awareness, banking, breach, business, ciso, cloud, compliance, container, control, cyber, cyberattack, cybersecurity, data, data-breach, email, encryption, endpoint, exploit, government, healthcare, iam, identity, incident, incident response, Internet, law, metric, mfa, monitoring, network, privacy, regulation, resilience, risk, service, software, strategy, supply-chain, technology, threat, tool, vulnerability, vulnerability-management, zero-day, zero-trustThe Biggest Cyber Stories of the Year: What 2025 Taught Us madhav Thu, 12/18/2025 – 10:30 2025 didn’t just test cybersecurity; it redefined it. From supply chains and healthcare networks to manufacturing floors and data centers, the digital world was reminded of a simple truth: everything is connected, and everything is at risk. Data Security…
-
Digitale Souveränität Selbstbestimmt entscheiden, souverän handeln
Tags: resilienceWie Unternehmen durch Standards und Unabhängigkeit ihre Resilienz stärken. First seen on ap-verlag.de Jump to article: ap-verlag.de/digitale-souveraenitaet-selbstbestimmt-entscheiden-souveraen-handeln/101260/
-
Digitale Souveränität Selbstbestimmt entscheiden, souverän handeln
Tags: resilienceWie Unternehmen durch Standards und Unabhängigkeit ihre Resilienz stärken. First seen on ap-verlag.de Jump to article: ap-verlag.de/digitale-souveraenitaet-selbstbestimmt-entscheiden-souveraen-handeln/101260/
-
Should AI access be treated as a civil right across generations?
AI use is expanding faster than the infrastructure that supports it, and that gap is starting to matter for security, resilience, and access. A new position paper argues that … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/18/ai-access-civil-rights/
-
Complying with the Monetary Authority of Singapore’s Cloud Advisory: How Tenable Can Help
Tags: access, advisory, attack, authentication, best-practice, business, cloud, compliance, container, control, country, credentials, cyber, cybersecurity, data, data-breach, finance, fintech, framework, google, governance, government, iam, identity, incident response, infrastructure, intelligence, Internet, kubernetes, least-privilege, malicious, malware, mfa, microsoft, mitigation, monitoring, oracle, regulation, resilience, risk, risk-assessment, risk-management, service, software, strategy, technology, threat, tool, vulnerability, vulnerability-management, zero-trustThe Monetary Authority of Singapore’s cloud advisory, part of its 2021 Technology Risk Management Guidelines, advises financial institutions to move beyond siloed monitoring to adopt a continuous, enterprise-wide approach. These firms must undergo annual audits. Here’s how Tenable can help. Key takeaways: High-stakes compliance: The MAS requires all financial institutions in Singapore to meet mandatory…
-
SHARED INTEL QA: This is how ‘edge AI’ is forcing a rethink of trust, security and resilience
A seismic shift in digital systems is underway, and most people are missing it. Related: Edge AI at the chip layer While generative AI demos and LLM hype steal the spotlight, enterprise infrastructure is being quietly re-architected, not from… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/shared-intel-qa-this-is-how-edge-ai-is-forcing-a-rethink-of-trust-security-and-resilience/
-
Alles zum Cyber Resilience Act Teil 3 – Verpflichtungen für Hersteller durch den CRA
First seen on security-insider.de Jump to article: www.security-insider.de/cyber-resilience-act-vorgaben-fuer-hersteller-a-d63f651dc9b2209828d1772fd07927c9/
-
Cyber-Resilienz von Unternehmen: Wenn Stillstand zum Risiko wird
First seen on t3n.de Jump to article: t3n.de/news/cyber-resilienz-unternehmen-risiko-1720779/
-
The Burnout Nobody Talks About: When “Always-On” Leadership Becomes a Liability
Tags: business, cybersecurity, data, incident response, international, resilience, risk, risk-management, skills, threatIn cybersecurity, being “always on” is often treated like a badge of honor. We celebrate the leaders who respond at all hours, who jump into every incident, who never seem to unplug. Availability gets confused with commitment. Urgency gets mistaken for effectiveness. And somewhere along the way, exhaustion becomes normalized”, if not quietly admired. But…
-
AI might be the answer for better phishing resilience
Phishing is still a go-to tactic for attackers, which is why even small gains in user training are worth noticing. A recent research project from the University of Bari looked … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/16/ai-generated-phishing-training-study/
-
DORA Compliance Checklist for Cybersecurity
The Digital Operational Resilience Act (DORA) is now in full effect, and financial institutions across the EU face mounting pressure to demonstrate robust ICT risk management and cyber resilience. With… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/dora-compliance-checklist-for-cybersecurity/
-
DORA Compliance Checklist for Cybersecurity
The Digital Operational Resilience Act (DORA) is now in full effect, and financial institutions across the EU face mounting pressure to demonstrate robust ICT risk management and cyber resilience. With… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/dora-compliance-checklist-for-cybersecurity/
-
DORA Compliance Checklist for Cybersecurity
The Digital Operational Resilience Act (DORA) is now in full effect, and financial institutions across the EU face mounting pressure to demonstrate robust ICT risk management and cyber resilience. With… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/dora-compliance-checklist-for-cybersecurity/
-
The 5 power skills every CISO needs to master in the AI era
Tags: ai, automation, breach, business, ciso, compliance, control, cyber, cybersecurity, data, defense, detection, encryption, endpoint, framework, governance, identity, jobs, law, leak, metric, network, ransomware, resilience, risk, risk-management, skills, technology, threat, tool, updateWhy traditional skill sets are no longer enough: CISO action item: Run a 1-hour “AI Bias Audit” on your top 3 detection rules this quarter.Ask: “What data is missing? Who is underrepresented?”According to the World Economic Forum’s Future of Jobs Report, nearly 40% of core job skills will change by 2030, driven primarily by AI,…
-
The 5 power skills every CISO needs to master in the AI era
Tags: ai, automation, breach, business, ciso, compliance, control, cyber, cybersecurity, data, defense, detection, encryption, endpoint, framework, governance, identity, jobs, law, leak, metric, network, ransomware, resilience, risk, risk-management, skills, technology, threat, tool, updateWhy traditional skill sets are no longer enough: CISO action item: Run a 1-hour “AI Bias Audit” on your top 3 detection rules this quarter.Ask: “What data is missing? Who is underrepresented?”According to the World Economic Forum’s Future of Jobs Report, nearly 40% of core job skills will change by 2030, driven primarily by AI,…
-
No more orange juice? Why one ship reveals America’s maritime cybersecurity crisis
This is a workforce problem, not a vendor problem: The new regulations require all 3,000 MTSA facilities to designate a cybersecurity officer (why the Coast Guard named them CySOs and couldn’t just call them CISOs, I do not know). Finding hundreds of qualified people who understand both operational technology in maritime environments and cybersecurity is…
-
No more orange juice? Why one ship reveals America’s maritime cybersecurity crisis
This is a workforce problem, not a vendor problem: The new regulations require all 3,000 MTSA facilities to designate a cybersecurity officer (why the Coast Guard named them CySOs and couldn’t just call them CISOs, I do not know). Finding hundreds of qualified people who understand both operational technology in maritime environments and cybersecurity is…
-
LW ROUNDTABLE: Part 3, Cyber resilience faltered in 2025, recalibration now under way
This is the third installment in our four-part 2025 Year-End Roundtable. In Part One, we explored how accountability got personal. In Part Two, we examined how regulatory mandates clashed with operational complexity. Part three of a four-part series. Now… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/12/lw-roundtable-part-3-cyber-resilience-faltered-in-2025-recalibration-now-under-way/
-
Cybersecurity leaders’ top seven takeaways from 2025
Tags: access, ai, api, attack, automation, breach, business, ciso, compliance, control, cyber, cybersecurity, data, data-breach, deep-fake, defense, detection, email, exploit, framework, governance, government, grc, identity, international, malicious, network, nist, phishing, regulation, resilience, risk, saas, service, software, strategy, supply-chain, technology, threat, tool, vulnerability2. AI forced companies to rethink their security strategies: At the same time, Abousselham notes how the rapid rollout of AI forced companies to shift their resources to keep pace with the change, while maintaining safe product releases. He calls 2025 the “chaotic introduction of agentic AI”.”I don’t think the industry was ready or expected…
-
Cybersecurity leaders’ top seven takeaways from 2025
Tags: access, ai, api, attack, automation, breach, business, ciso, compliance, control, cyber, cybersecurity, data, data-breach, deep-fake, defense, detection, email, exploit, framework, governance, government, grc, identity, international, malicious, network, nist, phishing, regulation, resilience, risk, saas, service, software, strategy, supply-chain, technology, threat, tool, vulnerability2. AI forced companies to rethink their security strategies: At the same time, Abousselham notes how the rapid rollout of AI forced companies to shift their resources to keep pace with the change, while maintaining safe product releases. He calls 2025 the “chaotic introduction of agentic AI”.”I don’t think the industry was ready or expected…
-
Cohesity-Studie ‘Risk-Ready or Risk-Exposed: The Cyber Resilience Divide” – ‘Typisch deutsches” Abwarten spart oft Kosten
First seen on security-insider.de Jump to article: www.security-insider.de/cyberresilienz-deutsche-zurueckhaltung-kosten-a-005374c3ca4f03f99215dedc4bea5acf/
-
Cybersecurity isn’t underfunded, It’s undermanaged
Tags: business, ciso, corporate, cyber, cybersecurity, governance, jobs, network, resilience, risk, strategyThe first 100 days: Where trust is won or lost: Quite a lot of that disconnect is effectively built up in the first 100 days of the CISO.Many CISOs come into a new job with pre-conceived views, sometimes created at interview time: Things that have worked elsewhere, pet subjects, vendors or consultants.Many also feel that…
-
Empowering Security and Control: Thales CipherTrust Cloud Key Management Integrates with Oracle Fusion Cloud Services
Tags: access, ai, automation, best-practice, business, cloud, compliance, computing, container, control, data, data-breach, encryption, finance, GDPR, governance, government, guide, healthcare, HIPAA, intelligence, network, oracle, PCI, resilience, risk, service, software, strategy, supply-chain, tool, zero-trustEmpowering Security and Control: Thales CipherTrust Cloud Key Management Integrates with Oracle Fusion Cloud Services madhav Thu, 12/11/2025 – 06:50 In a landscape where the safeguarding of sensitive information is paramount, the collaboration between Thales and Oracle Fusion Cloud Services helps create operational independence, data sovereignty, and uncompromising control for organizations worldwide. At Thales, our…
-
Empowering Security and Control: Thales CipherTrust Cloud Key Management Integrates with Oracle Fusion Cloud Services
Tags: access, ai, automation, best-practice, business, cloud, compliance, computing, container, control, data, data-breach, encryption, finance, GDPR, governance, government, guide, healthcare, HIPAA, intelligence, network, oracle, PCI, resilience, risk, service, software, strategy, supply-chain, tool, zero-trustEmpowering Security and Control: Thales CipherTrust Cloud Key Management Integrates with Oracle Fusion Cloud Services madhav Thu, 12/11/2025 – 06:50 In a landscape where the safeguarding of sensitive information is paramount, the collaboration between Thales and Oracle Fusion Cloud Services helps create operational independence, data sovereignty, and uncompromising control for organizations worldwide. At Thales, our…
-
New cybersecurity guidance paves the way for AI in critical infrastructure
The guidance gives operators a clearer map, and it reinforces that resilience grows when humans and machines work in partnership. First seen on cyberscoop.com Jump to article: cyberscoop.com/ai-cybersecurity-guidance-critical-infrastructure-op-ed/
-
New cybersecurity guidance paves the way for AI in critical infrastructure
The guidance gives operators a clearer map, and it reinforces that resilience grows when humans and machines work in partnership. First seen on cyberscoop.com Jump to article: cyberscoop.com/ai-cybersecurity-guidance-critical-infrastructure-op-ed/
-
How to justify your security investments
Tags: ai, attack, automation, breach, business, ciso, cloud, computing, cyber, cyberattack, cybersecurity, data, encryption, finance, Hardware, incident, infrastructure, resilience, risk, saas, service, strategy, technology, tool, vulnerabilityThe language of risks and returns: Boards of directors make decisions considering concepts such as risk and return. These include financial risks, operational risks, and reputational risks for the company. Board members assess the probability, exposure, and impact of incidents in each of these areas. Accordingly, the CISO’s role is to clarify how a proposed…