2020, CISO and Risk - Cyber Security Informer

MY TAKE: COVID-19 cements the leadership role CISOs must take to secure company networks

The Last Watchdog

MAY 13, 2020

cybersecurity policy needs to match societal values CISOs must preserve and protect their companies in a fast-changing business environment at a time when their organizations are under heavy bombardment. I had the chance to discuss this state of affairs with Vishal Salvi, CISO of Infosys. Salvi “The CISO role has fundamentally changed.

CISO

CISO Cybersecurity Digital transformation Risk

Cybersecurity litigation risks: 4 top concerns for CISOs

CSO Magazine

APRIL 19, 2022

The threat of litigation is enough to keep any business leader up at night, and the increasing prevalence of data protection, privacy, and cybersecurity legislation and regulation is piling on the pressure for CISOs.

CISO

CISO Cybersecurity Risk

NEW TECH: CASBs continue evolving to help CISOs address multiplying ‘cloud-mobile’ risks

The Last Watchdog

APRIL 29, 2020

We met at RSA 2020 and had a lively discussion about how today’s cloud-mobile environment enables network users to bypass traditional security controls creating gaping exposures, at this point, going largely unaddressed. Some CISOs, at first, were reserved and said, ‘We’re not moving to the cloud.’

Mobile

Mobile CISO Risk Cloud Migration

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

RSAC Fireside Chat: Tightened budgets impose discipline on CISOs, resets security investments

The Last Watchdog

JUNE 20, 2024

CISOs have been on something of a wild roller coaster ride the past few years. Related: Why breaches persist When Covid 19 hit in early 2020, the need to secure company networks in a new way led to panic spending on cybersecurity tools. Despite this turbulence, WestCap views this reset as a positive development.

CISO

CISO Marketing Cyber Risk Cybersecurity

SolarWinds and its CISO accused of misleading investors before major cyberattack

Malwarebytes

NOVEMBER 1, 2023

The Securities and Exchange Commission (SEC) has announced charges against software company SolarWinds Corporation and its chief information security officer (CISO), Timothy G. Brown, for “fraud and internal control failures relating to allegedly known cybersecurity risks and vulnerabilities.”

CISO

CISO Risk Software Cybersecurity

First American Financial Pays Farcical $500K Fine

Krebs on Security

JUNE 18, 2021

Under First American’s documented vulnerability remediation policies, the data leak was classified as a security weakness with a “level 3” severity, which placed it in the “medium risk” category and required remediation within 45 days. “The [employee] did not request a waiver or risk acceptance from the CISO.”

Insurance

Insurance Risk Financial Services CISO

Operation Heart Blocker: International Police Disrupt Phishing Network

SecureWorld News

FEBRUARY 3, 2025

The operation, which took place on January 29, 2025, comes after years of illicit activity dating back to at least 2020, during which victimsprimarily in the United Statessuffered losses exceeding $3 million.

Phishing

Phishing Cybercrime Scams Authentication

Federal Judge Dismisses Most of SEC Claims Against SolarWinds, CISO

SecureWorld News

JULY 30, 2024

and its Chief CISO, Timothy G. The SEC's lawsuit against SolarWinds and Brown stemmed from the massive cyberattack that was discovered in December 2020. These disclosures were deemed adequate in conveying the potential cybersecurity risks that the company faced at that time. government agencies and Fortune 500 companies.

CISO

CISO Risk Cybersecurity Accountability

Stress pushing CISOs out the door

CSO Magazine

FEBRUARY 23, 2023

Nearly half of CISOs will change jobs by 2025 due to stress caused by the risk of being breached while trying to retain staff, according to the Gartner report, Predicts 2023: Cybersecurity Industry Focuses on the Human Deal. Although burnout is nothing new, it did become more visible and common during and after COVID-19.

CISO

CISO Data breaches Cybersecurity Hacking

Cybersecurity Priorities in 2021: How Can CISOs Re-Analyze and Shift Focus?

The Hacker News

SEPTEMBER 21, 2021

2020 was a year of relentless disruptions. Over the past year, CISOs (Chief Information Security Officers) have had to grapple with the challenges of bolstering the security posture, minimizing risks, and ensuring business continuity in the new normal.

CISO

CISO Cybersecurity Information Security Risk

Is it Time to Update Your Cyber Insurance Strategy?

Security Boulevard

FEBRUARY 11, 2021

If anything, 2020 was about preparing for – well, everything. In 2021, rethinking your cyber insurance strategy should be a top priority for CISOs and executive leadership. The elevated risk landscape is driving growing demand for cyber insurance: Nearly four out of five organizations.

Cyber Insurance

Cyber Insurance Insurance CISO Risk

First Directory of Virtual CISO Providers Launched by Cynomi

CyberSecurity Insiders

JUNE 22, 2023

This extensive list of virtual CISO (vCISO) providers, collated by Cynomi , means that small- and medium-sized businesses (SMBs) can easily tap the expertise of qualified cybersecurity professionals to protect their digital assets and ensure compliance. In this climate, strong cybersecurity measures are crucial.

CISO

CISO Cybersecurity Technology Information Security

Wells Notice Against SolarWinds CISO Could Be First of Its Kind

SecureWorld News

JUNE 26, 2023

SolarWinds Corporation, which suffered a major breach of its Orion software platform in December 2020, submitted a U.S. In a LinkedIn post today, June 26th, Jamil Farshchi, EVP and CISO at Equifax, had this to say about the news: "This is a really big deal. federal securities laws."

CISO

CISO CSO Data privacy Cyber Risk

News Alert: Cynomi study shows MSPs offering virtual CISO services to rise fivefold next year

The Last Watchdog

AUGUST 17, 2023

17, 2023 — Cynomi , the leading AI-powered virtual Chief Information Security Officer (vCISO) platform vendor for Managed Service Providers (MSPs), Managed Security Service Providers (MSSPs) and consulting firms, has published the results of its first annual report, “ The State of the Virtual CISO 2023 ”. Tel Aviv, Israel, Aug.

CISO

CISO Cybersecurity Risk Banking

Cider Security Publishes New Research Identifying the Top 10 CI/CD Security Risks

CyberSecurity Insiders

MARCH 16, 2022

The research was compiled by Cider Security along with experts from Netflix, Atlassian, Mozilla, Lemonade Insurance, Rapid7, Databricks, and the former CISOs of Twitter and LivePerson. The risks outlined are: . CICD-SEC-1 : Insufficient Flow Control Mechanisms. CICD-SEC-2 : Inadequate Identity and Access Management. Press Contact.

Risk

Risk CISO Insurance Engineering

What’s It Like for a New CISO?

Lenny Zeltser

FEBRUARY 13, 2020

As of this writing, I’ve spent six months in the role of Chief Information Security Officer (CISO) at Axonius , a rapidly growing technology company. I’ve shared some of my lessons learned with a group of CISOs at a recent Bessemer Venture Partners event (that’s the photo at the top of this post).

CISO

CISO Information Security Architecture Technology

How to manage the security risk of remote working

CyberSecurity Insiders

DECEMBER 20, 2021

Businesses that had never even considered letting their teams work from home were suddenly thrust into a sink or swim environment where they simply had to make it work or risk stalling their operations. The post How to manage the security risk of remote working appeared first on Cybersecurity Insiders.

Risk

Risk Identity Theft Digital transformation Data breaches

News Alert: Cynomi launches first of its kind directory of virtual CISO providers

The Last Watchdog

JUNE 22, 2023

This extensive list of virtual CISO (vCISO) providers, collated by Cynomi , means that small- and medium-sized businesses (SMBs) can easily tap the expertise of qualified cybersecurity professionals to protect their digital assets and ensure compliance. In this climate, strong cybersecurity measures are crucial.

CISO

CISO Cybersecurity Media Marketing

NEW TECH: Devolutions’ ‘PAM’ solution helps SMBs deal with rising authentication risks

The Last Watchdog

MARCH 10, 2020

I spoke with Maurice Côté, VP Business Solutions, and Martin Lemay, CISO, of Devolutions , at the RSA 2020 Conference in San Francisco recently. I believe there’s pent up demand from SMBs for cost-effective services that can reduce the potentially catastrophic cyber risks they face every day. It’s really about offering value.”

Authentication

Authentication Risk Digital transformation Passwords

6 Valuable lessons I won’t forget from 2020, the progress I made, & me bearing my soul…

Jane Frankland

JANUARY 7, 2021

Lesson 1: Gaining more freedom My first lesson came almost as soon as the clock struck January 1st, 2020, when I felt a compulsion to clean, clear, let go of, and renovate my home. I looked at the risk I’d taken. My next blog will be about the 6 Trends I Spotted When Reviewing 2020 and the Cybersecurity Skills Gap.

CISO

CISO Cybersecurity Education Banking

Cybersecurity Snapshot: NIST Aligns Its Privacy and Cyber Frameworks, While Researchers Warn About Hallucination Risks from GenAI Code Generators

Security Boulevard

APRIL 18, 2025

Plus, learn why code-writing GenAI tools can put developers at risk of package-confusion attacks. Both frameworks have a Core section, which outlines detailed activities and outcomes aimed at helping organizations discuss risk management. Check out NISTs effort to further mesh its privacy and cyber frameworks.

Risk

Risk Cybersecurity Data privacy Software

Virtually Impossible to Miss McAfee at Black Hat 2020

McAfee

JULY 24, 2020

Black Hat 2020 is going virtual this year , providing attendees with the latest security research, development, and trends. Session Title: Balancing The Tug of War: How CIOs and CISOs Can Partner for Better IT. Speakers: McAfee CIO Scott Howitt, and CISO Arve Kjoelen. Wednesday, August 5, 10am – 10:20am PT.

CISO

CISO Technology Hacking Cybersecurity

RSAC Fireside Chat: VISO TRUST replaces questionaires with AI analysis to advance ‘TPRM’

The Last Watchdog

JUNE 12, 2024

We had a wide-ranging discussion about the limitations of traditional third-party risk management ( TPRM ), which uses extensive questionnaires—and the honor system – to judge the security posture of third-party suppliers. With “companies approaching 100 percent third-party integration,” CISOs are making TPRM a top priority, he says. “It’s

CISO

CISO Cyber Risk Risk Healthcare

Cybersecurity Risks of 5G – And How to Control Them

eSecurity Planet

SEPTEMBER 1, 2021

Consumers and organizations are enthused about the operational benefits of more robust mobile connectivity, but the shift to 5G networks doesn’t come without risks. Here we’ll discuss the most significant risks posed by 5G, how U.S. Table of Contents What Are the Cybersecurity Risks of 5G? How is 5G Different?

Risk

Risk Cybersecurity IoT Wireless

My 2020 Predictions Revisited: What Worked, What Didn't

Duo's Security Blog

JANUARY 8, 2021

“Turns out, people aren’t all that good at predictions,” I wrote in my 2020 article. Few could foresee the turns 2020 would take. Cyber Crime in 2020 I predicted, with money still being the top motivating factor for crime, criminals would blend techniques and technologies into new unforeseen attacks. Well, it was.

Digital transformation

Digital transformation Phishing Passwords DDOS

New data could help CISOs quantify the value of a strong security culture

SC Magazine

FEBRUARY 26, 2021

Case in point: this 2020 Global Employee Risk Insights Report from Elevate Security. ” SC asked several experts if possessing such data might be enough for CISOs to justify the value of security awareness training to the CEO, board of directors and other key business leaders. But this just a start.

CISO

CISO Security Awareness Phishing InfoSec

Being a CISO in 2021: How to Be a Business Leader in the Boardroom

Security Boulevard

MARCH 24, 2021

W ith the rise of digital transformation initiatives in 2020, a Chief Information Security Officer’s (CISO) already stressful work environment has become even more complex. CISO’s are facing more scrutiny about security posture from the Board of Directors than ever.

CISO

CISO Digital transformation Risk Information Security

New 2020 Duo Trusted Access Report Examines Securing Remote Work

Duo's Security Blog

NOVEMBER 10, 2020

The 2020 Duo Trusted Access Report details the security state of thousands of the world’s largest and fastest-growing organizations. These are just a few of many findings you will see when you download the 2020 Duo Trusted Access Report. “As Tweet to us at @DuoSec Download the free 2020 Trusted Access Report today!

Authentication

Authentication CISO VPN Technology

Business security remains resilient in the wake of coronavirus

IT Security Guru

JUNE 16, 2021

New ways of working and a fragmented workforce has challenged CISOs and their security teams; as the threat landscape has grown, nefarious actors have jumped at the chance to exploit the ever-fluid situation. This resilience has helped organisations navigate the pandemic and minimise the risk of both reputational and economic damage.

CISO

CISO Energy and Utilities Phishing Ransomware

7 Trends I Spotted When Reviewing 2020 and the Cybersecurity Skills Gap

Jane Frankland

JANUARY 13, 2021

For example, in December 2020, they ran a cybersecurity writing competition called CyberVibe with local school students and had over 600 entries. But according to a report by PWC, over half (56%) of the leaders they surveyed believed their organisations were at risk due to cybersecurity staff shortages.

Cybersecurity

Cybersecurity Risk Government Technology

Can Cybersecurity Make You a Millionaire?

Hacker's King

OCTOBER 22, 2024

As businesses, governments, and individuals continue to migrate to digital platforms, the risk of cyberattacks rises exponentially. Security engineers often earn between $100,000 to $200,000 per year, with those working in high-demand industries or high-risk environments potentially earning much more.

Cybersecurity

Cybersecurity CISO Engineering Education

FSU’s university-wide resiliency program focuses on doing the basics better

CSO Magazine

OCTOBER 7, 2021

Florida State University CISO Bill Hunkapiller wouldn’t let Covid derail his plans to improve the university’s resiliency capabilities. He refined his plans through 2020 and then, this year, implemented its wide-reaching recommendations to ensure his institution could handle even better whatever emergency came next.

CSO

CSO CISO Risk Cybersecurity

It’s a new year. What do we do now?

Cisco Security

JANUARY 26, 2021

Now that 2020 is behind us and we’re firmly planted in 2021, many security practitioners may be asking, “What’s next?” According to Cisco’s Head of Advisory CISOs, Wendy Nather , “After the scramble and confusion of 2020, organizations will opt for a period of quiet in the security realm. Getting serious about zero trust.

CISO

CISO Technology Scams Phishing

GUEST ESSAY: Leveraging best practices and an open standard to protect corporate data

The Last Watchdog

MARCH 21, 2022

As just one measure, the number of data breaches in the first nine months of 2021 exceeded all those in 2020, a new record. Evolving privacy regulations like the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) mean ongoing headaches for cybersecurity, compliance and risk management teams.

Encryption

Encryption Data privacy Cloud Migration Risk

Predictions for 2023 API Security

CyberSecurity Insiders

JANUARY 6, 2023

More than half of all data thefts were traced to unsecured APIs as of 2020, according to Gartner – and the problem is only getting worse. Prediction #2: Leaders will see APIs as representing both security and business risks. Prediction #4: Organizations will right-size data storage to reduce risks.

CISO

CISO Financial Services Risk Unstructured Data

6 Unique InfoSec Metrics CISOs Should Track in 2020

Dark Reading

JANUARY 10, 2020

But they can help evaluate risks you haven't even considered yet. You might not find these measurements on a standard cybersecurity department checklist.

InfoSec

InfoSec CISO Risk Cybersecurity

A Reactive Cybersecurity Strategy Is No Strategy at All

CyberSecurity Insiders

MAY 18, 2022

A foundational approach to cybersecurity empowers CISOs to see abnormalities and block threats before they do damage. In 2020, the SolarWinds supply chain attack opened backdoors into thousands of organizations (including government agencies) that used its services, while late last year, the far-reaching Log4J exploit exploded onto the scene.

DNS

DNS Cybersecurity CISO Social Engineering

My Top 5 Blogs of the Year

Javvad Malik

NOVEMBER 27, 2020

So, I proudly present, my top 5 read blogs during the course of 2020. 5: Writing better risk statements Do you struggle to articulate security risks? 2: Why Predator is the ultimate CISO movie I really enjoyed writing this – and was surprised at how much love and attention this got. From my blog that is.

InfoSec

InfoSec CISO Risk

BrandPost: The Journey to SASE: Cisco Eases Security Complexity

CSO Magazine

MARCH 31, 2021

Unfortunately, there’s often a lack of integration across these technologies, which increases the work of security teams—and risks missed vulnerabilities. In fact, 77% of CISOs said it was challenging to orchestrate alerts between products from multiple security vendors, according to Cisco’s 2020 Cybersecurity Benchmark Study.

Cyber Risk

Cyber Risk CISO Risk Technology

GUEST ESSAY: How SIEMS, UEBAs fall short in today’s turbulent threat landscape

The Last Watchdog

JULY 30, 2018

This has left many CISOs questioning if today’s incumbent cybersecurity solutions are enough. This has left many CISOs to questions whether or not today’s cybersecurity categories are still relevant. CISO need to change the conversation. billion connected things are expected to be in use by 2020. Categorizing solutions.

CISO

CISO Cyber Attacks Data collection Cybersecurity

Spotlight Podcast: Taking a Risk-Based Approach to Election Security

The Security Ledger

AUGUST 28, 2020

In this Spotlight Podcast, sponsored by RSA, we take on the question of securing the 2020 Presidential election. Given the magnitude of the problem, could taking a more risk-based approach to security pay off? In this Spotlight Podcast, sponsored by RSA, we take on the question of securing the 2020 Presidential election.

Risk

Risk CSO CISO Digital transformation

Remote Working One Year On: What the Future Holds for Cybersecurity

Security Boulevard

MARCH 19, 2021

In late 2020, HelpSystems research with CISOs of global financial organizations revealed that 45% of respondents reported an increase in cyber-attacks since the pandemic first emerged. Yet they are not without risk in terms of cybersecurity. This certainly applies to the volume of threats facing cybersecurity teams. Featured: .

Cybersecurity

Cybersecurity CISO Social Engineering Technology

Spotlight on Cybersecurity Leaders: Tammy Klotz

SecureWorld News

APRIL 7, 2022

She is a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), and is also Certified in Risk and Information Systems Control (CRISC). Answer: In 2020, Versum Materials was acquired by Merck KGaA, and my CISO position was eliminated in April 2020.

Cybersecurity

Cybersecurity CISO Risk Information Security

Is Your Security Stack and Legacy Tech Keeping Pace With Your Business?

CyberSecurity Insiders

JANUARY 17, 2022

By Tyler Farrar, CISO, Exabeam. In most scenarios, CISOs have three choices when considering a move away from legacy tech: 1.Take Security teams may, for instance, be concerned about whether specific tools will work in their environment or whether they could be at additional risk in adopting something that is completely new.

Threat Detection

Threat Detection CISO Digital transformation Technology

MY TAKE: COVID-19 cements the leadership role CISOs must take to secure company networks

Cybersecurity litigation risks: 4 top concerns for CISOs

Webinars

Trending Sources

NEW TECH: CASBs continue evolving to help CISOs address multiplying ‘cloud-mobile’ risks

Webinars

RSAC Fireside Chat: Tightened budgets impose discipline on CISOs, resets security investments

SolarWinds and its CISO accused of misleading investors before major cyberattack

First American Financial Pays Farcical $500K Fine

Operation Heart Blocker: International Police Disrupt Phishing Network

Federal Judge Dismisses Most of SEC Claims Against SolarWinds, CISO

Stress pushing CISOs out the door

Cybersecurity Priorities in 2021: How Can CISOs Re-Analyze and Shift Focus?

Is it Time to Update Your Cyber Insurance Strategy?

First Directory of Virtual CISO Providers Launched by Cynomi

Wells Notice Against SolarWinds CISO Could Be First of Its Kind

News Alert: Cynomi study shows MSPs offering virtual CISO services to rise fivefold next year

Cider Security Publishes New Research Identifying the Top 10 CI/CD Security Risks

What’s It Like for a New CISO?

How to manage the security risk of remote working

News Alert: Cynomi launches first of its kind directory of virtual CISO providers

NEW TECH: Devolutions’ ‘PAM’ solution helps SMBs deal with rising authentication risks

6 Valuable lessons I won’t forget from 2020, the progress I made, & me bearing my soul…

Cybersecurity Snapshot: NIST Aligns Its Privacy and Cyber Frameworks, While Researchers Warn About Hallucination Risks from GenAI Code Generators

Virtually Impossible to Miss McAfee at Black Hat 2020

RSAC Fireside Chat: VISO TRUST replaces questionaires with AI analysis to advance ‘TPRM’

Cybersecurity Risks of 5G – And How to Control Them

My 2020 Predictions Revisited: What Worked, What Didn't

New data could help CISOs quantify the value of a strong security culture

Being a CISO in 2021: How to Be a Business Leader in the Boardroom

New 2020 Duo Trusted Access Report Examines Securing Remote Work

Business security remains resilient in the wake of coronavirus

7 Trends I Spotted When Reviewing 2020 and the Cybersecurity Skills Gap

Can Cybersecurity Make You a Millionaire?

FSU’s university-wide resiliency program focuses on doing the basics better

It’s a new year. What do we do now?

GUEST ESSAY: Leveraging best practices and an open standard to protect corporate data

Predictions for 2023 API Security

6 Unique InfoSec Metrics CISOs Should Track in 2020

A Reactive Cybersecurity Strategy Is No Strategy at All

My Top 5 Blogs of the Year

BrandPost: The Journey to SASE: Cisco Eases Security Complexity

GUEST ESSAY: How SIEMS, UEBAs fall short in today’s turbulent threat landscape

Spotlight Podcast: Taking a Risk-Based Approach to Election Security

Remote Working One Year On: What the Future Holds for Cybersecurity

Spotlight on Cybersecurity Leaders: Tammy Klotz

Is Your Security Stack and Legacy Tech Keeping Pace With Your Business?

Stay Connected