CSO Magazine

APRIL 27, 2021

Organizations will face significant challenges in purchasing, renewing, and benefitting from cyber insurance policies this year as various factors drive the sector towards a stricter, more specialized position, global specialists in law, risk, and cybersecurity predict. To read this article in full, please click here (Insider Story)

Cyber Insurance 142

Cyber Insurance Insurance Ransomware Risk 142

CSO Magazine

NOVEMBER 2, 2021

However, such terms are not always helpful and can be inaccurate, outdated, misleading, or even risk causing harm. Sign up for CSO newsletters. ]. Sign up for CSO newsletters. ]. Here are the 11 cybersecurity buzzwords and phrases that should be laid to rest in 2021. To read this article in full, please click here

Cybersecurity 143

Cybersecurity CSO Marketing Information Security 143

CSO Magazine

MAY 4, 2021

It is an opportunity for security leaders to share with their peers the risk and security innovations that led the way to greater success for their organizations. Winners will be recognized at the annual CSO50 Conference + Awards taking place November 16-18, 2021.

Risk 129

Risk 129

CSO Magazine

JUNE 8, 2021

In December 2020, the US Government Accounting Office (GAO) made 145 recommendations to 23 federal agencies relating to supply chain risks. In May 2021, the GAO’s director of information technology and cybersecurity, Vijay A. D’Souza, testified before Congress on supply chain risks.

Government 121

Government CSO Risk Accountability 121

CSO Magazine

JANUARY 24, 2022

Education and research were the top targets for cyberattackers in 2021, with an average of 1605 attacks per organization per week, a 75% increase from 2020, according to research by Check Point Software Technologies. Pandemic’s push for digital invites threats . To read this article in full, please click here

Education 124

Education Marketing Technology Software 124

CSO Magazine

AUGUST 5, 2021

In the guidance issued by the Cybersecurity and Infrastructure Security Agency (CISA) in April 2021 on securing one’s supply chain, a portion of the guidance was dedicated to the threat vector posed to entities during their design phase. Sign up for CSO newsletters. ].

CISO 126

CISO CSO Information Security Risk 126

CSO Magazine

OCTOBER 13, 2021

Learn CISOs’ 15 top strategic priorities for 2021 , 7 tips for better CISO-CFO relationships and 5 key qualities of successful CISOs. Sign up for CSO newsletters. ]. “My To read this article in full, please click here

CISO 111

CISO CSO Risk Cybersecurity 111

CSO Magazine

FEBRUARY 22, 2021

On February 4, 2021, New York became the first state in the nation to issue a cybersecurity insurance risk framework to all authorized property and casualty insurers. Get the latest from CSO by signing up for our newsletters. ]. Get the latest from CSO by signing up for our newsletters. ].

Insurance 106

Insurance Cyber Insurance Ransomware CSO 106

SC Magazine

MAY 1, 2021

For 2021, the judges took on a record number of submissions, identifying which products, people and companies stood out during a tumultuous year. Click here to see the full list of 2021 SC Award finalists. Cedric Leighton is founder and president of Cedric Leighton Associates, a strategic risk and leadership management consultancy.

Computers and Electronics 126

Computers and Electronics Technology Information Security Education 126

CSO Magazine

OCTOBER 28, 2022

Cyber risks, especially those emanating from third and fourth parties, are escalating. Successful breaches via the supply chain increased from 44% in 2020 to 61% in 2021, according to Accenture.

Cyber Risk 112

Cyber Risk Risk Cybersecurity 112

CSO Magazine

APRIL 19, 2022

Two-thirds of survey respondents said they felt more exposed to these types of disputes in 2021, up from less than half in 2020, while more sophisticated attacks, less oversight of employees/contractors in remote environments, and concerns about the amount of client data were all cited as mitigating factors.

CISO 131

CISO Cybersecurity Risk 131

CSO Magazine

JUNE 21, 2021

Two in three CISOs believe that technical debt, the difference between what's needed in a project and what's finally deployed, to be a significant cause of security vulnerability, according to the 2021 Voice of the CISO report , sponsored by Proofpoint. To read this article in full, please click here (Insider Story)

CISO 115

CISO Risk 115

CSO Magazine

JUNE 16, 2022

In the fall of 2021, Grandview Research estimated the U.S. Companies that produce location-tracking algorithms and technological magic are riding the hyper-personalized marketing rocket, which continues to expand at breathtaking speed. from 2022 to 2030.

Risk 115

Risk Marketing Technology 115

CSO Magazine

MAY 17, 2022

While nearly half of the 1,400 CISOs surveyed for the annual Voice of the CISO report (48%) say their organization is at risk of suffering a material cyberattack in the next 12 months. That's substantially lower than 2021, when nearly two-thirds of the CISOs (64%) expressed similar sentiments.

CISO 93

CISO CSO Risk 93

CSO Magazine

NOVEMBER 5, 2021

The application layer protocol content confusion attack (ALPACA) was first disclosed in June and presented at Black Hat USA 2021. What is the ALPACA attack?

Risk 115

Risk 115

CSO Magazine

FEBRUARY 9, 2021

The security metrics that many CISOs traditionally use typically lack business context and often fail to provide a comprehensive and actionable view of how the security program decreases risk and enables the business. This can leave security teams with a false sense of confidence and CISOs struggling to show ROI and build budget.

CISO 91

CISO Risk 91

CSO Magazine

JULY 20, 2021

In March 2021 Google Cloud announced a new offering called Risk Protection Program, which is designed to help its cloud customers reduce security risk and connect with Google’s insurer partners, Allianz Global Corporate & Specialty and Munich Re.

Cyber Insurance 137

Cyber Insurance Insurance CISO Risk 137

CSO Magazine

MARCH 15, 2021

Risks will continue to grow in 2021, so it’s vital that organization take action to grow their cybersecurity workforce. The cybersecurity workforce shortage and related skills gap stubbornly persists. Here's five ways to attract talent now to begin to close the skills gap.

Cybersecurity 69

Cybersecurity Risk 69

CyberSecurity Insiders

JANUARY 28, 2022

cybersecurity M&A deals hit 151 in the first three quarters of 2021, compared to 80, 88 and 94 in 2018, 2019 and 2020, respectively, according to data from 451 Research. According to CSO, 2021 shaped up to be an active year for mergers and acquisitions in the cybersecurity industry. It is all about risks.

Cybersecurity 89

Cybersecurity Digital transformation CSO Risk 89

CSO Magazine

DECEMBER 8, 2021

McAfee Enterprise and FireEye have integrated FireEye Helix with Amazon Web Services’ Inspector cloud security tool, in a move to offer behavior analysis and machine learning risk-analysis capabilities for enterprises running AWS cloud workloads. To read this article in full, please click here

Technology 123

Technology Software Risk 123

CSO Magazine

JULY 7, 2021

I read with interest about Active Directory Certificate Services (AD CS) misconfigurations and the risks they present to my network. However, I wanted to get a head start to see if my domain was vulnerable to attacks that could result in account or domain takeover.

Network Security 138

Network Security Accountability Risk 138

CSO Magazine

MARCH 22, 2023

According to an analysis by Google-owned threat intelligence and incident response firm Mandiant, attackers exploited 55 zero-day flaws last year, fewer than the 81 observed in 2021 but triple the number tracked in 2020 and higher than in any previous years.

Risk 87

Risk Malware Software 87

eSecurity Planet

OCTOBER 18, 2021

Machine identities now outnumber humans in enterprises, according to Nathanael Coffing, co-founder and CSO of Cloudentity. Gartner’s list of the top security risks and trends for 2021 included machine identity management for the first time. Poor Machine Identity Management Introduces Risks.

IoT 120

IoT Risk Architecture CSO 120

CSO Magazine

JULY 5, 2022

The report by BreachLock, based on 8,000 security tests performed in 2021, organizes its findings based on risk. Critical risk findings pose a very high threat to a company's data. High risks could have a catastrophic effect on an organization's operations, assets or individuals.

Penetration Testing 111

Penetration Testing Risk 111

CSO Magazine

OCTOBER 15, 2021

Insider breaches are growing – because you can actually see them In their annual look at trends in cyber security , Forrester made a few startling revelations: 33% of your breaches in 2021 are going to be insider threat related. Insider threat incidents are expected to grow 8% in 2021 . To read this article in full, please click here

Technology 116

Technology Risk Cybersecurity 116

CSO Magazine

DECEMBER 6, 2022

billion in direct written premiums were recorded in 2021, a 61% increase over the prior year, according to an October 2022 memorandum from the National Association of Insurance Commissioners. As the frequency and severity of ransomware, phishing, and denial of service attacks has increased, so has demand for cyber insurance.

Cyber Insurance 121

Cyber Insurance Insurance Phishing Ransomware 121

CSO Magazine

DECEMBER 28, 2022

The Log4Shell critical vulnerability that impacted millions of enterprise applications remains a common cause for security breaches a year after it received patches and widespread attention and is expected to remain a popular target for some time to come.

Software 118

Software Risk 118

CSO Magazine

DECEMBER 17, 2021

Cyberattacks in 2021 continued to steadily increase in volume and sophistication. Ransomware continued its ruthless path across industries, often putting lives at risk. The FBI’s Internet Crime Complaint Center reported 2,084 ransomware complaints from January to July 31, 2021, representing a 62% year-over-year increase.

CISO 107

CISO Ransomware Internet Internet 107

CSO Magazine

JUNE 23, 2022

It also notes that the time to fix vulnerabilities in open-source projects has steadily increased over the last three years, more than doubling from 49 days in 2018 to 110 days in 2021. To read this article in full, please click here

Software 85

Software Risk 85

BH Consulting

NOVEMBER 11, 2021

(ENISA considered the risk to the latter category so significant that it dedicated an entire report to it.) The report surveyed the threat landscape between April 2020 and July 2021. According to CSO Online , VPNs have a lot of shortcomings for handling remote network connections. Links we liked. Hungry for more threat data?

Ransomware 52

Ransomware CSO Surveillance VPN 52

CSO Magazine

DECEMBER 22, 2021

The flaw has impacted vast numbers of organizations around the world as security teams have scrambled to mitigate the associated risks. Attackers began exploiting the flaw (CVE-2021-44228) – dubbed “Log4Shell”, which was rated 10 out of 10 on the CVSS vulnerability rating scale.

Risk 140

Risk 140

CSO Magazine

JANUARY 4, 2023

The number of attacks targeting the government sector increased by 95% worldwide in the second half of 2022 compared to the same period in 2021, according to a new report by AI-based cybersecurity company CloudSek. There is also a risk that national security and military data can be used by terrorist organizations.

Government 126

Government Risk Cybersecurity 126

SecureWorld News

JANUARY 26, 2022

In September 2021, a senior employee at Volkswagen tried to be the good guy after discovering possible security vulnerabilities in the German auto maker's payment platform, Volkswagen Payments SA. After all, you never know who in your business might spot that something isn't quite right.".

Cybersecurity 98

Cybersecurity CSO Cyber Attacks Government 98

CSO Magazine

JANUARY 10, 2022

According to JFrog, the issue carries a critical risk of unauthenticated remote code execution (RCE) for certain organizations who should update their H2 databases immediately. Like Log4Shell, the flaw ( CVE-2021-42392 ) relates to Java Naming and Directory Interface (JNDI) remote class loading.

Risk 120

Risk 120

ForAllSecure

SEPTEMBER 29, 2021

In August 2021, Dr James Ransome -- Veteran CISO, CSO, CPSO and Author -- hosted a fireside chat at FuzzCon 2021. He studied how Comcast’s security training programs correlated with risk reduction outcomes. ” Fagbemi responded: “What happens when the issue is high risk?”

CSO 52

CSO Risk CISO Architecture 52

CSO Magazine

AUGUST 9, 2022

Chowing down on some broccoli or kale can help us build strong bones, reduce our risk of chronic diseases, and deliver the vitamins our bodies need. trillion annually by 2025, up from $3 trillion a decade ago and $6 trillion in 2021. [2] Like it or not, vegetables are good for us. 1] Companies are the same when it comes to security.

Cybersecurity 109

Cybersecurity Cybercrime Passwords Authentication 109

CSO Magazine

JULY 8, 2022

The agencies assert that North Korean state-sponsored cyber actors have used the malware since at least May 2021 to target healthcare and public health sector organizations. For that reason, the FBI and other agencies issuing the advisory maintain the state-sponsored actors will continue to target healthcare organizations.

Ransomware 113

Ransomware Healthcare Malware Risk 113