Accountability and CISO - Cyber Security Informer

Fake CISO Profiles on LinkedIn Target Fortune 500s

Krebs on Security

SEPTEMBER 30, 2022

Someone has recently created a large number of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. It’s not clear who’s behind this network of fake CISOs or what their intentions may be. Of course, Sites is not the real CISO of Chevron.

CISO

CISO Cybercrime Accountability Information Security

Fortinet CISO Details ‘Phish-Free’ Phishing Scheme Using PayPal

Security Boulevard

JANUARY 9, 2025

A bad actor is using a Microsoft 365 test domain and a self-created distribution list to bypass traditional email protections and entice victims to hand over their PayPal account information in what Fortinet's CISO is calling a "phish-free" phishing campaign.

CISO

CISO Phishing Accountability Social Engineering

From Pest Control to Cybersecurity: What CISOs Can Learn from Pestie

SecureWorld News

JANUARY 21, 2025

As I was spraying Pestiea DIY pest spray subscription servicearound my home this weekend (sun's out, spray gun's out), I was thinking about the correlation of this home perimeter defense to what CISOs and their teams do to keep their organizations secure. CISO takeaway: Effective cybersecurity isn't a generic solution.

CISO

CISO Cybersecurity Cyber threats Education

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Responses edited for clarity and length: Ambuj Kumar , CEO, Simbian Kumar While the SEC has fined the corporations, CISOs are worried that they may be held individually responsible and feel targeted by both attackers and now law enforcement. Some have moved away from the CISO role. Addressing this root cause must be a priority.

CISO

CISO CSO Risk Cyber threats

Former Uber CISO Faces Prison Time For Mishandling Cyberattack: Justice, Scapegoating, or Both?

Joseph Steinberg

OCTOBER 6, 2022

According to The New York Times , in 2016, while the Federal Trade Commission (FTC) was investigating an earlier breach of Uber’s computer systems, Sullivan learned of a subsequent compromise that affected more than 57 million Uber accounts. There is a reason that the rate of turnover in such roles is so high – CISOs burn out quickly.

CISO

CISO Artificial Intelligence Data breaches Cybersecurity

Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn

Krebs on Security

OCTOBER 20, 2022

On October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc. LinkedIn declined to answer questions about the account purges, saying only that the company is constantly working to keep the platform free of fake accounts. The next day, half of those profiles no longer existed.

Accountability

Accountability Cryptocurrency Scams CISO

Why CISA is Warning CISOs About a Breach at Sisense

Krebs on Security

APRIL 11, 2024

Both sources said the attackers used the S3 access to copy and exfiltrate several terabytes worth of Sisent customer data, which apparently included millions of access tokens, email account passwords, and even SSL certificates. The PR rep said Sisense wanted to make sure they had an opportunity to comment before the story ran.

CISO

CISO Encryption Telecommunications Financial Services

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

Gen AI threats and quantum computing exposures must be accounted for. Attacks targeting identities rose 71% last year, with valid accounts as the top entry point. Well see CISOs increasingly demand answers about why models flag certain malicious activity and how that activity is impactful at enterprise scale. The hard part?

Cyber threats

Cyber threats CISO IoT Phishing

Fintech Giant Finastra Investigating Data Breach

Krebs on Security

NOVEMBER 19, 2024

” “Additionally, we have been sharing Indicators of Compromise (IOCs) and our CISO has been speaking directly with our customers’ security teams to provide updates on the investigation and our eDiscovery process,” the statement continues. Maybe abyss0 found a buyer who paid for their early retirement.

Data breaches

Data breaches Banking Cybercrime Advertising

CISO Perspectives on Complying with Cybersecurity Regulations

The Hacker News

APRIL 5, 2024

Compliance requirements are meant to increase cybersecurity transparency and accountability. For CISOs and their teams, that means compliance is a time-consuming, high-stakes process that demands strong organizational and

CISO

CISO Cybersecurity Cyber threats Accountability

Should the CISO Report to the CIO?

Cisco Security

JULY 1, 2021

The Chief Information Security Officer (CISO) is the organization’s senior executive in charge of the cybersecurity and the information technology risk management posture of the enterprise. federal government in particular, the CISO reports to the Chief Information Officer (CIO). In many organizations, and in the U.S.

CISO

CISO Technology Risk Government

CISO Thoughts with David Lindner

Security Boulevard

MARCH 11, 2022

percent of account compromise attacks. The post CISO Thoughts with David Lindner appeared first on Security Boulevard. The number one thing an organization can do today to help prevent the next major breach is to implement multi-factor authentication (MFA) on all things. According to research by Microsoft, MFA can block over 99.9

CISO

CISO Authentication Accountability

Secrets to building a healthy CISO-vendor partnership

CSO Magazine

MAY 3, 2022

Effective partnerships between CISOs and their cybersecurity vendors are integral to security success. He notes that CISOs often have a select group of key security vendors that have become trusted partners where the relationship is mutually beneficial. To read this article in full, please click here

CISO

CISO CSO Accountability Cybersecurity

CISOs and Senior Leadership at Odds Over Security

Security Boulevard

JUNE 4, 2024

The post CISOs and Senior Leadership at Odds Over Security appeared first on Security Boulevard. Only half of cybersecurity leaders feel their C-suite understands cybersecurity risks, a Trend Micro survey found. Four in five have been told to downplay a potential risk’s severity.

CISO

CISO Risk Cybersecurity Accountability

Introducing our new CISO Advisor, Pam Lindemeon

Cisco Security

AUGUST 3, 2021

I’m delighted to announce the latest member of our growing CISO Advisor team, Pam Lindemeon. Pam is an exceptional leader; dedicated to advancing women in the IT industry, and I’m so glad she’s now joined Cisco to work closely with our community of CISOs and offer advice and guidance based on her incredible experience. Pam Lindemeon.

CISO

CISO Technology Information Security Cybersecurity

LinkedIn being targeted by fake CISO Profile Positions in Large Companies

CyberSecurity Insiders

OCTOBER 3, 2022

LinkedIn has publicly announced that for some reasons, its servers are being targeted by fake CISO Profiles that disclose vacant positions at large multinational companies. The post LinkedIn being targeted by fake CISO Profile Positions in Large Companies appeared first on Cybersecurity Insiders.

CISO

CISO Artificial Intelligence Cyber Attacks Accountability

Today’s CISO Insights – How to Tackle the Quantum Threat

CyberSecurity Insiders

MAY 3, 2023

This is why CISOs everywhere should be concerned. CISOs should begin to familiarize themselves with these and evaluate their potential suitability for adoption. Once that ecosystem is understood and its supporting cryptology has been identified, CISOs should develop a plan that considers quantum-resistant technology.

CISO

CISO Identity Theft Encryption Social Engineering

How CISOs Can Impact Security for All

Cisco Security

APRIL 26, 2021

Insights from our new Advisory CISO, Helen Patton. If there’s anyone who’s been put through their paces in the security industry, it’s Helen Patton , our new Advisory Chief Information Security Officer (CISO). Helen has come to Cisco from The Ohio State University, where she served as CISO for approximately eight years.

CISO

CISO Education Technology Media

From Compliance to Resilience: Cyber Governance as the Cornerstone of CISO Strategy

SecureWorld News

MAY 2, 2024

The role of a Chief Information Security Officer (CISO) is undeniably complex, yet incredibly rewarding. However, the challenges faced by CISOs are mounting, exacerbated by the evolving threat landscape and regulatory environment. The recent release of NIST's Cybersecurity Framework version 2.0

CISO

CISO Government CSO Artificial Intelligence

IT asset disposal is a security risk CISOs need to take seriously

CSO Magazine

JUNE 21, 2021

Asset disposal normally isn’t one of those burning topics that is top-of-mind for CISOs, yet every CISO must be able to address it when asked to describe their information technology asset disposal (ITAD) program. Sign up for CSO newsletters. ]. Sign up for CSO newsletters. ].

CISO

CISO Risk CSO Accountability

News alert: Aembit appoints former Snowflake security director Mario Duarte as its new CISO

The Last Watchdog

OCTOBER 2, 2024

2, 2024, CyberNewswire — Aembit , the non-human IAM company, today announced the appointment of Mario Duarte as chief information security officer (CISO). Throughout my career, I’ve witnessed how non-human identities like workloads and service accounts are being exploited, and knew this was the next big frontier in security.”

CISO

CISO Penetration Testing Retail Accountability

GUEST ESSAY: Why CISOs absolutely must take authentication secrets much more seriously

The Last Watchdog

MARCH 1, 2023

It is a program that must coordinate people, tools, and processes, and also account for human error. This gave the attacker access to Uber’s admin accounts in AWS, GCP, Google Drive, Slack, SentinelOne, HackerOne, and more. Errors cannot be prevented, but their effects can be. In August, LastPass suffered a similar attack.

Authentication

Authentication CISO Passwords Software

Why CISOs Are Joining 'The Great Resignation'

SecureWorld News

DECEMBER 8, 2022

We hear it all the time: there are not enough people to fill all the cybersecurity roles (including CISOs) that are currently available, not to mention the openings expected in the coming months and years. Being a CISO sometimes serves as the catalyst to finding a new career path.". People want: Work-life balance.

CISO

CISO Cyber Risk Cybersecurity Accountability

Fake LinkedIn CISO Profiles Target Top Companies

SecureWorld News

OCTOBER 3, 2022

Most recently, one of those new schemes involves fake LinkedIn profiles representing Chief Information Security Officers (CISOs) at some of the world's largest corporations. CISO profiles spoofed on LinkedIn. One of the fake profiles that was discovered was for one Victor Sites, claiming to be the CISO at Chevron.

CISO

CISO Engineering Healthcare Cryptocurrency

Federal Judge Dismisses Most of SEC Claims Against SolarWinds, CISO

SecureWorld News

JULY 30, 2024

and its Chief CISO, Timothy G. Internal Accounting and Disclosure Controls: The SEC's allegations that SolarWinds failed to maintain effective internal accounting and disclosure controls were also dismissed. Accountability at the executive level is essential for fostering a culture of security and compliance.

CISO

CISO Risk Cybersecurity Accountability

The Hot Seat: CISO Accountability in a New Era of SEC Regulation

Dark Reading

SEPTEMBER 25, 2023

Updated cybersecurity regulations herald a new era of transparency and accountability in the face of escalating industry vulnerabilities.

Accountability

Accountability CISO Cybersecurity

Wells Notice Against SolarWinds CISO Could Be First of Its Kind

SecureWorld News

JUNE 26, 2023

In a LinkedIn post today, June 26th, Jamil Farshchi, EVP and CISO at Equifax, had this to say about the news: "This is a really big deal. It's unprecedented: this is likely the first time a CISO has ever received one of these. So it seems odd for a CISO to get one of these," he wrote. federal securities laws."

CISO

CISO CSO Data privacy Cyber Risk

What the Boardroom Is Missing: CISOs

Dark Reading

OCTOBER 30, 2023

From communicating why security should be a priority to advocating for accountability and greater focus on protecting data in the cloud, CISOs can make the case for keeping people and sensitive data secure.

CISO

CISO Accountability

LinkedIn Adds Verified Emails, Profile Creation Dates

Krebs on Security

NOVEMBER 4, 2022

Responding to a recent surge in AI-generated bot accounts, LinkedIn is rolling out new features that it hopes will help users make more informed decisions about with whom they choose to connect. For example, on October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc.

Scams

Scams Artificial Intelligence Cryptocurrency Accountability

CISOs Getting Back to 'Business as Usual,' Proofpoint Survey Shows

SecureWorld News

MAY 9, 2023

Proofpoint today released its annual report titled, "2023 Voice of the CISO: Global insights into CISO challenges, expectations and priorities," in which it surveyed 1,600 CISOs sharing their experiences over the past year and their outlook for what is to come for the cybersecurity industry. That's changing.

CISO

CISO Cyber Attacks DDOS Cyber Risk

Is fighting cybercrime a losing battle for today’s CISO?

CyberSecurity Insiders

JANUARY 12, 2022

In this blog, we’ll look at the root causes of concern for today's CISO and share some practical strategies to deter cybercriminals. The CISO role can be an unenviable one. Is the cyber deck stacked against today's CISO? As CISO, you are usually accountable for the security of the application fleet.

CISO

CISO Cybercrime Risk Healthcare

Survey: Senior Executives Being Held More Accountable for Cybersecurity

Security Boulevard

AUGUST 16, 2024

The post Survey: Senior Executives Being Held More Accountable for Cybersecurity appeared first on Security Boulevard. A global survey of 1,850 IT and cybersecurity decision-makers finds more than half (51%) reporting that directors or executives have faced fines, jail time, loss of position, or loss of employment following a cyberattack.

Accountability

Accountability Cybersecurity CISO Security Awareness

Cybersecurity Insights with Contrast CISO David Lindner | 12/16

Security Boulevard

DECEMBER 16, 2022

Are you using service accounts for those “simple” integrations between your security alerts and other tools such as slack, or CI/CD pipelines? A great way to solidify your security operations environment is to make sure you are using service accounts/APIs wherever you can.". Insight #3. ".

CISO

CISO Cybersecurity Government Accountability

Operation Heart Blocker: International Police Disrupt Phishing Network

SecureWorld News

FEBRUARY 3, 2025

Heath Renfrow, CISO and Co-founder of Fenix24, noted: "While I commend law enforcement and all involved in Operation Heart Blocker for their successful efforts in dismantling a key cybercriminal network, it will have minimal impact on slowing the larger cybercrime epidemic that continues to escalate.

Phishing

Phishing Cybercrime Scams Authentication

Ghost Ransomware a Persistent Global Threat to Critical Infrastructure

SecureWorld News

FEBRUARY 20, 2025

He urges enterprises to implement Privileged Access Management (PAM) solutions and multi-factor authentication (MFA) and to enforce robust password policies to reduce the risk of account compromise. Strengthening identity security Enforce phishing-resistant MFA for all privileged accounts.

Ransomware

Ransomware IoT Encryption Social Engineering

Cybersecurity Insights with Contrast CISO David Lindner | 11/25

Security Boulevard

NOVEMBER 25, 2022

How often do you scrub your data or delete accounts you are no longer using?". . Do you use the same password across multiple accounts? The post Cybersecurity Insights with Contrast CISO David Lindner | 11/25 appeared first on Security Boulevard. Insight #2. ". Are you doing asset discovery well?". . Insight #3. ".

CISO

CISO Cybersecurity Government Accountability

Cybersecurity Insights with Contrast Security CISO David Lindner | 5/6

Security Boulevard

MAY 5, 2022

Use different passwords for every single account (I have over 750 myself). The post Cybersecurity Insights with Contrast Security CISO David Lindner | 5/6 appeared first on Security Boulevard. If any of your passwords are in this list, change them.". . Insight #3. The only way to successfully do this is to use a password manager.

CISO

CISO Password Management Cybersecurity Passwords

GUEST ESSAY: Why the arrests of cyber criminals in 2021 will incentize attackers in 2022

The Last Watchdog

DECEMBER 16, 2021

After all, a malicious actor only needs a few minutes of time with a privileged account to take over the entire directory, and there are volumes of exploitable identity risks at every organization. The ascendency of CISOs. In 2022 we expect to see organizations increasingly moving identity management systems into the CISO organization.

CISO

CISO Ransomware Risk Authentication

The CISO’s Midset for 2025: Outcomes, Automation, and Leadership

Lenny Zeltser

FEBRUARY 10, 2025

As the year 2025 rushes forward, the responsibilities of CISOs are continuing to evolve. The year will continue to shape the CISO role into an exciting combination of leadership and tech expertise. Below are three specific trends to keep in mind as we manage the complexities, challenges, and opportunities of the CISO role.

CISO

CISO Technology Risk Data breaches

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

SecureWorld News

DECEMBER 12, 2024

James Scobey, CISO at Keeper Security, stated, "The reported downtime of online ordering demonstrates how even temporary interruptions can have a significant impact on revenue and brand reputation." To mitigate such risks, organizations must adopt proactive measures.

Password Management

Password Management Passwords CISO Cybersecurity

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

FIPS-203 enables legal PQC deployment, prompting CISOs to overhaul encryption strategies. To mitigate risks, organizations must enforce Zero-Trust principles, limit AI access to privileged accounts, and sanitize AI prompts. Without action, quantum-enabled breaches threaten critical data, national security, and global stability.

Risk

Risk Threat Detection Technology Phishing

Cybersecurity Insights with Contrast CISO David Lindner | 9/2

Security Boulevard

SEPTEMBER 2, 2022

Have a roadmap and be very critical of that roadmap taking into account the day-to-day changes users may see and what added benefit the new changes provide. The post Cybersecurity Insights with Contrast CISO David Lindner | 9/2 appeared first on Security Boulevard. Insight #3. "

CISO

CISO Cybersecurity Ransomware Accountability

RSAC Fireside Chat: Extending ‘shift left’ to achieve SSCS — ‘software supply chain security’

The Last Watchdog

APRIL 18, 2023

Related: How SBOMs instill accountability Interestingly, you could make the argument that SSCS runs counter-intuitive to the much-discussed “ shift left ” movement. Guest expert: Matt Rose, Field CISO, ReversingLabs I had the chance to visit with Matt Rose, Field CISO at ReversingLabs , which is in the thick of the SSCS movement.

Software

Software CISO Internet Internet

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

SecureWorld News

JULY 31, 2023

Sam Masiello , CISO, The Anschutz Corporation: "I would expect that many CISOs today are feeling as if their job just got harder and now has a brighter spotlight shining specifically on them. Many CISOs are already burnt out, and there is shortage of qualified CISOs globally. CISOs are expected to be a unicorn already.

CISO

CISO InfoSec Risk Cybersecurity

Fake CISO Profiles on LinkedIn Target Fortune 500s

Fortinet CISO Details ‘Phish-Free’ Phishing Scheme Using PayPal

Trending Sources

From Pest Control to Cybersecurity: What CISOs Can Learn from Pestie

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

Former Uber CISO Faces Prison Time For Mishandling Cyberattack: Justice, Scapegoating, or Both?

Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn

Why CISA is Warning CISOs About a Breach at Sisense

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

Fintech Giant Finastra Investigating Data Breach

CISO Perspectives on Complying with Cybersecurity Regulations

Should the CISO Report to the CIO?

CISO Thoughts with David Lindner

Secrets to building a healthy CISO-vendor partnership

CISOs and Senior Leadership at Odds Over Security

Introducing our new CISO Advisor, Pam Lindemeon

LinkedIn being targeted by fake CISO Profile Positions in Large Companies

Today’s CISO Insights – How to Tackle the Quantum Threat

How CISOs Can Impact Security for All

From Compliance to Resilience: Cyber Governance as the Cornerstone of CISO Strategy

IT asset disposal is a security risk CISOs need to take seriously

News alert: Aembit appoints former Snowflake security director Mario Duarte as its new CISO

GUEST ESSAY: Why CISOs absolutely must take authentication secrets much more seriously

Why CISOs Are Joining 'The Great Resignation'

Fake LinkedIn CISO Profiles Target Top Companies

Federal Judge Dismisses Most of SEC Claims Against SolarWinds, CISO

The Hot Seat: CISO Accountability in a New Era of SEC Regulation

Wells Notice Against SolarWinds CISO Could Be First of Its Kind

What the Boardroom Is Missing: CISOs

LinkedIn Adds Verified Emails, Profile Creation Dates

CISOs Getting Back to 'Business as Usual,' Proofpoint Survey Shows

Is fighting cybercrime a losing battle for today’s CISO?

Survey: Senior Executives Being Held More Accountable for Cybersecurity

Cybersecurity Insights with Contrast CISO David Lindner | 12/16

Operation Heart Blocker: International Police Disrupt Phishing Network

Ghost Ransomware a Persistent Global Threat to Critical Infrastructure

Cybersecurity Insights with Contrast CISO David Lindner | 11/25

Cybersecurity Insights with Contrast Security CISO David Lindner | 5/6

GUEST ESSAY: Why the arrests of cyber criminals in 2021 will incentize attackers in 2022

The CISO’s Midset for 2025: Outcomes, Automation, and Leadership

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

Cybersecurity Insights with Contrast CISO David Lindner | 9/2

RSAC Fireside Chat: Extending ‘shift left’ to achieve SSCS — ‘software supply chain security’

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

Stay Connected