SC Magazine

MARCH 2, 2021

But infosec thought leaders say that blaming an intern ignores the true roots of the problem, including insufficient credentials policies and access management practices – as evidenced in part by the simplicity of the password itself: “solarwinds123”. Infosec experts similarly chided the company for a lack of strong credentials.

Passwords 129

Passwords Password Management CISO InfoSec 129

SecureWorld News

DECEMBER 11, 2023

We covered the new rules on July 31, with some thoughts from InfoSec leaders. Sam Masiello , CISO at The Anschutz Corporation, had this to say back in July: "I would expect that many CISOs today are feeling as if their job just got harder and now has a brighter spotlight shining specifically on them.

CISO 104

CISO Risk Cybersecurity Government 104

SecureWorld News

JUNE 24, 2024

Additionally, there sectoral privacy regulations in the United States, such as the Health Insurance Portability and Accountability Act (HIPAA), and state level regulations like the California Consumer Privacy Act (CCPA). The potential loss of reputation from a privacy breach is a clarion call for business executives and CISOs.

IoT 108

IoT InfoSec Artificial Intelligence Risk 108

SecureWorld News

MARCH 17, 2022

That was the case for a broadcast SecureWorld recently hosted with Mike Britton, CISO of Abnormal Security , and legendary investigative journalist Brian Krebs. In these types of collaborative platforms, like Slack for example, when some user account credentials get phished, someone else's credentials could be phished.

InfoSec 97

InfoSec Social Engineering Phishing Cybercrime 97

The Falcon's View

JANUARY 3, 2019

Consider, if you will, that fundamentally we in infosec want people to make better decisions. However, when people are empowered to make their own decisions and are held accountable for the lasting impacting , then and only then will they start adopting more of a caretaker mentality and start considering long-term impacts.

InfoSec 40

InfoSec Engineering Digital transformation CISO 40

SC Magazine

MARCH 29, 2021

Distractions and diversions are all too frequently stealing time away from security awareness professionals, forcing them to tend to non-critical tasks while setting aside their core responsibilities of developing a strong internal infosec culture. Brian Johnson, chief security officer at Armorblox, and former CISO at LendingClub.

Security Awareness 104

Security Awareness InfoSec CISO Media 104

SecureWorld News

OCTOBER 19, 2023

I think it requires taking a step back and assessing what you can do with less," said Chris Roberts, CISO and Senior Director at Boom Supersonic. Andrew Smeaton, CISO at Afiniti, says reassessment of cybersecurity programs and plans is necessary. Too many folks focus on the technology as opposed to the people or process.

Cybersecurity 103

Cybersecurity CISO Education Phishing 103

SC Magazine

JANUARY 29, 2021

If or when more attacks are uncovered, end-user organizations will need to apply the lessons learned from SolarWinds and prepare to take swift and decisive action, infosec experts agreed in a series of interviews with SC Media.

InfoSec 97

InfoSec CISO Media Software 97

SecureWorld News

MARCH 31, 2022

Randy is a CISSP and is active in the Central Missouri InfoSec community. Answer: Effective, cross-platform and easy-to-implement password-less authentication with regular assessment of account/system behavior to enforce expected behavior and identify anomalous actions. Get to know Randy Raw.

Cybersecurity 97

Cybersecurity InfoSec Authentication DDOS 97

McAfee

OCTOBER 31, 2021

Equally, direct messages have been used by groups to take control over influencer accounts to promote messaging of their own. We live in a world where we are governed by rules, territories, and jurisdictions; to hold a threat actor accountable, we would need digital evidence. Who Can Regulate? By Christiaan Beek. Who Can Regulate?

Cybercrime 115

Cybercrime Government Malware Media 115

Notice Bored

JULY 4, 2022

I feel more confident about the underlying generic principles of risk, compliance, conformity, obligations, accountabilities, assurance and controls though, and have the breadth of work and life experience to appreciate the next point. The possibility of being held personally to account (perhaps even sacked or prosecuted!)

Risk 72

Risk Accountability InfoSec CISO 72

SC Magazine

FEBRUARY 8, 2021

According to the Harvard Business Review , though, companies with at least $200 million in cyber insurance account for a bit more than 20% of what is believed to be $5 billion in global cyber insurance premium, amounting to roughly $1.1 billion in premium. That’s quite the incentive for insurers to assert themselves in this market.

Insurance 126

Insurance Cybersecurity Cyber Insurance Government 126

Thales Cloud Protection & Licensing

JUNE 25, 2019

As organisations work to improve their ability to manage information risk, the importance of having a Chief Information Security Officer (CISO) is also being recognised. The person in this role needs to be part of board room discussions to successfully implement organisational change.

Technology 97

Technology Small Business InfoSec Cybersecurity 97

SecureWorld News

MAY 31, 2024

Now, CISO is a run of the mill job fraught with stress and responsibility and likely to burn and churn or give you an ulcer." If the morning paper had a misplaced character, it was noticed and you were held accountable, most likely, but the paper didn't shut down, didn't lose money or go out of business," Staynings continued. "If

Artificial Intelligence 107

Artificial Intelligence Cybersecurity Engineering Technology 107

The Falcon's View

AUGUST 6, 2018

First and foremost, your security program must account for basic security hygiene, which creates the basis for arguing legal defensibility ; which is to say, if you're not doing the basics, then your program can be construed insufficient, exposing your organization to legal liability (a growing concern). Behavioral InfoSec. The Basics.

InfoSec 40

InfoSec Risk Architecture Security Awareness 40

Security Boulevard

OCTOBER 27, 2021

Ransomware has become one of the most dangerous and high-profile problems facing CIOs and CISOs worldwide. Zero Trust assumes there is no implicit trust granted to assets, user accounts, microservices, or data based solely on their location. Hims Pawar. Oct 27, 2021. A recent U.S. government in the first six months of 2021. .

Ransomware 59

Ransomware Backups Mobile InfoSec 59

Errata Security

SEPTEMBER 12, 2020

Infosec is a largely non-technical field. For example, every CISO needs to have an automated script that will cause all the alarms in their home (and mobile) to go off when an SSH CVE happens. Sensitive servers need to have canary accounts that will trigger alarms if they ever get compromised. Transparency is good.

InfoSec 75

InfoSec Passwords Accountability CISO 75

Cisco Security

AUGUST 26, 2021

We constantly see new threats, and threat vectors, come and go; which puts a tremendous strain on the InfoSec teams that have to protect organizations and businesses from these threats. Cyber Observer’s partnership with Cisco enables CISOs to manage and monitor their cybersecurity eco-system posture. Read more here.

Technology 144

Technology Firewall VPN Authentication 144

Security Boulevard

OCTOBER 10, 2022

Every aspect of human life is influenced and changed by machines — from visiting the doctor, to purchasing online, to accessing bank accounts, to flying on an airplane. Developers want to go incredibly fast and infosec wants to be secure even if it slows down development. Mon, 10/10/2022 - 08:15. Software is rapidly eating the world.

Digital transformation 59

Digital transformation Software Authentication InfoSec 59

The Falcon's View

MARCH 12, 2018

Better Reporting and the Path to Accountability. Convert those objectives into measurable items, and there you are on the path to KPIs as policies. For more on thoughts on security metrics, I recommend checking out the CIS Benchmarks as a starting point.

Policy Compliance 40

Policy Compliance Security Performance Risk CISO 40

Cisco Security

JUNE 25, 2021

This month, we interviewed Esmond Kane, CISO of Steward Health Care. First of all, while I am honoured and deeply thankful for the recognition, I believe strongly that Security is a team effort and I must acknowledge the superb InfoSec team in Steward but also the Steward workforce. Esmond Kane is Cisco’s CISO of the month.

CISO 83

CISO Healthcare InfoSec Computers and Electronics 83

eSecurity Planet

DECEMBER 19, 2023

Government actions will increase: Expect more government regulations, state-sponsored cyberattacks, and increased documentation required to protect CISOs. Christine Bejerasco, CISO of WithSecure , expands that “in the physical dimension, poisoning the well could impact communities in the area.

Cybersecurity 140

Cybersecurity CISO Government Technology 140

SecureWorld News

MAY 6, 2023

Dd (Catharina) Budiharto is the founder of Cyber Point Advisory LLC, a fractional CISO firm providing cybersecurity advisory services to small and mid-size businesses (SMBs). She was a CISO for several Oil and Gas companies and was a past chairperson for the American Petroleum Institute (API) IT Security Sub-Committee.

Cybersecurity 81

Cybersecurity CISO Government InfoSec 81

ForAllSecure

JULY 19, 2022

Vamos i I realized this isn't the typical InfoSec opening for The Hacker Mind but it is an important backstory for this episode's guest. Vamos i maturity accounts for some of that. I've always respected you know, in the cyber field, there's a healthy partnership or Brotherhood or sisterhood among CISOs. Nobody stand back.

Cybercrime 52

Cybercrime Government Ransomware Risk 52

Duo's Security Blog

APRIL 29, 2022

Defining “storytelling” in an InfoSec context Inspiration - We the People: Democratizing Security “Storytelling” is a word that you will hear frequently within Duo’s creative team — now part of a Brand & Strategy unit for Cisco’s rebranded security organization Cisco Secure. But where to begin?

Marketing 98

Marketing InfoSec Architecture Authentication 98

CyberSecurity Insiders

DECEMBER 8, 2021

Tyler Farrar, CISO, Exabeam. Doing so provides the necessary context needed to restore trust and react in real time to protect user accounts — halting malicious access in its tracks.”. Infosec will dominate our lives in the tech space for the foreseeable future. Steve Moore, chief security strategist, Exabeam.

Data breaches 142

Data breaches Ransomware Government Cybersecurity 142

IT Security Guru

DECEMBER 21, 2022

Where we are today exposes the gaps in our armour – we have failed on many accounts. It’s too easy to follow, it’s too easy to be part of the echo chamber of infosec. On the eve of 2023 it’s time for a collective commitment to the planet and the infosec community. Please try to save the planet as it’s the only one we have.

InfoSec 121

InfoSec Internet Internet Media 121