CSO Magazine

MARCH 24, 2023

Basically, every organization that uses this tool is at risk of losing their AI models, having an internal server compromised, and having their AWS account compromised," Dan McInerney, a senior security engineer with cybersecurity startup Protect AI, told CSO. It's pretty brutal."

CSO 111

CSO Authentication Engineering Internet 111

CSO Magazine

DECEMBER 19, 2022

From following best practices for updating and patching systems and software to knowing and understanding the everyday risks posed by phishing emails, malicious websites, or other attack vectors, everyone — not just the dedicated IT/security professionals — has some level of responsibility for cybersecurity.

Accountability 111

Accountability Cybersecurity Phishing Technology 111

SecureWorld News

MAY 2, 2024

By spearheading cybersecurity programs, CISOs empower organizations to fend off cyber threats from criminal enterprises, insider risks, hackers, and other malicious entities that pose significant risks to operations, critical infrastructure, and even national security. RELATED: Uber CSO Found Guilty: The Sky Is Not Falling.

CISO 103

CISO Government CSO Artificial Intelligence 103

CSO Magazine

MAY 17, 2023

Researchers from security firm Proofpoint investigated how attackers could abuse access to a Teams account and found some interesting attack vectors that could allow hackers to move laterally by launching further phishing attacks or getting users to download malicious files. To read this article in full, please click here

Accountability 105

Accountability Phishing Risk 105

CSO Magazine

MARCH 1, 2022

Risk-based authentication (RBA), also called adaptive authentication, has come of age, and it couldn’t happen fast enough for many corporate security managers. What is risk-based authentication? It creates a risk profile of the person or device requesting access to the system. To read this article in full, please click here

Authentication 93

Authentication Risk Phishing Accountability 93

The Security Ledger

APRIL 5, 2023

In this Spotlight episode of the Security Ledger podcast, I interview Richard Bird, the CSO of the firm Traceable AI about the challenge of securing application programming interfaces (APIs), which are increasingly being abused to steal sensitive data. The post Spotlight: Traceable CSO Richard Bird on Securing the API Economy appeared first.

CSO 52

CSO Digital transformation Cyber Attacks Financial Services 52

Duo's Security Blog

NOVEMBER 20, 2023

“It took nearly 11 months (328 days) to identity and contain data breaches resulting from stolen or compromised credentials.” – IBM’s Cost of Data Breach Report 2023 I recently came across a 2012 article from CSO Online , and realized that it has been more than 11 years since the phrase “Identity is the new perimeter” was coined!

Threat Detection 138

Threat Detection Authentication Accountability Data breaches 138

CSO Magazine

NOVEMBER 28, 2022

Customer identity and access management (CIAM), a subset of identity access management (IAM), is used to manage authentication and authorization of account creation and login process for public facing applications. Marketers want to collect data about customers and their devices.

CSO 80

CSO Data collection Marketing Accountability 80

Thales Cloud Protection & Licensing

OCTOBER 28, 2024

The Relevance of Privacy-Preserving Techniques and Generative AI to DORA Legislation madhav Tue, 10/29/2024 - 04:55 The increasing reliance on digital technologies has created a complex landscape of risks, especially in critical sectors like finance. The world has changed.

Encryption 62

Encryption Risk Data privacy Artificial Intelligence 62

SecureWorld News

NOVEMBER 16, 2023

Conversely, if a CISO is to be held accountable in the same manner as a CFO or General Counsel concerning matters of investor confidence, the executive contours of the CISO role should be revisited to ensure that it has sufficient authority, agency, and institutional backing to defend data assets as a fiduciary."

CISO 111

CISO Cybersecurity CSO Risk 111

CSO Magazine

MARCH 2, 2023

Booking.com, one of the world's largest online travel agencies, recently patched a vulnerability in its implementation of the OAuth protocol that could have allowed attackers to gain access to customer accounts by simply tricking them into clicking a link.

Accountability 66

Accountability Risk 66

CSO Magazine

JULY 7, 2021

I read with interest about Active Directory Certificate Services (AD CS) misconfigurations and the risks they present to my network. However, I wanted to get a head start to see if my domain was vulnerable to attacks that could result in account or domain takeover. To read this article in full, please click here (Insider Story)

Network Security 138

Network Security Accountability Risk 138

eSecurity Planet

OCTOBER 18, 2021

Machine identities now outnumber humans in enterprises, according to Nathanael Coffing, co-founder and CSO of Cloudentity. Gartner’s list of the top security risks and trends for 2021 included machine identity management for the first time. Poor Machine Identity Management Introduces Risks. Machine Identity Risks Go Overlooked.

IoT 121

IoT Risk Architecture CSO 121

SecureWorld News

DECEMBER 11, 2023

Public companies will also have to share details about their "cybersecurity risk management, strategy, and governance" on an annual basis. Risk Management and Strategy Disclosure: Companies must disclose their cybersecurity risk management policies, governance procedures, and incident response plans in their annual reports.

CISO 104

CISO Risk Government Cybersecurity 104

SecureWorld News

JULY 30, 2024

The SEC accused SolarWinds of failing to adequately disclose cybersecurity risks and vulnerabilities, which allegedly misled investors about the company's security posture and internal controls. These disclosures were deemed adequate in conveying the potential cybersecurity risks that the company faced at that time.

CISO 112

CISO Risk Cybersecurity Accountability 112

CSO Magazine

JULY 18, 2022

The cloud-based solution addresses four common problems with passwords that create security risks and account friction. When someone tries to access an account covered by the Stytch solution, the password is automatically vetted at HaveIBeenPwnd, a dataset of 12 billion compromised passwords. Account de-duplicating.

Passwords 119

Passwords Authentication Accountability Risk 119

CSO Magazine

MAY 26, 2022

One of the main objectives of the bad guys is to escalate to privileged account access wherever possible. As a result, organizations recognize that they need to take special care with the way that they manage and grant access to the most powerful privileged accounts in their environments.

Accountability 118

Accountability Risk 118

SecureWorld News

JUNE 26, 2023

It will be interesting to watch how the SEC navigates this next stage and its broader impact on the approach by executives in managing cyber risk." While these Wells Notices are official investigations, they are a sign of a potential intent to investigate the CISO and CFO.

CISO 111

CISO CSO Data privacy Cyber Risk 111

CyberSecurity Insiders

MAY 16, 2022

By Amanda Fennell, CSO and CIO, Relativity. Security programs must shoulder accountability for setting employees in different roles up for success. Effective learning management systems are available that take into account the human attention span. But tools and processes alone are two variables in an incomplete equation.

CSO 131

CSO Passwords Password Management Accountability 131

SecureWorld News

JANUARY 26, 2022

million could be stolen from company accounts, according to the Financial Times. Martin Jartelius, CSO of Outpost24, shares his thoughts: "If a member of a team believes something is a risk, it's important to investigate and escalate according to your process and making your decision based on the facts.

Cybersecurity 98

Cybersecurity CSO Cyber Attacks Government 98

CSO Magazine

AUGUST 16, 2022

Cybersecurity risk assessment company Safe Security on Tuesday rolled out two new online risk assessment tools for businesses to use, in order to help them understand their vulnerability to cyberattacks and the costs of insuring against them. Risk tools measure financial impact of cyberthreats.

Risk 61

Risk Cyber Insurance Insurance Data breaches 61

eSecurity Planet

SEPTEMBER 9, 2024

Organizations and end users need prompt patching and thorough security policies to protect systems and data from high-risk vulnerabilities. Sevco’s CSO Brian Contos states, “6% of all IT assets have reached EOL, and known but unpatched vulnerabilities are a favorite target for attackers.” to address the problem.

Firmware 110

Firmware Backups Firewall Risk 110

CSO Magazine

SEPTEMBER 8, 2022

Global organizations say they are increasingly at risk of ransomware compromise via their extensive supply chains. Supply chain and other partners include providers of IT hardware, software and services, open-source code repositories, and non-digital suppliers ranging from law firms and accountants to building maintenance providers.

Ransomware 118

Ransomware Accountability Software Risk 118

CSO Magazine

APRIL 18, 2023

That’s according to the Unit 42 Cloud Threat Report, Volume 7 , which analyzed the workloads in 210,000 cloud accounts across 1,300 different organizations to gain a comprehensive look at the current cloud security landscape.

Risk 81

Risk Threat Reports Authentication Accountability 81

CSO Magazine

JANUARY 31, 2023

Guardz automatically enrolls all user accounts upon activation, and monitors risk posture, performs threat detection on all monitored accounts and devices, and offers one-click remediation for some threats. The premise of the company’s main offering is tight API integration with Microsoft 365 and Google Workspace.

Small Business 99

Small Business Cybersecurity Threat Detection Accountability 99

CSO Magazine

NOVEMBER 2, 2022

The US Government Accountability Office (GAO) released a comprehensive report in late September 2022 that discussed the need for dedicated privacy leadership within the departments and agencies of the executive branch of government if goals surrounding privacy are to be achieved.

Government 111

Government Accountability Risk 111

CyberSecurity Insiders

MARCH 30, 2023

Seasoned CISOs/CSOs understand the importance of effectively communicating cyber risk and the need for investment in cybersecurity defense to the board of directors. One key aspect of successful communication is understanding the business objectives and risk appetite of the organization.

Cybersecurity 119

Cybersecurity Cyber Risk CISO Risk 119

The Last Watchdog

MARCH 25, 2019

If I go to a CSO and say, ‘We can secure your APIs,’ he’ll say, ‘Great, can you also find them for me?’ ” observed Dwivedi, Data Theorem’s founder. Instead, what it did was allow anyone with a usps.com account to modify a wildcard search without authentication permissions. And that’s just one phone. Velocity without security.

Digital transformation 154

Digital transformation Software Data breaches Authentication 154

CSO Magazine

MAY 11, 2022

Our approach is to use AI to stop bad actors at a massive scale and reduce the risk of account takeovers." To read this article in full, please click here

Authentication 106

Authentication Accountability Risk 106

Security Through Education

OCTOBER 27, 2021

It speaks to reason that, to #BeCyberSmart at home, we’d need to account for this increase in connectivity by applying basic security practices to all connected devices. Typically, corporate networks are equipped with firewalls, a Chief Security Officer (CSO), and a whole cybersecurity department to keep them safe.

Cybersecurity 137

Cybersecurity Social Engineering Firewall Engineering 137

SC Magazine

MARCH 10, 2021

Kottmann also reportedly even posted some of the videos on Twitter, which later deleted the hacker’s account and their offending tweets. Thought leaders advise reducing or eliminating the use of these skeleton key-like accounts. Or another video in which Massachusetts police officers were questioning a handcuffed man in custody.

Surveillance 129

Surveillance IoT Accountability Passwords 129

Security Boulevard

FEBRUARY 14, 2025

Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) called buffer overflow vulnerabilities unforgivable defects that put national and economic security at risk.

Banking 64

Banking Cybercrime Cybersecurity Ransomware 64

SecureWorld News

MAY 21, 2024

Organizations have long struggled with whether and when to designate a Chief Privacy Officer to their ranks, where that role should sit (in compliance, legal, or other department), and who the CPO or privacy official should report to and be accountable for," said Myriah Jaworski Esq., RELATED: Uber CSO Found Guilty: The Sky Is Not Falling.

Data privacy 108

Data privacy CISO Small Business CSO 108

eSecurity Planet

JANUARY 29, 2024

The most significant risk for enterprises isn’t the speed at which they are applying critical patches; it comes from not applying the patches on every asset,” noted Brian Contos, CSO of Sevco Security. As of January 24th, Shadowserver researchers still detected 5,300 older and internet-exposed GitLab accounts.

Software 115

Software Authentication CSO Accountability 115

McAfee

NOVEMBER 10, 2021

Under the guidance of Dan Meacham, VP of Global Security and Corporate Operations and CSO/CISO, the multi-billion dollar organization transitioned from on-premises data centers to the cloud in 2012. Unacceptable levels of risk. MVISION CNAPP helps me keep my system administrators and developers accountable for what they are doing.

Data breaches 93

Data breaches Risk CSO Media 93

Security Boulevard

OCTOBER 18, 2024

Check out invaluable cloud security insights and recommendations from the “Tenable Cloud Risk Report 2024.” 1 - Tenable: Riskiest cloud workloads present in 38% of orgs Almost 40% of global organizations have cloud workloads that put them at the highest risk of attack — an alarmingly high percentage.

Cybersecurity 69

Cybersecurity CISO CSO Risk 69

SecureWorld News

MAY 30, 2023

Its flexible, risk-based structure can also be tailored to meet a company's specific needs." For instance, users should only be given access to database content on a 'need to know basis'; giving general access to any 'trusted' users means that an attacker can seize control of those user accounts and run wild.

CISO 94

CISO CSO Data breaches Cybersecurity 94