Article, CSO and Risk - Cyber Security Informer

Security teams report rise in cyber risk

CSO Magazine

AUGUST 18, 2021

If you are like 80% of respondents to the Trend Micro’s biannual Cyber Risk Index (CRI) report, you expect to experience a data breach that compromises customer data in the next 12 months. Learn the 7 keys to better risk assessment. | Get the latest from CSO by signing up for our newsletters. ].

Cyber Risk

Cyber Risk Risk CSO Data breaches

CSO Global Intelligence Report: The State of Cybersecurity in 2021

CSO Magazine

JULY 30, 2021

Any lingering indifference to cybersecurity risk has evaporated in the face of spiking ransomware attacks, software supply chain threats , and the challenges of securing remote workers. That’s the clear message of CSO’s Global Intelligence Report: The State of Cybersecurity in 2021, fielded via online survey in May and June of this year.

CSO

CSO Cybersecurity Ransomware Software

6 risk factors to know when hiring an MSSP

CSO Magazine

AUGUST 13, 2021

With enterprise adoption of managed security services gradually maturing, the rewards and risks of using these services have become a lot clearer for current and potential customers. Sign up for CSO newsletters. ]. To read this article in full, please click here Keep up with 8 hot cyber security trends (and 4 going cold).

Risk

Risk CSO CISO Technology

Amazon Sidewalk highlights network security visibility risks consumer services pose

CSO Magazine

AUGUST 17, 2021

New research from security firm Cato Networks has highlighted potential security risks surrounding the use of Amazon sidewalk and other consumer-grade services that connect to corporate networks due to a lack of visibility. Get the latest from CSO by signing up for our newsletters. ] To read this article in full, please click here

Consumer Services

Consumer Services Network Security Risk CSO

Unpatched Exchange Servers an overlooked risk

CSO Magazine

SEPTEMBER 1, 2021

Get the latest from CSO by signing up for our newsletters. ] To read this article in full, please click here Use of known/fixed/default passwords and credentials. Learn the must-have features in a modern network security architecture. |

CSO

CSO Risk Architecture Passwords

Insider risk management: Where your program resides shapes its focus

CSO Magazine

MAY 29, 2023

Today we call programs that help prevent or identify breaches of trust insider risk management (IRM). In 2019, a CSO article raised the question “ Insider risk management — who’s the boss ?” To read this article in full, please click here

Risk

Risk CSO Government

Chris Wysopal: Open source is becoming a national security risk

CSO Magazine

MAY 25, 2022

Chris Wysopal, founder and chief technology officer of application security company Veracode, sat down with CSO Senior Writer Lucian Constantin at a recent Security Summit to discuss just that. To read this article in full, please click here

CSO

CSO Risk Software Government

How attackers could exploit breached T-Mobile user data

CSO Magazine

AUGUST 23, 2021

The exposed details differed across different types of customers, so the level of risk users are exposed to varies. Related: The T-Mobile data breach: A timeline | Get the latest from CSO by signing up for our newsletters. ] Related: The T-Mobile data breach: A timeline | Get the latest from CSO by signing up for our newsletters. ]

Mobile

Mobile CSO Data breaches Phishing

Enterprises report rise in risk events, yet risk management lags

CSO Magazine

MAY 19, 2022

Enterprises around the world are being barraged by risk events, according to a report released Wednesday by Forrester. Risk events, incidents and disruptions have become so frequent that the increased level of risk is the “new normal,” Forrester reported. To read this article in full, please click here

Risk

Strategic risk analysis is key to ensure customer trust in product, customer-facing app security

CSO Magazine

APRIL 5, 2023

In many organizations they also focus on securing products and public-facing applications, and one way to do this well is through risk assessment. To read this article in full, please click here And you need to understand who your interested parties are, the stakes they've got in the game, and the security objectives.”

Risk

Risk CSO CISO Cybersecurity

Why you need a SaaS governance plan, and what should be in it

CSO Magazine

AUGUST 17, 2021

They must also consider a SaaS governance plan that implements security measures to reduce risk associated with their SaaS usage. That plan includes a combination of compliance frameworks, documentation/due diligence and technical measures for ongoing monitoring and risk reduction. To read this article in full, please click here

Government

Government CSO Risk

9 notable government cybersecurity initiatives of 2021

CSO Magazine

SEPTEMBER 2, 2021

“Government-led cybersecurity initiatives are critical to addressing cybersecurity issues such as destructive attacks, massive data breaches, poor security posture, and attacks on critical infrastructure,” Steve Turner, security and risk analyst at Forrester, tells CSO. To read this article in full, please click here

Government

Government Cybersecurity CSO Data breaches

4 lessons from recent Microsoft Azure cloud vulnerabilities

CSO Magazine

SEPTEMBER 29, 2021

Both are subject to similar risks and vulnerabilities, and the cloud can sometimes be more complicated than on-premises because of our unfamiliarity with deployment and patching. Get the latest from CSO by signing up for our newsletters. ]. Recent events have brought cloud risks into focus.

CSO

CSO Risk

Real-time is where the cybersecurity risk is

CSO Magazine

APRIL 5, 2022

I don’t know how many times I’ve heard cybersecurity professionals say something like, “Not having multi-factor authentication is a huge risk for our organization.” The real risk is the probability of a ransomware incident, for example, or the leak of personally identifiable information (PII) from a customer database.

Risk

Risk Cybersecurity Authentication Ransomware

Cyber insurance explained: What it covers and why prices continue to rise

CSO Magazine

DECEMBER 1, 2021

Cyber insurance, also referred to as cyber risk insurance or cyber liability insurance coverage (CLIC), is a policy with an insurance carrier to mitigate risk exposure by offsetting costs involved with damages and recovery after a cyber-related security breach or similar event. Cyber insurance definition.

Cyber Insurance

Cyber Insurance Insurance CSO Cyber Risk

11 cybersecurity buzzwords you should stop using right now

CSO Magazine

NOVEMBER 2, 2021

However, such terms are not always helpful and can be inaccurate, outdated, misleading, or even risk causing harm. Sign up for CSO newsletters. ]. Sign up for CSO newsletters. ]. To read this article in full, please click here Here are the 11 cybersecurity buzzwords and phrases that should be laid to rest in 2021.

Cybersecurity

Cybersecurity CSO Marketing Information Security

GAO report faults CIOs, OMB for slow adoption of cybersecurity recommendations

CSO Magazine

AUGUST 3, 2021

The US General Accountability Office (GAO) issued the 19-page report , “Cybersecurity and Information Technology: Federal Agencies need to Strengthen Efforts to Address High-Risk Areas” on July 29. Sign up for CSO newsletters. ]. To read this article in full, please click here

CSO

CSO Cybersecurity Government Accountability

Decline in ransomware claims could spark change for cyber insurance

CSO Magazine

OCTOBER 21, 2021

Learn the 7 keys to better risk assessment. | Get the latest from CSO by signing up for our newsletters. ]. To read this article in full, please click here Could such variations trigger changes in the cyber insurance market and, if so, how will they impact insurance carriers and organizations?

Cyber Insurance

Cyber Insurance Insurance Ransomware CSO

How Jefferson Health enhanced cybersecurity via its cloud transformation

CSO Magazine

AUGUST 16, 2021

Learn the 7 keys to better risk assessment. | Get the latest from CSO by signing up for our newsletters. ]. In fact, by putting cybersecurity at the fore of its cloud innovations, Odom believes the hospital has installed a more efficient, agile, and risk-focused security approach to protect is 34,000 employees.

Cybersecurity

Cybersecurity CSO Healthcare CISO

Cyber insurance explained and why you need it

CSO Magazine

DECEMBER 1, 2021

Cyber insurance, also referred to as cyber risk insurance or cyber liability insurance coverage (CLIC), is a policy with an insurance carrier to mitigate risk exposure by offsetting costs involved with damages and recovery after a cyber-related security breach or similar event. Cyber insurance definition.

Cyber Insurance

Cyber Insurance Insurance CSO Cyber Risk

Device identity: The overlooked insider threat

CSO Magazine

OCTOBER 5, 2021

Throughout National Insider Threat Awareness Month there has been no shortage of thoughts and ideas proffered on how to manage and mitigate insider risk that comes with having humans as part of the ecosystem. They are called upon to mitigate the risk and ameliorate the actions of the malevolent or careless employee.

CSO

CSO Risk

5 IT risk assessment frameworks compared

CSO Magazine

NOVEMBER 11, 2021

From a cybersecurity standpoint, organizations are operating in a high-risk world. The ability to assess and manage risk has perhaps never been more important. To read this article in full, please click here (Insider Story)

Risk

Risk Telecommunications CISO Data breaches

4 ways to keep the cybersecurity conversation going after the crisis has passed

CSO Magazine

MARCH 8, 2021

But nothing more than that.” [ Learn the 7 keys to better risk assessment. | Get the latest from CSO by signing up for our newsletters. ]. To read this article in full, please click here

CSO

CSO Cybersecurity CISO Healthcare

In-app browser security risks, and what to do about them

CSO Magazine

SEPTEMBER 6, 2022

In-app browsers can pose significant security risks to businesses, with their tendency to track data a primary concern. This was highlighted in recent research which examined how browsers within apps like Facebook, Instagram and TikTok can be a data privacy risk for iOS users. To read this article in full, please click here

Risk

Risk Data privacy Passwords

GAO calls out US government agencies: Get your supply chain security act together

CSO Magazine

JUNE 8, 2021

In December 2020, the US Government Accounting Office (GAO) made 145 recommendations to 23 federal agencies relating to supply chain risks. D’Souza, testified before Congress on supply chain risks. Get the latest from CSO by signing up for our newsletters. ]. Get the latest from CSO by signing up for our newsletters. ].

Government

Government CSO Risk Accountability

6 steps to getting risk acceptance right

CSO Magazine

MARCH 22, 2022

Cybersecurity and risk expert David Wilkinson has heard some executives put off discussions about risk acceptance, saying they don’t have any appetite or tolerance for risk. Yet there are indicators that many CISOs aren’t having productive conversations around risk acceptance. Otherwise, they’d be unable to function.

Risk

Risk CISO Cybersecurity

China theft of US agriculture sector trade secrets prompts government guidance

CSO Magazine

SEPTEMBER 2, 2021

The guide, quietly published in late July, is in essence a primer on how to create an insider risk/insider threat program. Sign up for CSO newsletters. ]. The 11-page publication touches on four areas: To read this article in full, please click here NCSC and CDSE insider threat program guidance.

CSO

CSO Government Risk Cybersecurity

Which countries are most (and least) at risk for cybercrime?

CSO Magazine

NOVEMBER 12, 2021

The risk of cybercrime is not spread equally across the globe. Cyberthreats differ widely, with internet users in some countries at much higher risk than those in nations that offer more security due to strong cybercrime legislation and widely implemented cybersecurity programs, according to fraud-detection software company SEON.

Cybercrime

Cybercrime Risk Internet Internet

Using the NIST Cybersecurity Framework to address organizational risk

CSO Magazine

JANUARY 25, 2022

The CSF came out of another EO, 13636, which is from 2013 and directed NIST to work with stakeholders to develop a voluntary framework for reducing risk to critical infrastructure. To read this article in full, please click here To read this article in full, please click here

Risk

Risk Cybersecurity Government

With AI RMF, NIST addresses artificial intelligence risks

CSO Magazine

APRIL 11, 2022

The National Institute of Standards and Technology (NIST) is developing a voluntary framework to better manage risks associated with AI called the Artificial Intelligence Risk Management Framework (AI RMF). To read this article in full, please click here

Artificial Intelligence

Artificial Intelligence Risk Technology Government

Proofpoint lawsuits underscore risk of employee offboarding

CSO Magazine

SEPTEMBER 6, 2021

is fraught with risk and requires as much (if not more) attention than who is coming in the door. To read this article in full, please click here The hiring entity often spends an inordinate amount of time on process and acclimation onboarding new employees. The unprepared are rolling the dice.

Risk

Three recent events prove the need for an insider risk playbook

CSO Magazine

JANUARY 18, 2022

Every company, regardless of size, should have an insider risk management playbook in place to address the insider threat. The human factor is always in play, mistakes will happen that inadvertently place the company at risk. To read this article in full, please click here

Risk

CISOs: Do you know what's in your company’s products?

CSO Magazine

AUGUST 5, 2021

The question COOs should be asking their CISO’s is: “How can I make my product and processes the most secure and operate within acceptable risk parameters for the company and our customers?” [ Learn the 5 key qualities of successful CISOs, and how to develop them and 7 security incidents that cost CISOs their jobs.

CISO

CISO CSO Information Security Risk

Top 10 open source software risks for 2023

CSO Magazine

MARCH 1, 2023

Known vulnerabilities, compromise of legitimate package, and name confusion attacks are expected to be among the top ten open source software risks in 2023, according to a report by Endor Labs. To read this article in full, please click here

Software

Software Risk

Basic flaws put pneumatic tube transport systems in hospitals at risk

CSO Magazine

AUGUST 2, 2021

Researchers have identified several high-risk vulnerabilities in a popular model of pneumatic tube systems (PTS) that are used by many hospitals to transport sensitive materials including lab specimens, blood products, tests and medications between different departments. To read this article in full, please click here

Risk

Risk Manufacturing Healthcare

Why are people so bad at risk assessment? Blame the brain

CSO Magazine

NOVEMBER 9, 2021

Yet, despite that, many organizations still underestimate the risk of a potential cybersecurity incident. To read this article in full, please click here (Insider Story)

Risk

Risk Data breaches Ransomware Cybersecurity

Secrets to building a healthy CISO-vendor partnership

CSO Magazine

MAY 3, 2022

Conversely, one that is problematic and incohesive can have the opposite effect, negatively impacting a company’s security practices and leaving them vulnerable to risks and wasted investment. To read this article in full, please click here

CISO

CISO CSO Cybersecurity Accountability

8 notable open-source security initiatives of 2022

CSO Magazine

SEPTEMBER 12, 2022

Vendors, tech firms, collectives and governments have contributed to helping raise the open-source security bar amid organizations’ increasing use of and reliance upon open-source resources, along with the complex security risks and challenges that come with it. To read this article in full, please click here

CSO

CSO Government Software Risk

The strong link between cyber threat intelligence and digital risk protection

CSO Magazine

APRIL 21, 2023

In fact, these changes have led to a CTI subcategory focused on digital risk protection. DRP is broadly defined as, “telemetry, analysis, processes, and technologies used to identify and mitigate risks associated with digital assets.” To read this article in full, please click here CISOs are investing here but challenges remain.

Cyber threats

Cyber threats Risk Digital transformation CISO

Critical flaw in AI testing framework MLflow can lead to server and data compromise

CSO Magazine

MARCH 24, 2023

"Basically, every organization that uses this tool is at risk of losing their AI models, having an internal server compromised, and having their AWS account compromised," Dan McInerney, a senior security engineer with cybersecurity startup Protect AI, told CSO. To read this article in full, please click here

CSO

CSO Authentication Engineering Internet

5 biggest risks of using third-party services providers

CSO Magazine

FEBRUARY 15, 2023

The use of third-party services can also come with significant—often unforeseen—risks. To read this article in full, please click here It’s often more efficient and less expensive to contract out work that would otherwise require significant effort and potentially drain in-house resources to those who can do it for you.

Risk

How and why deepfake videos work — and what is at risk

CSO Magazine

MARCH 18, 2021

Editor's note: This article, originally published in July, 2018, has been updated to more accurately reflect recent trends. To read this article in full, please click here Deepfake definition. Deepfakes are fake videos or audio recordings that look and sound just like the real thing.

Risk

Risk Software

5 strategies to manage cybersecurity risks in mergers and acquisitions

CSO Magazine

APRIL 3, 2023

Mergers and acquisitions (M&A) have the potential to introduce significant cybersecurity risks for organizations. To read this article in full, please click here

Risk

Risk Cybersecurity Technology

How to de-risk your digital ecosystem

CSO Magazine

FEBRUARY 28, 2023

Companies rightly see much promise for future revenues and productivity by building and participating in emerging digital ecosystems — but most have not given enough consideration to the risks and threats inherent in such ecosystems.

Risk

Risk Cyber threats Cybersecurity

Security teams report rise in cyber risk

CSO Global Intelligence Report: The State of Cybersecurity in 2021

Trending Sources

6 risk factors to know when hiring an MSSP

Amazon Sidewalk highlights network security visibility risks consumer services pose

Unpatched Exchange Servers an overlooked risk

Insider risk management: Where your program resides shapes its focus

Chris Wysopal: Open source is becoming a national security risk

How attackers could exploit breached T-Mobile user data

Enterprises report rise in risk events, yet risk management lags

Strategic risk analysis is key to ensure customer trust in product, customer-facing app security

Why you need a SaaS governance plan, and what should be in it

9 notable government cybersecurity initiatives of 2021

4 lessons from recent Microsoft Azure cloud vulnerabilities

Real-time is where the cybersecurity risk is

Cyber insurance explained: What it covers and why prices continue to rise

11 cybersecurity buzzwords you should stop using right now

GAO report faults CIOs, OMB for slow adoption of cybersecurity recommendations

Decline in ransomware claims could spark change for cyber insurance

How Jefferson Health enhanced cybersecurity via its cloud transformation

Cyber insurance explained and why you need it

Device identity: The overlooked insider threat

5 IT risk assessment frameworks compared

4 ways to keep the cybersecurity conversation going after the crisis has passed

In-app browser security risks, and what to do about them

GAO calls out US government agencies: Get your supply chain security act together

6 steps to getting risk acceptance right

China theft of US agriculture sector trade secrets prompts government guidance

Which countries are most (and least) at risk for cybercrime?

Using the NIST Cybersecurity Framework to address organizational risk

With AI RMF, NIST addresses artificial intelligence risks

Proofpoint lawsuits underscore risk of employee offboarding

Three recent events prove the need for an insider risk playbook

CISOs: Do you know what's in your company’s products?

Top 10 open source software risks for 2023

Basic flaws put pneumatic tube transport systems in hospitals at risk

Why are people so bad at risk assessment? Blame the brain

Secrets to building a healthy CISO-vendor partnership

8 notable open-source security initiatives of 2022

The strong link between cyber threat intelligence and digital risk protection

Critical flaw in AI testing framework MLflow can lead to server and data compromise

5 biggest risks of using third-party services providers

How and why deepfake videos work — and what is at risk

5 strategies to manage cybersecurity risks in mergers and acquisitions

How to de-risk your digital ecosystem

Stay Connected