Article, CSO and Risk - Cyber Security Informer

2022 CSO Hall of Fame honorees

CSO Magazine

MAY 31, 2022

The CSO Hall of Fame was created to spotlight outstanding leaders who have significantly contributed to the practice of information risk management and security. Selected by the editors of CSO, its advisors, and executives, the individuals bestowed with this award exemplify excellence in security leadership.

CSO

CSO CISO Risk

CSO Hall of Fame honorees

CSO Magazine

MAY 4, 2021

The CSO Hall of Fame was created to spotlight outstanding leaders who have significantly contributed to the practice of information risk management and security. Selected by the editors of CSO, its advisors, and executives, the individuals bestowed with this award exemplify excellence in security leadership.

CSO

CSO CISO Risk

Insider risk management: Where your program resides shapes its focus

CSO Magazine

MAY 29, 2023

Today we call programs that help prevent or identify breaches of trust insider risk management (IRM). In 2019, a CSO article raised the question “ Insider risk management — who’s the boss ?” To read this article in full, please click here

Risk

Risk CSO Government

Security teams report rise in cyber risk

CSO Magazine

AUGUST 18, 2021

If you are like 80% of respondents to the Trend Micro’s biannual Cyber Risk Index (CRI) report, you expect to experience a data breach that compromises customer data in the next 12 months. Learn the 7 keys to better risk assessment. | Get the latest from CSO by signing up for our newsletters. ].

Cyber Risk

Cyber Risk Risk CSO Data breaches

Strategic risk analysis is key to ensure customer trust in product, customer-facing app security

CSO Magazine

APRIL 5, 2023

In many organizations they also focus on securing products and public-facing applications, and one way to do this well is through risk assessment. To read this article in full, please click here And you need to understand who your interested parties are, the stakes they've got in the game, and the security objectives.”

Risk

Risk CSO CISO Cybersecurity

Amazon Sidewalk highlights network security visibility risks consumer services pose

CSO Magazine

AUGUST 17, 2021

New research from security firm Cato Networks has highlighted potential security risks surrounding the use of Amazon sidewalk and other consumer-grade services that connect to corporate networks due to a lack of visibility. Get the latest from CSO by signing up for our newsletters. ] To read this article in full, please click here

Consumer Services

Consumer Services Network Security Risk CSO

CSO Global Intelligence Report: The State of Cybersecurity in 2021

CSO Magazine

JULY 30, 2021

Any lingering indifference to cybersecurity risk has evaporated in the face of spiking ransomware attacks, software supply chain threats , and the challenges of securing remote workers. That’s the clear message of CSO’s Global Intelligence Report: The State of Cybersecurity in 2021, fielded via online survey in May and June of this year.

CSO

CSO Cybersecurity Ransomware Software

6 risk factors to know when hiring an MSSP

CSO Magazine

AUGUST 13, 2021

With enterprise adoption of managed security services gradually maturing, the rewards and risks of using these services have become a lot clearer for current and potential customers. Sign up for CSO newsletters. ]. To read this article in full, please click here Keep up with 8 hot cyber security trends (and 4 going cold).

Risk

Risk CSO CISO Technology

Unpatched Exchange Servers an overlooked risk

CSO Magazine

SEPTEMBER 1, 2021

Get the latest from CSO by signing up for our newsletters. ] To read this article in full, please click here Use of known/fixed/default passwords and credentials. Learn the must-have features in a modern network security architecture. |

CSO

CSO Risk Architecture Passwords

How Northfield Hospital uses AI to minimize risk from cyberattacks

CSO Magazine

MAY 16, 2023

And when you don't have automation to move that patient through your system and get them the care they need, that can increase the risk of mortality,” Vern Lougheed, Northfield Hospital’s security information officer, tells CSO. To read this article in full, please click here

Risk

Risk CSO Healthcare Cybersecurity

Chris Wysopal: Open source is becoming a national security risk

CSO Magazine

MAY 25, 2022

Chris Wysopal, founder and chief technology officer of application security company Veracode, sat down with CSO Senior Writer Lucian Constantin at a recent Security Summit to discuss just that. To read this article in full, please click here

CSO

CSO Risk Software Government

Enterprises report rise in risk events, yet risk management lags

CSO Magazine

MAY 19, 2022

Enterprises around the world are being barraged by risk events, according to a report released Wednesday by Forrester. Risk events, incidents and disruptions have become so frequent that the increased level of risk is the “new normal,” Forrester reported. To read this article in full, please click here

Risk

IT asset disposal is a security risk CISOs need to take seriously

CSO Magazine

JUNE 21, 2021

Lack of a program signals data may be at risk when equipment is recycled; presence of a program signals attention to data protection. Sign up for CSO newsletters. ]. . Sign up for CSO newsletters. ]. To read this article in full, please click here

CISO

CISO Risk CSO Accountability

UK government considers strengthening security rules for MSPs to address supply chain risks

CSO Magazine

MAY 18, 2021

Learn the 7 keys to better risk assessment. | Get the latest from CSO by signing up for our newsletters. ]. The framework sets out measures businesses should take, such as: To read this article in full, please click here

Risk

Risk CSO Government Cyber Risk

Top 10 open source software risks for 2023

CSO Magazine

MARCH 1, 2023

Known vulnerabilities, compromise of legitimate package, and name confusion attacks are expected to be among the top ten open source software risks in 2023, according to a report by Endor Labs. To read this article in full, please click here

Software

Software Risk

Why you need a SaaS governance plan, and what should be in it

CSO Magazine

AUGUST 17, 2021

They must also consider a SaaS governance plan that implements security measures to reduce risk associated with their SaaS usage. That plan includes a combination of compliance frameworks, documentation/due diligence and technical measures for ongoing monitoring and risk reduction. To read this article in full, please click here

Government

Government CSO Risk

Does Cyber Risk Quantification Work? | Avast

Security Boulevard

MARCH 31, 2022

Cyber strategist Pete Lindstrom maintained in an article on CSO that cybersecurity risk is constantly changing in a way analogous to the probability odds in a March Madness tournament. The post Does Cyber Risk Quantification Work? Avast appeared first on Security Boulevard.

Cyber Risk

Cyber Risk Risk CSO Cybersecurity

4 lessons from recent Microsoft Azure cloud vulnerabilities

CSO Magazine

SEPTEMBER 29, 2021

Both are subject to similar risks and vulnerabilities, and the cloud can sometimes be more complicated than on-premises because of our unfamiliarity with deployment and patching. Get the latest from CSO by signing up for our newsletters. ]. Recent events have brought cloud risks into focus.

CSO

CSO Risk

How to de-risk your digital ecosystem

CSO Magazine

FEBRUARY 28, 2023

Companies rightly see much promise for future revenues and productivity by building and participating in emerging digital ecosystems — but most have not given enough consideration to the risks and threats inherent in such ecosystems.

Risk

Risk Cyber threats Cybersecurity

Cyber insurance explained: What it covers and why prices continue to rise

CSO Magazine

DECEMBER 1, 2021

Cyber insurance, also referred to as cyber risk insurance or cyber liability insurance coverage (CLIC), is a policy with an insurance carrier to mitigate risk exposure by offsetting costs involved with damages and recovery after a cyber-related security breach or similar event. Cyber insurance definition.

Cyber Insurance

Cyber Insurance Insurance CSO Cyber Risk

Critical flaw in AI testing framework MLflow can lead to server and data compromise

CSO Magazine

MARCH 24, 2023

"Basically, every organization that uses this tool is at risk of losing their AI models, having an internal server compromised, and having their AWS account compromised," Dan McInerney, a senior security engineer with cybersecurity startup Protect AI, told CSO. To read this article in full, please click here

CSO

CSO Authentication Engineering Internet

Device identity: The overlooked insider threat

CSO Magazine

OCTOBER 5, 2021

Throughout National Insider Threat Awareness Month there has been no shortage of thoughts and ideas proffered on how to manage and mitigate insider risk that comes with having humans as part of the ecosystem. They are called upon to mitigate the risk and ameliorate the actions of the malevolent or careless employee.

CSO

CSO Risk

How attackers could exploit breached T-Mobile user data

CSO Magazine

AUGUST 23, 2021

The exposed details differed across different types of customers, so the level of risk users are exposed to varies. Related: The T-Mobile data breach: A timeline | Get the latest from CSO by signing up for our newsletters. ] Related: The T-Mobile data breach: A timeline | Get the latest from CSO by signing up for our newsletters. ]

Mobile

Mobile CSO Data breaches Phishing

Cyber insurance explained and why you need it

CSO Magazine

DECEMBER 1, 2021

Cyber insurance, also referred to as cyber risk insurance or cyber liability insurance coverage (CLIC), is a policy with an insurance carrier to mitigate risk exposure by offsetting costs involved with damages and recovery after a cyber-related security breach or similar event. Cyber insurance definition.

Cyber Insurance

Cyber Insurance Insurance CSO Cyber Risk

5 IT risk assessment frameworks compared

CSO Magazine

NOVEMBER 11, 2021

From a cybersecurity standpoint, organizations are operating in a high-risk world. The ability to assess and manage risk has perhaps never been more important. To read this article in full, please click here (Insider Story)

Risk

Risk Telecommunications CISO Data breaches

Real-time is where the cybersecurity risk is

CSO Magazine

APRIL 5, 2022

I don’t know how many times I’ve heard cybersecurity professionals say something like, “Not having multi-factor authentication is a huge risk for our organization.” The real risk is the probability of a ransomware incident, for example, or the leak of personally identifiable information (PII) from a customer database.

Risk

Risk Cybersecurity Authentication Ransomware

6 steps to getting risk acceptance right

CSO Magazine

MARCH 22, 2022

Cybersecurity and risk expert David Wilkinson has heard some executives put off discussions about risk acceptance, saying they don’t have any appetite or tolerance for risk. Yet there are indicators that many CISOs aren’t having productive conversations around risk acceptance. Otherwise, they’d be unable to function.

Risk

Risk CISO Cybersecurity

In-app browser security risks, and what to do about them

CSO Magazine

SEPTEMBER 6, 2022

In-app browsers can pose significant security risks to businesses, with their tendency to track data a primary concern. This was highlighted in recent research which examined how browsers within apps like Facebook, Instagram and TikTok can be a data privacy risk for iOS users. To read this article in full, please click here

Risk

Risk Data privacy Passwords

The strong link between cyber threat intelligence and digital risk protection

CSO Magazine

APRIL 21, 2023

In fact, these changes have led to a CTI subcategory focused on digital risk protection. DRP is broadly defined as, “telemetry, analysis, processes, and technologies used to identify and mitigate risks associated with digital assets.” To read this article in full, please click here CISOs are investing here but challenges remain.

Cyber threats

Cyber threats Risk Digital transformation CISO

Security Recruiter Directory

CSO Magazine

JANUARY 15, 2021

CSO's security recruiter directory is your one-stop shop. To read this article in full, please click here Looking for a qualified candidate or new job? Our goal is to provide the most complete recruiter resource available, but to do that we need your assistance.

CSO

CSO CISO Engineering Information Security

Decline in ransomware claims could spark change for cyber insurance

CSO Magazine

OCTOBER 21, 2021

Learn the 7 keys to better risk assessment. | Get the latest from CSO by signing up for our newsletters. ]. To read this article in full, please click here Could such variations trigger changes in the cyber insurance market and, if so, how will they impact insurance carriers and organizations?

Cyber Insurance

Cyber Insurance Insurance Ransomware CSO

9 notable government cybersecurity initiatives of 2021

CSO Magazine

SEPTEMBER 2, 2021

“Government-led cybersecurity initiatives are critical to addressing cybersecurity issues such as destructive attacks, massive data breaches, poor security posture, and attacks on critical infrastructure,” Steve Turner, security and risk analyst at Forrester, tells CSO. To read this article in full, please click here

Government

Government Cybersecurity CSO Data breaches

7 best practices for enterprise attack surface management

CSO Magazine

JUNE 22, 2021

More cloud computing solutions, remote and work-from-home systems and internet-connected devices increase risk from an expanded attack surface. Learn the 7 keys to better risk assessment. | Get the latest from CSO by signing up for our newsletters. ]. To read this article in full, please click here

CSO

CSO Internet Internet Risk

Cyber insurance explained and why you need it

CSO Magazine

DECEMBER 1, 2021

Cyber insurance, also referred to as cyber risk insurance or cyber liability insurance coverage (CLIC), is a policy with an insurance carrier to mitigate risk exposure by offsetting costs involved with damages and recovery after a cyber-related security breach or similar event. Cyber insurance definition.

Cyber Insurance

Cyber Insurance Insurance CSO Cyber Risk

5 strategies to manage cybersecurity risks in mergers and acquisitions

CSO Magazine

APRIL 3, 2023

Mergers and acquisitions (M&A) have the potential to introduce significant cybersecurity risks for organizations. To read this article in full, please click here

Risk

Risk Cybersecurity Technology

China theft of US agriculture sector trade secrets prompts government guidance

CSO Magazine

SEPTEMBER 2, 2021

The guide, quietly published in late July, is in essence a primer on how to create an insider risk/insider threat program. Sign up for CSO newsletters. ]. The 11-page publication touches on four areas: To read this article in full, please click here NCSC and CDSE insider threat program guidance.

CSO

CSO Government Risk Cybersecurity

11 cybersecurity buzzwords you should stop using right now

CSO Magazine

NOVEMBER 2, 2021

However, such terms are not always helpful and can be inaccurate, outdated, misleading, or even risk causing harm. Sign up for CSO newsletters. ]. Sign up for CSO newsletters. ]. To read this article in full, please click here Here are the 11 cybersecurity buzzwords and phrases that should be laid to rest in 2021.

Cybersecurity

Cybersecurity CSO Marketing Information Security

GAO calls out US government agencies: Get your supply chain security act together

CSO Magazine

JUNE 8, 2021

In December 2020, the US Government Accounting Office (GAO) made 145 recommendations to 23 federal agencies relating to supply chain risks. D’Souza, testified before Congress on supply chain risks. Get the latest from CSO by signing up for our newsletters. ]. Get the latest from CSO by signing up for our newsletters. ].

Government

Government CSO Risk Accountability

8 notable open-source security initiatives of 2022

CSO Magazine

SEPTEMBER 12, 2022

Vendors, tech firms, collectives and governments have contributed to helping raise the open-source security bar amid organizations’ increasing use of and reliance upon open-source resources, along with the complex security risks and challenges that come with it. To read this article in full, please click here

CSO

CSO Government Software Risk

Top risks and best practices for securely offboarding employees

CSO Magazine

APRIL 19, 2023

But the security risks posed by departing staff can be significant. Without secure off-boarding processes, organizations expose themselves to a variety of cybersecurity risks ranging from the innocuously accidental to the maliciously deliberate. To read this article in full, please click here

Risk

Risk CISO Cybersecurity

With AI RMF, NIST addresses artificial intelligence risks

CSO Magazine

APRIL 11, 2022

The National Institute of Standards and Technology (NIST) is developing a voluntary framework to better manage risks associated with AI called the Artificial Intelligence Risk Management Framework (AI RMF). To read this article in full, please click here

Artificial Intelligence

Artificial Intelligence Risk Technology Government

Misconfiguration and vulnerabilities biggest risks in cloud security: Report

CSO Magazine

FEBRUARY 1, 2023

The two biggest cloud security risks continue to be misconfigurations and vulnerabilities, which are being introduced in greater numbers through software supply chains, according to a report by Sysdig. To read this article in full, please click here

Risk

Risk Architecture Software

5 biggest risks of using third-party services providers

CSO Magazine

FEBRUARY 15, 2023

The use of third-party services can also come with significant—often unforeseen—risks. To read this article in full, please click here It’s often more efficient and less expensive to contract out work that would otherwise require significant effort and potentially drain in-house resources to those who can do it for you.

Risk

The hidden security risks in tech layoffs and how to mitigate them

CSO Magazine

MAY 1, 2023

“Very large organizations only need one poorly vetted and treated [employee] to inflict a lot of harm,” says Frank Price, CTO of CyberGRX, a company that helps organizations manage, monitor, and mitigate risk in their partner ecosystems. To read this article in full, please click here

Risk

Risk Engineering

2022 CSO Hall of Fame honorees

CSO Hall of Fame honorees

Trending Sources

Insider risk management: Where your program resides shapes its focus

Security teams report rise in cyber risk

Strategic risk analysis is key to ensure customer trust in product, customer-facing app security

Amazon Sidewalk highlights network security visibility risks consumer services pose

CSO Global Intelligence Report: The State of Cybersecurity in 2021

6 risk factors to know when hiring an MSSP

Unpatched Exchange Servers an overlooked risk

How Northfield Hospital uses AI to minimize risk from cyberattacks

Chris Wysopal: Open source is becoming a national security risk

Enterprises report rise in risk events, yet risk management lags

IT asset disposal is a security risk CISOs need to take seriously

UK government considers strengthening security rules for MSPs to address supply chain risks

Top 10 open source software risks for 2023

Why you need a SaaS governance plan, and what should be in it

Does Cyber Risk Quantification Work? | Avast

4 lessons from recent Microsoft Azure cloud vulnerabilities

How to de-risk your digital ecosystem

Cyber insurance explained: What it covers and why prices continue to rise

Critical flaw in AI testing framework MLflow can lead to server and data compromise

Device identity: The overlooked insider threat

How attackers could exploit breached T-Mobile user data

Cyber insurance explained and why you need it

5 IT risk assessment frameworks compared

Real-time is where the cybersecurity risk is

6 steps to getting risk acceptance right

In-app browser security risks, and what to do about them

The strong link between cyber threat intelligence and digital risk protection

Security Recruiter Directory

Decline in ransomware claims could spark change for cyber insurance

9 notable government cybersecurity initiatives of 2021

7 best practices for enterprise attack surface management

Cyber insurance explained and why you need it

5 strategies to manage cybersecurity risks in mergers and acquisitions

China theft of US agriculture sector trade secrets prompts government guidance

11 cybersecurity buzzwords you should stop using right now

GAO calls out US government agencies: Get your supply chain security act together

8 notable open-source security initiatives of 2022

Top risks and best practices for securely offboarding employees

With AI RMF, NIST addresses artificial intelligence risks

Misconfiguration and vulnerabilities biggest risks in cloud security: Report

5 biggest risks of using third-party services providers

The hidden security risks in tech layoffs and how to mitigate them

Stay Connected