CISO, Government and Risk - Cyber Security Informer

CISOs in Australia Urged to Take a Closer Look at Data Breach Risks

Tech Republic Security

MAY 24, 2024

A leading cyber lawyer in Australia has warned CISOs and other IT leaders their organisations and careers could be at stake if they do not understand data risk and data governance practices.

CISO

CISO Data breaches Risk Government

Best Practices Q&A: Guidance about what directors need to hear from CISOs — from a board member

The Last Watchdog

APRIL 8, 2024

CISOs can sometimes be their own worst enemy, especially when it comes to communicating with the board of directors. She serves on the board of several technology companies and also happens to be steeped in cyber risk governance. LW: Why do so many CISOs still not get it that FUD and doom-and-gloom don’t work?

CISO

CISO Risk Cybersecurity Insurance

Insurance Firm Introduces Liability Coverage for CISOs

Security Boulevard

NOVEMBER 12, 2024

National insurance firm Crum and Forster is offering a professional liability program for CISOs who are facing growing regulatory pressures and sophisticate cyberattacks but often are not covered by their organizations' D&O policies. The post Insurance Firm Introduces Liability Coverage for CISOs appeared first on Security Boulevard.

Insurance

Insurance CISO Risk Government

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

Madhu Shashanka , Chief Data Scientist, Concentric AI Generative AI in 2025 will bring transformative opportunities but heightened cybersecurity risks, including data exposure, AI misuse, and novel threats like prompt injection attacks. Enterprises must secure AI agents, adopt proactive data governance, and deploy AI-based security platforms.

Risk

Risk Threat Detection Technology Phishing

Should the CISO Report to the CIO?

Cisco Security

JULY 1, 2021

The Chief Information Security Officer (CISO) is the organization’s senior executive in charge of the cybersecurity and the information technology risk management posture of the enterprise. federal government in particular, the CISO reports to the Chief Information Officer (CIO). In many organizations, and in the U.S.

CISO

CISO Technology Risk Government

From Compliance to Resilience: Cyber Governance as the Cornerstone of CISO Strategy

SecureWorld News

MAY 2, 2024

The role of a Chief Information Security Officer (CISO) is undeniably complex, yet incredibly rewarding. However, the challenges faced by CISOs are mounting, exacerbated by the evolving threat landscape and regulatory environment. These incidents underscore the critical importance of effective governance in cybersecurity programs.

CISO

CISO Government CSO Artificial Intelligence

How a CISO Values CCSP Training and Certification

CyberSecurity Insiders

AUGUST 11, 2021

Chief Information Security Officer (CISO) Luis Gonsalves, Head of Security for Portugal’s central bank, and founder of the Cloud Security Alliance’s Portugal Chapter, says Certified Cloud Security Professional (CCSP) stands out from other technical certifications. That’s the real differentiator ,” he says. Read the Full Article.

CISO

CISO Data privacy Banking Risk

GUEST ESSAY: 5 tips for ‘de-risking’ work scenarios that require accessing personal data

The Last Watchdog

JANUARY 10, 2022

Related: The dangers of normalizing encryption for government use. It’s possible to de-risk work scenarios involving personal data by carrying out a classic risk assessment of an organization’s internal and external infrastructure. This de-risks personal data that does not fit in a separate security contour. Encryption.

Risk

Risk Encryption Data privacy CISO

NEW TECH: CASBs continue evolving to help CISOs address multiplying ‘cloud-mobile’ risks

The Last Watchdog

APRIL 29, 2020

Some CISOs, at first, were reserved and said, ‘We’re not moving to the cloud.’ Nasser: It’s one of two things, when the legal department comes in, or the government comes in, and there’s a conversation around regulation and privacy. So if you’re a Microsoft shop, you’re on an Office 365 and a Windows 10 migration path.

Mobile

Mobile CISO Risk Cloud Migration

Federal Contractor Cybersecurity Vulnerability Reduction Act Passes in U.S. House

SecureWorld News

MARCH 6, 2025

government. This means that thousands of government contractors will soon be required to implement structured processes for identifying, reporting, and mitigating vulnerabilities, aligning them with U.S. government and among the many contractors and vendors that support federal agencies."

Cybersecurity

Cybersecurity Government Marketing Cyber threats

Top skill-building resources and advice for CISOs

CSO Magazine

OCTOBER 17, 2022

The role of the CISO has evolved, and so have the responsibilities. Some believe a CISO must have technical knowledge and experience as a cybersecurity professional, others think leadership skills such as being able to communicate with boards are what matters most. To read this article in full, please click here

CISO

CISO Telecommunications Insurance Government

Secure Communications: Relevant or a Nice to Have?

Jane Frankland

FEBRUARY 7, 2025

But as a CISO or cyber risk owner, it’s not just about locking down sensitive informationits about doing it without slowing down your people. It encompasses everything from ensuring the confidentiality and integrity of information to reducing risks, maintaining compliance, and building trust with customers.

Cyber Risk

Cyber Risk CISO Risk Encryption

Cybersecurity Insights with Contrast CISO David Lindner | 03/14/25

Security Boulevard

MARCH 14, 2025

1 We are frogs, falling asleep in security-debt stew Companies are drowning in high-risk software security debt , with critical vulnerabilities festering for an average of 252 days before theyre fixed long enough to turn your tech stack into a hackers swamp. Insight No. The choice is clear: Evolve to ADR or get left behind in the wreckage.

CISO

CISO Cybersecurity Software Risk

Today’s CISO Insights – How to Tackle the Quantum Threat

CyberSecurity Insiders

MAY 3, 2023

This is why CISOs everywhere should be concerned. Government secrets: Classified information, military secrets, or other sensitive government information that can be used for espionage. CISOs should begin to familiarize themselves with these and evaluate their potential suitability for adoption.

CISO

CISO Identity Theft Encryption Social Engineering

GUEST ESSAY: Why the arrests of cyber criminals in 2021 will incentize attackers in 2022

The Last Watchdog

DECEMBER 16, 2021

REvil and BlackMatter are not “shutting down” due to external pressure from the government and law enforcement agencies. After all, a malicious actor only needs a few minutes of time with a privileged account to take over the entire directory, and there are volumes of exploitable identity risks at every organization.

CISO

CISO Ransomware Risk Authentication

News alert: One Identity wins 2024 Cyber Defense Award: Hot Company – PAM category

The Last Watchdog

DECEMBER 5, 2024

One Identity embodies three major features we judges look for with the potential to become winners: understanding tomorrows threats today, providing a cost-effective solution and innovating in unexpected ways that can help mitigate cyber risk and get one step ahead of the next breach, said Gary S. Ackerman Jr.

InfoSec

InfoSec Cyber Risk CISO Cybersecurity

Sisense Hacked: CISA Warns Customers at Risk

Security Boulevard

APRIL 12, 2024

Government says victims include the “critical infrastructure sector.” The post Sisense Hacked: CISA Warns Customers at Risk appeared first on Security Boulevard. A hard-coded credential catastrophe: The analytics firm kept big companies’ secrets in an insecure AWS bucket.

Risk

Risk Hacking Government Digital transformation

Ghost Ransomware a Persistent Global Threat to Critical Infrastructure

SecureWorld News

FEBRUARY 20, 2025

The FBI, CISA, and MS-ISAC have issued a joint cybersecurity advisory warning organizations about Ghost (Cring) ransomware, a sophisticated cyber threat that has been compromising critical infrastructure, businesses, and government entities worldwide. Stolen credentials remain the top breach factor, responsible for 24% of incidents in 2024.

Ransomware

Ransomware IoT Encryption Social Engineering

SEC Fines Four Companies $7M for Misleading Cybersecurity Disclosures

SecureWorld News

OCTOBER 23, 2024

The SEC charged the companies with "materially misleading disclosures regarding cybersecurity risks and intrusions." which received the largest fine of $4 million, inaccurately described its cybersecurity risks as hypothetical in its SEC filings despite being aware of two significant breaches related to SolarWinds. Unisys Corp.,

Cybersecurity

Cybersecurity Risk Hacking Software

You've Made the Ascent to CISO. Now What?

SecureWorld News

JANUARY 3, 2025

And now, you finally got that call, to be a CISO at an organization. Can you balance the needs of the business, versus the risks they face? Before diving into security strategies, CISOs need to invest time in understanding the organization's culture, strategic roadmaps, operational dynamics, industry, and so forth.

CISO

CISO Risk Technology Cybersecurity

Introducing our new CISO Advisor, Pam Lindemeon

Cisco Security

AUGUST 3, 2021

I’m delighted to announce the latest member of our growing CISO Advisor team, Pam Lindemeon. Pam is an exceptional leader; dedicated to advancing women in the IT industry, and I’m so glad she’s now joined Cisco to work closely with our community of CISOs and offer advice and guidance based on her incredible experience. Pam Lindemeon.

CISO

CISO Technology Information Security Cybersecurity

Different Types of CISOs, Diverse Missions

Security Boulevard

NOVEMBER 30, 2023

There are a range of distinct roles/missions that hold the CISO title. The post Different Types of CISOs, Diverse Missions appeared first on Security Boulevard. Their ultimate goals are similar, but how they are positioned to do that varies.

CISO

CISO Security Awareness Risk Government

First American Financial Pays Farcical $500K Fine

Krebs on Security

JUNE 18, 2021

Under First American’s documented vulnerability remediation policies, the data leak was classified as a security weakness with a “level 3” severity, which placed it in the “medium risk” category and required remediation within 45 days. “The [employee] did not request a waiver or risk acceptance from the CISO.”

Insurance

Insurance Risk Financial Services CISO

What the Charges Against the SolarWinds CISO Mean for Security in 2024

Security Boulevard

JANUARY 29, 2024

The indictment of the SolarWinds CISO by the SEC served as a harsh wake-up call to the corporate world. The post What the Charges Against the SolarWinds CISO Mean for Security in 2024 appeared first on Security Boulevard.

CISO

CISO Security Awareness Risk Government

Is fighting cybercrime a losing battle for today’s CISO?

CyberSecurity Insiders

JANUARY 12, 2022

In this blog, we’ll look at the root causes of concern for today's CISO and share some practical strategies to deter cybercriminals. The CISO role can be an unenviable one. Is the cyber deck stacked against today's CISO? If you own the risks, who owns the elimination? ' is usually swift.

CISO

CISO Cybercrime Risk Healthcare

Federal Judge Dismisses Most of SEC Claims Against SolarWinds, CISO

SecureWorld News

JULY 30, 2024

and its Chief CISO, Timothy G. government agencies and Fortune 500 companies. The SEC accused SolarWinds of failing to adequately disclose cybersecurity risks and vulnerabilities, which allegedly misled investors about the company's security posture and internal controls.

CISO

CISO Risk Cybersecurity Accountability

Cross-post: Office of the CISO 2024 Year in Review: AI Trust and Security

Anton on Security

JANUARY 28, 2025

Mitigating these risks requires robust security protocols including prompt sanitization, data governance policies, access controls, output filtering, data source vetting, and continuous monitoring, coupled with responsible AI practices such as data curation, model stress-testing, and customer safetytools.

CISO

CISO Risk Government Artificial Intelligence

Former Uber CISO Conviction Affirmed by Trial Court

Security Boulevard

JANUARY 19, 2023

On January 11, 2023, presiding United States District Judge William Orrick in San Francisco denied the motion of Joe Sullivan, the former CISO of Uber, for a judgment of acquittal. The post Former Uber CISO Conviction Affirmed by Trial Court appeared first on Security Boulevard.

CISO

CISO Data breaches Risk Government

Cybersecurity Infrastructure Investment Crashes and Burns Without Governance

Security Boulevard

MARCH 28, 2024

Just like pilot awareness is crucial during unexpected aviation events, cybersecurity's traditional focus on infrastructure needs to shift to more adept governance. The post Cybersecurity Infrastructure Investment Crashes and Burns Without Governance appeared first on Security Boulevard.

Government

Government Cybersecurity CISO Security Awareness

Healthcare Now Third-Most Targeted Industry for Ransomware

SecureWorld News

NOVEMBER 14, 2024

Significant Financial and Operational Costs: Healthcare providers, faced with potential HIPAA fines and the risk of service interruptions, may feel pressured to pay ransom demands. This stolen data is often exposed on both the clear and dark web, heightening risks of identity theft and further perpetuating cybercrime. Louis, Missouri.

Healthcare

Healthcare Ransomware Identity Theft Data breaches

Charges Against CISOs Create Worries, Hope in Security Industry: Survey

Security Boulevard

DECEMBER 12, 2024

A survey of IT security pros by cybersecurity firm BlackFog found that 70% of them said federal cases like that against SolarWinds' CISO hurt their opinion about the position, but some said they expected the boards of directors would take the issues of security more seriously.

CISO

CISO Cybersecurity Risk Government

The CISO’s Midset for 2025: Outcomes, Automation, and Leadership

Lenny Zeltser

FEBRUARY 10, 2025

As the year 2025 rushes forward, the responsibilities of CISOs are continuing to evolve. We increasingly recognize the importance of not just identifying risks but actively addressing them through direct action and influence. The year will continue to shape the CISO role into an exciting combination of leadership and tech expertise.

CISO

CISO Technology Risk Data breaches

International Association of Chiefs of Police (IACP) Appoints CyberSecurity Expert Witness Joseph Steinberg To Computer Crime & Digital Evidence Committee

Joseph Steinberg

DECEMBER 11, 2023

For more information please visit [link] About Joseph Steinberg Joseph Steinberg serves as a cybersecurity-focused expert witness, board member, and advisor to businesses and governments around the world. Analysts have calculated that he is among the top three cybersecurity influencers worldwide. patent filings.

Cybersecurity

Cybersecurity Artificial Intelligence CISO Technology

GUEST ESSAY: 5 steps all SMBs should take to minimize IAM exposures in the current enviroment

The Last Watchdog

FEBRUARY 14, 2022

Which topics should CEOs, CIOs and CISOs have on their radar when it comes to Identity and Access Management ( IAM ) and cyber security risks in 2022? Automating these processes with the help of Identity Governance and Administration ( IGA ) tools should be a top priority for your IT department. Reduce manual processes.

CISO

CISO Social Engineering Authentication Risk

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

The Last Watchdog

APRIL 13, 2022

These Russian cyber actors are government organizations and include other parties who take their orders from the Russian military or intelligence organizations – while not technically under government control. Cybersecurity and Infrastructure Security Agency (CISA) has started a campaign to increase awareness of these risks to U.S.

Cybersecurity

Cybersecurity Cybercrime Education Government

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

SecureWorld News

JULY 31, 2023

Sam Masiello , CISO, The Anschutz Corporation: "I would expect that many CISOs today are feeling as if their job just got harder and now has a brighter spotlight shining specifically on them. Many CISOs are already burnt out, and there is shortage of qualified CISOs globally. CISOs are expected to be a unicorn already.

CISO

CISO InfoSec Risk Cybersecurity

Prosecutors Argue for 15 Months in Jail for Uber CISO

Security Boulevard

MAY 3, 2023

In a sentencing memorandum filed with a San Francisco federal court on April 27, 2023, prosecutors argued that Joe Sullivan—the former CISO of Uber and a former federal computer crimes prosecutor himself (with the same office)—should serve 15 months in federal prison for his role in the ride-sharing company’s concealment of a data breach.

CISO

CISO Data breaches Risk Government

Four Steps to Cutting Cybersecurity Budgets Without Increasing Risk

Security Boulevard

JULY 12, 2023

Here's how CISOs can look at cybersecurity through a capital efficiency lens without unacceptably growing risk—to the organization and their own jobs. The post Four Steps to Cutting Cybersecurity Budgets Without Increasing Risk appeared first on Security Boulevard.

Risk

Risk Cybersecurity CISO Government

The Unseen Threats: Anticipating Cybersecurity Risks in 2024

Security Boulevard

JANUARY 18, 2024

Cybersecurity risks increase every year and bludgeon victims who fail to prepare properly. For those interested in a better understanding of the oncoming risks, this is the information you are looking for. It can feel like crossing a major highway while blindfolded. Many never see the catastrophe about to happen, until it occurs.

Risk

Risk Cybersecurity CISO Technology

The Goals of Cyber Public Health

Adam Shostack

JANUARY 2, 2025

Shareholder suits over governance? doing the INCREDIBLY hard work of hitting the balanced fulcrum in the middle and build a risk-enhanced business case. And this is why in my presentation to the National Academies Hard Problems group, I suggested working with US Government agencies. Is it avoiding breaches? Breach reporting?

Government

Government CISO Advertising Engineering

3 Percent ($30B) of U.S. Military Funding Dedicated to Cybersecurity

SecureWorld News

JANUARY 9, 2025

government than anything else," said Staynings. The security of the supply chain is the open back door to security today, and we haven't even begun to understand the true risks involved or the backdoors to our networks." government (and many other national governments) have determined ransomware to be a form of terrorism.

Cybersecurity

Cybersecurity Manufacturing Surveillance Ransomware

It’s a Hard Time to Be a CISO. Transformational Leadership is More Important Than Ever.

Security Boulevard

JUNE 21, 2024

Modern chief information security officers (CISOs) are navigating tough circumstances due to complex challenges and heightened regulatory pressures. The post It’s a Hard Time to Be a CISO. Transformational Leadership is More Important Than Ever. appeared first on Security Boulevard.

CISO

CISO Information Security Risk Government

MOVEit Attack Strikes US and State Governments

Security Boulevard

JUNE 16, 2023

agencies and a spate of state government organizations and educational institutions. The post MOVEit Attack Strikes US and State Governments appeared first on Security Boulevard. A global attack campaign fueled by a vulnerability in MOVEit Transfer, a popular file transfer application, has now struck the U.S.

Government

Government Education CISO Risk

Three Risk Mitigation Strategies to Address the Latest Data Security Threats

CyberSecurity Insiders

JUNE 7, 2023

By Dannie Combs , Senior Vice President and CISO, Donnelley Financial Solutions (DFIN) As security threats to data continue to ebb and flow (mostly flow!), Here are three risk mitigation imperatives that can help organizations get a better handle on these latest risks and threats.

Risk

Risk Artificial Intelligence Technology Digital transformation

CISOs in Australia Urged to Take a Closer Look at Data Breach Risks

Best Practices Q&A: Guidance about what directors need to hear from CISOs — from a board member

Trending Sources

Insurance Firm Introduces Liability Coverage for CISOs

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

Should the CISO Report to the CIO?

From Compliance to Resilience: Cyber Governance as the Cornerstone of CISO Strategy

How a CISO Values CCSP Training and Certification

GUEST ESSAY: 5 tips for ‘de-risking’ work scenarios that require accessing personal data

NEW TECH: CASBs continue evolving to help CISOs address multiplying ‘cloud-mobile’ risks

Federal Contractor Cybersecurity Vulnerability Reduction Act Passes in U.S. House

Top skill-building resources and advice for CISOs

Secure Communications: Relevant or a Nice to Have?

Cybersecurity Insights with Contrast CISO David Lindner | 03/14/25

Today’s CISO Insights – How to Tackle the Quantum Threat

GUEST ESSAY: Why the arrests of cyber criminals in 2021 will incentize attackers in 2022

News alert: One Identity wins 2024 Cyber Defense Award: Hot Company – PAM category

Sisense Hacked: CISA Warns Customers at Risk

Ghost Ransomware a Persistent Global Threat to Critical Infrastructure

SEC Fines Four Companies $7M for Misleading Cybersecurity Disclosures

You've Made the Ascent to CISO. Now What?

Introducing our new CISO Advisor, Pam Lindemeon

Different Types of CISOs, Diverse Missions

First American Financial Pays Farcical $500K Fine

What the Charges Against the SolarWinds CISO Mean for Security in 2024

Is fighting cybercrime a losing battle for today’s CISO?

Federal Judge Dismisses Most of SEC Claims Against SolarWinds, CISO

Cross-post: Office of the CISO 2024 Year in Review: AI Trust and Security

Former Uber CISO Conviction Affirmed by Trial Court

Cybersecurity Infrastructure Investment Crashes and Burns Without Governance

Healthcare Now Third-Most Targeted Industry for Ransomware

Charges Against CISOs Create Worries, Hope in Security Industry: Survey

The CISO’s Midset for 2025: Outcomes, Automation, and Leadership

International Association of Chiefs of Police (IACP) Appoints CyberSecurity Expert Witness Joseph Steinberg To Computer Crime & Digital Evidence Committee

GUEST ESSAY: 5 steps all SMBs should take to minimize IAM exposures in the current enviroment

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

Prosecutors Argue for 15 Months in Jail for Uber CISO

Four Steps to Cutting Cybersecurity Budgets Without Increasing Risk

The Unseen Threats: Anticipating Cybersecurity Risks in 2024

The Goals of Cyber Public Health

3 Percent ($30B) of U.S. Military Funding Dedicated to Cybersecurity

It’s a Hard Time to Be a CISO. Transformational Leadership is More Important Than Ever.

MOVEit Attack Strikes US and State Governments

Three Risk Mitigation Strategies to Address the Latest Data Security Threats

Stay Connected