CISO, Information Security and Network Security

On the Cybersecurity Jobs Shortage

Schneier on Security

SEPTEMBER 20, 2023

The numbers never made sense to me, and Ben Rothke has dug in and explained the reality : …there is not a shortage of security generalists, middle managers, and people who claim to be competent CISOs. Nor is there a shortage of thought leaders, advisors, or self-proclaimed cyber subject matter experts.

Cybersecurity

Cybersecurity CISO Engineering Architecture

Top 5 Key Takeaways 2021 CISO Survival Guide

Cisco Security

JANUARY 11, 2022

We spend a great deal of time working to understand the evolving nature of current and future security threats, while fostering mutually beneficial relationships with the people and organizations that seek to counter those threats. We conducted a survey of over 100 security professionals for their opinions on a wide range of topics.

CISO

CISO Information Security Network Security

Should the CISO Report to the CIO?

Cisco Security

JULY 1, 2021

The Chief Information Security Officer (CISO) is the organization’s senior executive in charge of the cybersecurity and the information technology risk management posture of the enterprise. federal government in particular, the CISO reports to the Chief Information Officer (CIO).

CISO

CISO Technology Risk Government

Top 9 Trends In Cybersecurity Careers for 2025

eSecurity Planet

OCTOBER 18, 2024

Security Administrator In addition to identifying vulnerabilities and, in general, enforcing the organization’s security posture, security administrators or managers also manage the security and/or information systems team. Network giant Cisco Systems Inc. Network giant Cisco Systems Inc.

Cybersecurity

Cybersecurity Artificial Intelligence Penetration Testing CISO

Years overdue, the profile of the CISO begins to rise as cyber grabs attention in boardrooms

SC Magazine

FEBRUARY 4, 2021

Executives from security company Kaspersky speak at a global partner conference about information security is a key business success factor – a reality that is starting to shine a brighter spotlight on security chiefs. Ian Gavan/Getty Images for Kaspersky Lab ). Our profile is certainly getting higher.

CISO

CISO Digital transformation Insurance Risk

Managing the great return: What CISOs should consider when reopening the office

SC Magazine

MARCH 24, 2021

“It will be interesting to know if security people are even in the conversations about how to bring people back to work. My guess is they’re probably not,” said Helen Patton, advisory CISO with Cisco’s Duo Security. “I I suspect that security people, as is historically the case, will be stuck in react mode.” .

CISO

CISO Technology Wireless Cybercrime

Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn

Krebs on Security

OCTOBER 20, 2022

In late September 2022, KrebsOnSecurity warned about the proliferation of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. A follow-up story on Oct. A follow-up story on Oct.

Accountability

Accountability Cryptocurrency Scams CISO

Water utility CISO offers tips to stay secure as IT and OT converge

SC Magazine

APRIL 26, 2021

Kristin Sanders, CISO for the Albuquerque Bernalillo County Water Utility Authority, revealed how New Mexico’s largest water and wastewater utility has been addressing the security challenge. The same philosophy applies to ABCWUA’s installation of its cloud-based enterprise network security software.

CISO

CISO IoT VPN InfoSec

New SEI CERT chief and first ever federal CISO: old cybersecurity models have ‘been overcome’

SC Magazine

APRIL 30, 2021

Gregory Touhill, former federal chief information security officer and deputy assistant Homeland Security secretary for cyber security operations, seen here at a House Foreign Affairs Committee hearing in 2015 in Washington, DC. chief information security officer. Photo by Mark Wilson/Getty Images).

CISO

CISO Cybersecurity Artificial Intelligence Government

Black Hat insights: How Sonrai Security uses graph analytics to visualize, mitigate cloud exposures

The Last Watchdog

JULY 29, 2021

The good news is that there is a very powerful, proven tool that can help companies decipher complex networking security relationships. With Black Hat USA 2021 just around the corner, I had a deep discussion about this with Eric Kedrosky, CISO and Director of Cloud Research at Sonrai Security.

Risk

Risk Cloud Migration Digital transformation Software

Firms with exposed IoT have a higher concentration of other security problems

SC Magazine

JANUARY 29, 2021

For example, companies with exposed IoT are more than 50% more likely to have email security issues, according to a new report and blog post from the Cyentia Institute and RiskRecon. But what does that correlation mean for chief information security officers? So, how can CISOs operationalize that kind of information?

IoT

IoT Internet Internet CISO

Can you Become Ransomware-Proof?

Security Boulevard

OCTOBER 25, 2021

Wouldn’t it be great if you had enough confidence in your information security program that if a criminal gang attacked you, you would be able to defend yourself, keep your business going and notify the appropriate legal authorities and any vendor partners that might be impacted? The post Can you Become Ransomware-Proof?

Ransomware

Ransomware Information Security Cyber Risk CISO

‘The people’ of cybersecurity are its greatest strength and weakness

SC Magazine

MAY 17, 2021

Senior security and IT leaders point to employees and their companies’ own supply chains as the source of constant risk of malicious and unintentional vulnerabilities, exacerbated by remote work and cloud-based environments. . Click here to download the full report, “Are people missing from your cybersecurity strategy?”

Cybersecurity

Cybersecurity Social Engineering Risk CISO

BSidesKC 2022 – Joshua Brown’s ‘So, You Want To Be A CISO…?’

Security Boulevard

NOVEMBER 15, 2022

The post BSidesKC 2022 – Joshua Brown’s ‘So, You Want To Be A CISO…?’ ’ appeared first on Security Boulevard. Our sincere thanks to [BSidesKC 2022][1] for publishing their [outstanding conference videos][2] on the organization's [YouTube][3] channel.

CISO

CISO Education Information Security Cybersecurity

BSidesSF 2022 – Tom Alcock’s, Caleb Sima’s, Fermin Serna’s, Jessica Ferguson’s ‘CISO Panel Discussion’

Security Boulevard

JULY 20, 2022

Our sincere thanks to Security BSides San Francisco for publishing their outstanding conference videos on the organization's YouTube channel. The post BSidesSF 2022 – Tom Alcock’s, Caleb Sima’s, Fermin Serna’s, Jessica Ferguson’s ‘CISO Panel Discussion’ appeared first on Security Boulevard.

CISO

CISO Education Information Security Cybersecurity

Security gaps in operational tech exposed with hacker attempt to poison Florida city water

SC Magazine

FEBRUARY 8, 2021

discussion… The key is how remote access can be implemented securely – with strong authentication mechanisms, access controls, auditing, and session recording.”. There is a justifiable reason for providing remote access,” agreed Mike Hamilton, president and chief information security officer at CI Security and former CISO of Seattle.

Internet

Internet Internet CISO Media

How to Tackle the Cybersecurity Careers Gap

Lenny Zeltser

MAY 11, 2023

Becoming a chief information security officer (CISO) might not make sense for everyone in the field, and that’s okay. How might a person with a network security background get into incident response? What awaits those who get tired of working in a security operations center (SOC)?

Cybersecurity

Cybersecurity Education CISO Information Security

As Internet-Connected Medical Devices Multiply, So Do Challenges

Cisco Security

JUNE 15, 2022

That doesn’t mean the risk is zero, noted Christos Sarris , a longtime information security analyst. He shared an anecdote in Cisco Secure’s recent e-book, “ Building Security Resilience ,” about finding malware on an intensive care unit device that compromised a pump used to deliver precise doses of medicine.

Internet

Internet Internet Manufacturing IoT

As SolarWinds spooks tech firms into rechecking code, some won’t like what they find

SC Magazine

JANUARY 29, 2021

. “Companies large and small alike are going back and looking through their environments and their processes,” said Jerry Davis, founder of risk management firm Gryphon X, LLC and former chief information security officer at NASA and the U.S. Department of Education. “No No one wants to be patient zero.”.

InfoSec

InfoSec CISO Media Software

Hackers Also Have Financial Reporting And Quotas :)

Security Boulevard

JUNE 18, 2022

In many cases, more significant than the amount spent on combined network security, cloud security, and artificial intelligence. The chief information security officer has multiple responsibilities to the organization, including security protection of all corporate assets and resources.

Hacking

Hacking CISO Cybersecurity Banking

Red Team vs Blue Team vs Purple Team: Differences Explained

eSecurity Planet

FEBRUARY 21, 2023

Blue team members might be led by a chief information security officer (CISO) or director of security operations, making this team the largest among the three. Blue teams consist of security analysts, network engineers and system administrators.

Social Engineering

Social Engineering Penetration Testing Engineering Risk

Common IT Security Roles and Responsibilities Explained

Spinone

JULY 29, 2020

To automate your job and remain time-efficient, you’ll probably need specialized software that helps you with app security assessment and whitelisting/blacklisting. Network Security Engineer As the name suggests, a network security engineer’s job is to protect corporate networks from data breaches, human error, or cyberattacks.

Penetration Testing

Penetration Testing CISO Engineering Software

Threat intel is a game changer, if only firms can figure out how to bake it into cyber programs

SC Magazine

FEBRUARY 1, 2021

Alyssa Miller, business information security officer at S&P Global Ratings, told SC Media that organizations who build out their programs from scratch tend to first stumble in two areas that underpin most threat intelligence programs: asset discovery and log management. “Any Starting from scratch.

Cyber threats

Cyber threats CISO Media Retail

IT Leaders Adopting Threat Intelligence, But Challenges Persist

Security Boulevard

NOVEMBER 15, 2022

While the majority of enterprise IT security managers rely on threat intelligence to reduce cybersecurity risk, many still lack the necessary skills and resources to carry out these initiatives fully, according to a Vulcan Cyber report on threat intelligence adoption trends and challenges.

Information Security

Information Security Risk Cybersecurity CISO

Identity and Access Management in the Remote Workforce

SecureWorld News

JUNE 23, 2020

I have spent a good majority of my career in accounting firms helping clients. I love this space because it's always changing and there's always something new to learn.".

Authentication

Authentication CISO Cybersecurity Accountability

My Story So Far and Your Own Career Journey

Lenny Zeltser

JUNE 7, 2024

Episode 2: Adaptation In the second episode, I share the unusual path I followed to my current role as a CISO, having undertaken a variety of positions in cybersecurity. System administration, network security, penetration testing, professional services, product management. It's been quite a journey!

Penetration Testing

Penetration Testing System Administration CISO Firewall

Cybersecurity Culture: How Princeton University's Security Team Created It

SecureWorld News

MAY 19, 2020

When David Sherry became Chief Information Security Officer at Princeton University, he says cybersecurity was done well. "I I don't want you to think security at Princeton was some sort of vast wasteland. In many ways, leading a security mission out of a university is like securing a city.

Cybersecurity

Cybersecurity CISO Risk Education

A roadmap for developing a secure enterprise cloud operating model

SC Magazine

JUNE 4, 2021

Network security: Includes Direct Connect (DC) private and public interfaces; DMZ, VPC, and VNet endpoints; transit gateways; load balancers; and DNS. Data Security: Encrypt data in transit and at rest, S3 bucket data (at rest), and EBS root volume and dynamo db. Raj Badhwar, chief information security officer, Voya Financial.

Penetration Testing

Penetration Testing Technology DNS CISO

The Biggest Lessons about Vulnerabilities at RSAC 2021

eSecurity Planet

MAY 28, 2021

Last week’s RSA Conference covered a litany of network security vulnerabilities, from developing more robust tokenization policies and to addressing UEFI-based attacks, and non-endpoint attack vectors. As of now, the information security industry is at the outset of implementing SBOM for software products.

Software

Software DNS Firmware VPN

How Smart Organizations Mitigate Cyber Risks in a World of Unknown Unknowns

CyberSecurity Insiders

JUNE 25, 2021

By Shay Siksik, VP Customer Operations and CISO, XM Cyber. Shay Siksik has been a cybersecurity evangelist for more than a decade, always with a passion for customer service, process improvement, and information security. There are things we know: 2 + 2 = 4, for example. We call this common knowledge.

Cyber Risk

Cyber Risk Risk Penetration Testing Cybersecurity

The secrets to start a cybersecurity career

Responsible Cyber

JULY 14, 2024

Key Responsibilities: Leading security operations center (SOC) Developing security strategies Managing incident response efforts Chief Information Security Officer (CISO): Serves as the top executive responsible for an organization’s information security strategy and implementation.

Cybersecurity

Cybersecurity Education Penetration Testing Engineering

How to Hire a Cybersecurity Professional

Spinone

OCTOBER 19, 2018

The average US salary for a cybersecurity specialist is currently $82,000 and salaries for top chief information security officers (CISOs) have reached as high as $420,000 , and are expected to continue to grow.

Cybersecurity

Cybersecurity Engineering CISO Architecture

Health care’s security challenges spurred by constrained resources, limited staffing

SC Magazine

JUNE 24, 2021

The following year, Ponemon research showed the majority of healthcare organizations find it difficult to recruit security staff, with nearly 50% reporting that they don’t have a chief information security officer on staff. Virtual CISOs are another option, and their use has been rapidly increasing in the health care space.

Healthcare

Healthcare CISO Marketing Cybersecurity

How to Create & Implement a Cloud Security Policy

eSecurity Planet

SEPTEMBER 16, 2024

This safeguards sensitive information while lowering the danger of illegal data exposure. Protect sensitive information: Secures essential corporate data from unauthorized access and breaches. Keeping sensitive information secure and confidential is a top priority. What Is the ISO 27001 Cloud Security Policy?

Risk

Risk Policy Compliance Encryption Technology

Best Cybersecurity and IT Outsourcing Options

eSecurity Planet

AUGUST 1, 2023

MSPs or managed IT service providers can absorb more of the IT department’s duties, from full outsourcing to focused IT services such as email, network management, cloud migration, or patch management.

Cybersecurity

Cybersecurity Cloud Migration Firewall Penetration Testing

How to Save Your Organization $9.05 Million with a Nominal Investment in Cybersecurity

CyberSecurity Insiders

SEPTEMBER 3, 2021

These kinds of stories are reported with so much frequency that data-rich companies – and the chief information security officers (CISOs) responsible for their IT network security – have resigned themselves to the certainty that they will become the target of a cybersecurity breach. or follow us on LinkedIn.

Cybersecurity

Cybersecurity Data breaches Technology Threat Detection

Running Robust Managed Detection and Response Services

Security Boulevard

OCTOBER 4, 2021

Information security practitioners have published a lot of articles around topics like how to build and run a security operations center (SOC) and specific SOC functions such as incident response and threat hunting. The post Running Robust Managed Detection and Response Services appeared first on Security Boulevard.

Information Security

Information Security CISO Risk Government

New SEC Cybersecurity Rules Could Affect Private Companies Too

eSecurity Planet

SEPTEMBER 23, 2022

Some of these organizations won’t even have a chief information officer (CIO) or chief information security officer (CISO) that participates in the executive suite and that would count as a participating manager.

Cybersecurity

Cybersecurity Risk Passwords Encryption

What is Vulnerability Scanning & How Does It Work?

eSecurity Planet

FEBRUARY 8, 2023

They are two different tools, each essential in their own way and critical for chief information security officers (CISOs) to keep their infrastructure safe. Despite their differences, both vulnerability scans and penetration tests are part of the wider vulnerability management framework or process.

Penetration Testing

Penetration Testing Software IoT Policy Compliance

External Attack Surface Management: How Focusing on Basics Improves Security

Security Boulevard

MAY 31, 2023

The task is now more challenging: According to a report by cyberinsurance provider Beazley, network attacks rose in the first quarter of 2023.

Cybersecurity

Cybersecurity Penetration Testing CISO Security Awareness

H&R Block seeks out open-source expertise to stock up on SOC talent

SC Magazine

MAY 13, 2021

On the flip side, just as security leaders should be scouring the open source community for talent, contributors to open source projects should be thinking about how they can use their unique skills to propel their careers forward, according to Bernard Brantley, the brand new chief information security officer at the aforementioned Corelight.

Engineering

Engineering Technology Media Data collection

How the New Remote Workforce Changes Data Security

SecureWorld News

MAY 29, 2020

Four expert panelists joined us to discuss data security through the lenses of insider threat, third-party risk, and remote work challenges on our series of SecureWorld Web Conferences for 90 minutes of Q&A. Who are the data security panelists? Jadee Hanson, CISO & CIO, Code42. Jake Bernstein, Esq. Arif Hameed, Sr.

Risk

Risk Technology Marketing Phishing

Cyber Security Awareness and Risk Management

Spinone

DECEMBER 26, 2018

Cyber threat management , being an advanced discipline, craves analytical attention and a commander’s strategic skills of information security executives to confront and overcome the multi-dimensional cyber threats.

Security Awareness

Security Awareness Risk Cyber threats Cyber Risk

On first-ever Identity Management Day, experts detail steps to a better IAM program

SC Magazine

APRIL 14, 2021

When we started our identity management journey… we were struggling with defining it,” admitted Greg McCarthy, chief information security officer with the city of Boston. “We Greg McCarthy, CISO of Boston. We wanted… a clear definition [so that] our users would understand what we’re doing.

Passwords

Passwords Architecture Password Management Government

On the Cybersecurity Jobs Shortage

Top 5 Key Takeaways 2021 CISO Survival Guide

Trending Sources

Should the CISO Report to the CIO?

Top 9 Trends In Cybersecurity Careers for 2025

Years overdue, the profile of the CISO begins to rise as cyber grabs attention in boardrooms

Managing the great return: What CISOs should consider when reopening the office

Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn

Water utility CISO offers tips to stay secure as IT and OT converge

New SEI CERT chief and first ever federal CISO: old cybersecurity models have ‘been overcome’

Black Hat insights: How Sonrai Security uses graph analytics to visualize, mitigate cloud exposures

Firms with exposed IoT have a higher concentration of other security problems

Can you Become Ransomware-Proof?

‘The people’ of cybersecurity are its greatest strength and weakness

BSidesKC 2022 – Joshua Brown’s ‘So, You Want To Be A CISO…?’

BSidesSF 2022 – Tom Alcock’s, Caleb Sima’s, Fermin Serna’s, Jessica Ferguson’s ‘CISO Panel Discussion’

Security gaps in operational tech exposed with hacker attempt to poison Florida city water

How to Tackle the Cybersecurity Careers Gap

As Internet-Connected Medical Devices Multiply, So Do Challenges

As SolarWinds spooks tech firms into rechecking code, some won’t like what they find

Hackers Also Have Financial Reporting And Quotas :)

Red Team vs Blue Team vs Purple Team: Differences Explained

Common IT Security Roles and Responsibilities Explained

Threat intel is a game changer, if only firms can figure out how to bake it into cyber programs

IT Leaders Adopting Threat Intelligence, But Challenges Persist

Identity and Access Management in the Remote Workforce

My Story So Far and Your Own Career Journey

Cybersecurity Culture: How Princeton University's Security Team Created It

A roadmap for developing a secure enterprise cloud operating model

The Biggest Lessons about Vulnerabilities at RSAC 2021

How Smart Organizations Mitigate Cyber Risks in a World of Unknown Unknowns

The secrets to start a cybersecurity career

How to Hire a Cybersecurity Professional

Health care’s security challenges spurred by constrained resources, limited staffing

How to Create & Implement a Cloud Security Policy

Best Cybersecurity and IT Outsourcing Options

How to Save Your Organization $9.05 Million with a Nominal Investment in Cybersecurity

Running Robust Managed Detection and Response Services

New SEC Cybersecurity Rules Could Affect Private Companies Too

What is Vulnerability Scanning & How Does It Work?

External Attack Surface Management: How Focusing on Basics Improves Security

H&R Block seeks out open-source expertise to stock up on SOC talent

How the New Remote Workforce Changes Data Security

Cyber Security Awareness and Risk Management

On first-ever Identity Management Day, experts detail steps to a better IAM program

Stay Connected