CISO, InfoSec and Risk - Cyber Security Informer

Assessing Third-Party InfoSec Risk Management

Security Boulevard

JUNE 14, 2023

Information security (InfoSec) risk management with third parties, including outsourcing, requires persistence and consistency due to the primary business risk it presents. The post Assessing Third-Party InfoSec Risk Management appeared first on Security Boulevard.

InfoSec

InfoSec Risk Information Security CISO

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

SecureWorld News

JULY 31, 2023

Cybersecurity professionals have various views on last week's news from the United States Securities and Exchange Commission (SEC) when it surprised the InfoSec community and the C-suites of corporate America. Many CISOs are already burnt out, and there is shortage of qualified CISOs globally.

CISO

CISO InfoSec Risk Cybersecurity

2023 Will Be The Year of Risk: 8 InfoSec Predictions for the New Year

Security Boulevard

DECEMBER 29, 2022

The post 2023 Will Be The Year of Risk: 8 InfoSec Predictions for the New Year appeared first on Hyperproof. The post 2023 Will Be The Year of Risk: 8 InfoSec Predictions for the New Year appeared first on Security Boulevard.

InfoSec

InfoSec Risk Cyber Attacks CISO

CISO Liability Risk and Jail Time, (ISC)2 Bylaw Vote and the Value of Cybersecurity Certifications

Security Boulevard

OCTOBER 30, 2022

Rafal Los, host of the popular Down the Security Rabbithole Podcast, joins us to discuss CISO liability risk and the ongoing discussion in the cybersecurity community about CISOs going to jail.

CISO

CISO Risk Cybersecurity Data privacy

Why Predator is the ultimate CISO movie

Javvad Malik

OCTOBER 29, 2020

I was reminded of this by Phil Cracknell who posted on linkedin that in his opinion the Kevin Costner, Whitney Houston classic, Bodyguard was the best infosec movie. The movie starts on the outskirts of a jungle and the CISO (Arnie) with his team land in their helicopters. Don’t believe me? Well read on.

CISO

CISO InfoSec Banking Technology

CISO Stories Podcast: No Insider Cybersecurity Risk? Guess Again!

Security Boulevard

JUNE 9, 2021

The post CISO Stories Podcast: No Insider Cybersecurity Risk? What happens when an employee decides to leave the organization and start their own business – but with your Intellectual property or customer lists? . Guess Again! appeared first on Security Boulevard.

CISO

CISO Risk Cybersecurity Security Awareness

Hacking It as a CISO: Advice for Security Leadership

Dark Reading

AUGUST 10, 2020

A security leader shares tips for adopting a CISO mindset, creating risk management strategies, and "selling infosec" to IT and executives.

CISO

CISO InfoSec Hacking Risk

InfoSec Leaders Share in Podcast Interview at SecureWorld Philadelphia

SecureWorld News

APRIL 28, 2023

One of the notable sessions at the SecureWorld Philadelphia conference, April 19-20, was a podcast recording featuring three prominent Philadelphia area cybersecurity experts, in a session titled, "CISOs Riff on the Latest in Cybersecurity. Glanden serves up the specialty cocktail of the day, the "CISO."

InfoSec

InfoSec CISO Ransomware Information Security

Hi-5 With A CISO Mário Fernandes, Banco BPI

Security Boulevard

MAY 30, 2021

CybeReady’s Hi-5 brings together InfoSec leaders for peer-to-peer sharing via five short questions and insights. The post Hi-5 With A CISO Mário Fernandes, Banco BPI appeared first on CybeReady. The post Hi-5 With A CISO Mário Fernandes, Banco BPI appeared first on Security Boulevard.

CISO

CISO InfoSec Banking Cybersecurity

Battling Burnout: A Growing Concern for CISOs and Security Professionals

SecureWorld News

JUNE 20, 2024

As defenders of digital assets, Chief Information Security Officers (CISOs) and cybersecurity professionals face immense pressure, often leading to burnout. Key findings from the report include: 90% of CISOs are concerned about stress, fatigue, or burnout affecting their team's well-being.

CISO

CISO Cybersecurity Technology Digital transformation

Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchison

The Security Ledger

OCTOBER 7, 2021

Pondurance CISO Dustin Hutchison joins me to talk about how companies can operationalize MDR within their environment. The post Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchison appeared first on The Security Ledger with Paul F. Dustin Hutchison is CISO at Pondurance. Click the icon below to listen.

CISO

CISO InfoSec Backups Ransomware

Why CISOs Are Joining 'The Great Resignation'

SecureWorld News

DECEMBER 8, 2022

We hear it all the time: there are not enough people to fill all the cybersecurity roles (including CISOs) that are currently available, not to mention the openings expected in the coming months and years. Being a CISO sometimes serves as the catalyst to finding a new career path.". People want: Work-life balance.

CISO

CISO Cyber Risk Cybersecurity Accountability

Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchinson

The Security Ledger

OCTOBER 7, 2021

Pondurance CISO Dustin Hutchison joins me to talk about how companies can operationalize MDR within their environment. The post Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchinson appeared first on The Security Ledger with Paul F. Dustin Hutchinson is CISO at Pondurance. Click the icon below to listen.

CISO

CISO InfoSec Backups Ransomware

CISO Challenge: Check Your Cybersecurity Skills On This New Competition Site

The Hacker News

MAY 6, 2021

InfoSec leaders tend to be a specific type. Their jobs require them to think of possible threats, take actions that may not pay immediate results, plan for unknown security risks, and react quickly when emergencies arise, often before the morning's first coffee.

CISO

CISO InfoSec Cybersecurity Risk

InfoSec Reviews in Project Management Workflows

Security Boulevard

FEBRUARY 8, 2021

The post InfoSec Reviews in Project Management Workflows appeared first on Security Boulevard. I agree – this is very important. But there’s one topic that does not get.

InfoSec

InfoSec Information Security Software CISO

Episode 209: Fortinet’s Renee Tarun on Scaling InfoSec To Meet Tomorrow’s Challenges

The Security Ledger

APRIL 2, 2021

The information security industry needs both better tools to fight adversaries, and more people to do the fighting, says Fortinet Deputy CISO Renee Tarun in this interview with The Security Ledger Podcast’s Paul Roberts. The post Episode 209: Fortinet’s Renee Tarun on Scaling InfoSec To Meet Tomorrow’s Challenges appeared first on The.

InfoSec

InfoSec CISO Information Security Cyber Risk

CISO workshop slides

Notice Bored

AUGUST 5, 2022

Generally, though, the risk management and security arrangements quietly support and enable the business from the inside, as it were, rather than being exposed externally - unless they fail anyway! A glossy, nicely-constructed and detailed PowerPoint slide deck by Microsoft Security caught my beady this morning.

CISO

CISO Risk Artificial Intelligence Marketing

Hi-5 With A CISO Piotr Stecz, Adamed Pharma

Security Boulevard

JUNE 22, 2021

CybeReady’s Hi-5 brings together InfoSec leaders for peer-to-peer sharing via five short questions and insights. The post Hi-5 With A CISO Piotr Stecz, Adamed Pharma appeared first on CybeReady. The post Hi-5 With A CISO Piotr Stecz, Adamed Pharma appeared first on CybeReady.

CISO

CISO InfoSec Phishing Security Awareness

Hi-5 With A CISO Dmitriy Sokolovskiy, Avid Technology

Security Boulevard

MAY 20, 2021

CybeReady’s Hi-5 brings together InfoSec leaders for peer-to-peer sharing via five short questions and insights. The post Hi-5 With A CISO Dmitriy Sokolovskiy, Avid Technology appeared first on CybeReady. The post Hi-5 With A CISO Dmitriy Sokolovskiy, Avid Technology appeared first on Security Boulevard.

CISO

CISO Technology InfoSec Information Security

Hi-5 With A CISO Andrea Szeiler, Transcom

Security Boulevard

MAY 4, 2021

CybeReady’s Hi-5 brings together InfoSec leaders for peer-to-peer sharing via five short questions and insights. The post Hi-5 With A CISO Andrea Szeiler, Transcom appeared first on CybeReady. The post Hi-5 With A CISO Andrea Szeiler, Transcom appeared first on Security Boulevard.

CISO

CISO InfoSec Information Security Cybersecurity

New data could help CISOs quantify the value of a strong security culture

SC Magazine

FEBRUARY 26, 2021

Building a security awareness training program to develop a strong infosec culture requires time and money, and chief information security officers frequently try to make a case for such an investment by citing return on investment and other metrics of success. . This is evidence you can take to your CISO to get the funding you need.”.

CISO

CISO Security Awareness Phishing InfoSec

December 15 Marks Deadline for SEC's New Cyber Disclosure Rules

SecureWorld News

DECEMBER 11, 2023

We covered the new rules on July 31, with some thoughts from InfoSec leaders. Public companies will also have to share details about their "cybersecurity risk management, strategy, and governance" on an annual basis. The threat of cyber disruption is material and represents a risk to businesses.

CISO

CISO Risk Cybersecurity Government

6 Unique InfoSec Metrics CISOs Should Track in 2020

Dark Reading

JANUARY 10, 2020

But they can help evaluate risks you haven't even considered yet. You might not find these measurements on a standard cybersecurity department checklist.

InfoSec

InfoSec CISO Risk Cybersecurity

Spotlight on Cybersecurity Leaders: Bill Bowman

SecureWorld News

FEBRUARY 26, 2024

He has been a first-hired CISO at five different companies. A : When I was with Bright Horizons, many top-tier clients demanded InfoSec competence. A : I started 16 quarters ago when the company needed its first CISO. A : Moving the reporting line to risk (GC/CLO); using AI. I learned from them. I learned from them.

Cybersecurity

Cybersecurity CISO InfoSec Data privacy

Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk

The Security Ledger

MAY 16, 2024

In this Spotlight Podcast, host Paul Roberts talks with Chris Walcutt, the CSO of DirectDefense about the rising cyber threats facing operational technology (OT) and how organizations that manage OT - including critical infrastructure owners can best manage increased cyber risks to OT environments. Read the whole entry. »

CSO

CSO Risk Energy and Utilities Social Engineering

The Rise of Data Sovereignty and a Privacy Era

SecureWorld News

JUNE 24, 2024

The potential loss of reputation from a privacy breach is a clarion call for business executives and CISOs. In addition, the risks of monetary and operational damage render it mission critical for enterprises to envision and enact the appropriate People, Process, and Technology safeguards to assure data protection and privacy.

IoT

IoT InfoSec Artificial Intelligence Risk

Five 2023 Cybersecurity Predictions by Doug Dooley

CyberSecurity Insiders

DECEMBER 6, 2022

CISO shortage. CISO exodus. Chief Information Security Officers (CISOs) have a rare combination of business acumen, operational knowledge, technical insights, and legal/compliance experience. The net result will be less employment opportunities and eventually less job-hoping in 2023 despite the talent shortfall in IT security.

Cybersecurity

Cybersecurity CISO InfoSec Technology

BSides Tampa 2021 -Michael Melore’s, Hussein Syed’s, Charles Gagnon’s And Timothy Swope’s ‘CISO Panel, Managing Organizational Risk During A World Pandemic’

Security Boulevard

JUNE 24, 2021

The post BSides Tampa 2021 -Michael Melore’s, Hussein Syed’s, Charles Gagnon’s And Timothy Swope’s ‘CISO Panel, Managing Organizational Risk During A World Pandemic’ appeared first on Security Boulevard. Enjoy the Education!

CISO

CISO Risk Education InfoSec

BSides Knoxville 2023 – Patterson Cake – 10 Things I Wish Every CISO Knew Before An Incident: A View From The IR Trenches

Security Boulevard

JULY 14, 2023

Permalink The post BSides Knoxville 2023 – Patterson Cake – 10 Things I Wish Every CISO Knew Before An Incident: A View From The IR Trenches appeared first on Security Boulevard. Our thanks to BSides Knoxville for publishing their presenter’s outstanding BSides Knoxville 2023 content on the organizations’ YouTube channel.

CISO

CISO Architecture Education Risk

Burnout: The Hidden Cost of Working in Cybersecurity & Other High Risk Fields

Jane Frankland

JUNE 20, 2023

In this blog, and ahead of my talk at Infosec this week , I’m delving into this, and giving you tips for recognising its signs and preventing it as a leader. And these changes increase the risk of developing anxiety, depression, and other mental health issues. The stakes are simply too high to neglect this.

Cybersecurity

Cybersecurity Risk InfoSec CISO

Importance of Cybersecurity Profession Highlights SecureWorld Chicago

SecureWorld News

JUNE 13, 2023

It was fitting that the opening keynote panel for SecureWorld Chicago on June 8th was titled " Making the Cybersecurity Music: Navigating Challenges and Opportunities in Today's InfoSec Landscape. Buerger recently joined Kraft Heinz as its Business Information Security Officer after serving as CISO at a smaller company.

Cybersecurity

Cybersecurity CISO InfoSec Risk

First American Financial Pays Farcical $500K Fine

Krebs on Security

JUNE 18, 2021

Under First American’s documented vulnerability remediation policies, the data leak was classified as a security weakness with a “level 3” severity, which placed it in the “medium risk” category and required remediation within 45 days. “The [employee] did not request a waiver or risk acceptance from the CISO.”

Insurance

Insurance Risk Financial Services CISO

New York Financial Services Firms to Face More Cybersecurity Oversight

SecureWorld News

NOVEMBER 28, 2022

Designate a qualified individual (CISO or equivalent) responsible or overseeing and implementing a cybersecurity program and enforcing its cybersecurity policy. Require the CISO to provide a written report at least annually to the board or equivalent governing body. Have Infosec certifications and passion for #cyber and #dataprivacy.

Financial Services

Financial Services Cybersecurity CISO InfoSec

Inside the Complex Universe of Cybersecurity

SecureWorld News

JANUARY 11, 2024

Working as CISO, DeSouza's areas of expertise include strategic planning, risk management, identity management, cloud computing, and privacy. While it fosters innovation, automation, and productivity, it simultaneously introduces significant cybersecurity and privacy risks. Zero Trust has come of age.

Cybersecurity

Cybersecurity CISO Cyber threats Risk

CyberSaint STRONGER 2022 Conference Call for Speakers is Open!

CyberSecurity Insiders

FEBRUARY 1, 2022

BOSTON–( BUSINESS WIRE )– CyberSaint , the developer of the leading platform delivering cyber risk automation, today announced that the company is seeking speaker submissions for its virtual STRONGER conference, set to occur September 13th-15th 2022. Conference Tracks: Frameworks, Security, & Risk. InfoSec 360.

Digital transformation

Digital transformation InfoSec CISO Education

CISO Stories Podcast: Fiscally Responsible Ways to Train and Build Community

Security Boulevard

SEPTEMBER 23, 2021

The post CISO Stories Podcast: Fiscally Responsible Ways to Train and Build Community appeared first on Security Boulevard. All organizations must have security awareness training programs to teach basics to end users. Similarly, the technical teams need to be exposed to flexible training that is interesting to them.

CISO

CISO Security Awareness InfoSec Risk

CISO Stories Podcast: Necessity is the Mother of Security

Security Boulevard

APRIL 29, 2021

The post CISO Stories Podcast: Necessity is the Mother of Security appeared first on Security Boulevard. Tatu Ylönen, SSH founder and inventor of Secure Shell, discusses the genesis for the protocol and his keen interest in the application of technological solutions to fundamental cybersecurity challenges - check it out.

CISO

CISO Technology Cybersecurity Healthcare

My Top 5 Blogs of the Year

Javvad Malik

NOVEMBER 27, 2020

5: Writing better risk statements Do you struggle to articulate security risks? 2: Why Predator is the ultimate CISO movie I really enjoyed writing this – and was surprised at how much love and attention this got. It’s one big inside joke that you’ll only appreciate if you’ve worked in infosec.

InfoSec

InfoSec CISO Risk

Water utility CISO offers tips to stay secure as IT and OT converge

SC Magazine

APRIL 26, 2021

Kristin Sanders, CISO for the Albuquerque Bernalillo County Water Utility Authority, revealed how New Mexico’s largest water and wastewater utility has been addressing the security challenge. However, such modernization is not without risk. Route 66 runs through downtown Albuquerque, New Mexico. Asaavedra32, CC BY-SA 3.0

CISO

CISO IoT VPN InfoSec

Business Must Change: InfoSec in 2019

The Falcon's View

JANUARY 3, 2019

Consider, if you will, that fundamentally we in infosec want people to make better decisions. That's right, it's infosec. From a functional perspective, this means a few very specific things for infosec: 1) We must continue to work in a collaborative and consultative manner with everyone else in the organization.

InfoSec

InfoSec Engineering Digital transformation CISO

CISO Stories Podcast: He Fought the FTC Over a Breach and Won

Security Boulevard

APRIL 21, 2021

The post CISO Stories Podcast: He Fought the FTC Over a Breach and Won appeared first on Security Boulevard. Hopefully, you won’t ever have to hire a lawyer to defend yourself against a government regulator.

CISO

CISO Data breaches Government Healthcare

Zero Trust and the Failure of Sampling: Two Important Cybersecurity Trends

Joseph Steinberg

JUNE 10, 2022

Many of Gillis’s comments echoed those that I have heard in recent months from CISOs and others within the cybersecurity industry who witness developments from various vantage points quite different from those of a vendor of cybersecurity technologies. Sampling No Longer Works.

Cybersecurity

Cybersecurity Artificial Intelligence CISO Wireless

BSides Knoxville 2023 – Sara Anstey – Educating Your Guesses: How To Quantify Risk and Uncertainty

Security Boulevard

JULY 13, 2023

Permalink The post BSides Knoxville 2023 – Sara Anstey – Educating Your Guesses: How To Quantify Risk and Uncertainty appeared first on Security Boulevard. Our thanks to BSides Knoxville for publishing their presenter’s outstanding BSides Knoxville 2023 content on the organizations’ YouTube channel.

Education

Education Risk Architecture CISO

Noname Security Appoints Strategic Advisory Board Amid Impressive Growth

CyberSecurity Insiders

JANUARY 20, 2022

.–( BUSINESS WIRE )– Noname Security , the API security company, today announced the formation of a Strategic Advisory Board to support the company’s global expansions and establish Noname as a trusted API security provider to CISOs around the world. Alissa Knight , CISO, recovering hacker, InfoSec influencer.

CISO

CISO InfoSec Technology Cybersecurity

Assessing Third-Party InfoSec Risk Management

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

Trending Sources

2023 Will Be The Year of Risk: 8 InfoSec Predictions for the New Year

CISO Liability Risk and Jail Time, (ISC)2 Bylaw Vote and the Value of Cybersecurity Certifications

Why Predator is the ultimate CISO movie

CISO Stories Podcast: No Insider Cybersecurity Risk? Guess Again!

Hacking It as a CISO: Advice for Security Leadership

InfoSec Leaders Share in Podcast Interview at SecureWorld Philadelphia

Hi-5 With A CISO Mário Fernandes, Banco BPI

Battling Burnout: A Growing Concern for CISOs and Security Professionals

Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchison

Why CISOs Are Joining 'The Great Resignation'

Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchinson

CISO Challenge: Check Your Cybersecurity Skills On This New Competition Site

InfoSec Reviews in Project Management Workflows

Episode 209: Fortinet’s Renee Tarun on Scaling InfoSec To Meet Tomorrow’s Challenges

CISO workshop slides

Hi-5 With A CISO Piotr Stecz, Adamed Pharma

Hi-5 With A CISO Dmitriy Sokolovskiy, Avid Technology

Hi-5 With A CISO Andrea Szeiler, Transcom

New data could help CISOs quantify the value of a strong security culture

December 15 Marks Deadline for SEC's New Cyber Disclosure Rules

6 Unique InfoSec Metrics CISOs Should Track in 2020

Spotlight on Cybersecurity Leaders: Bill Bowman

Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk

The Rise of Data Sovereignty and a Privacy Era

Five 2023 Cybersecurity Predictions by Doug Dooley

BSides Tampa 2021 -Michael Melore’s, Hussein Syed’s, Charles Gagnon’s And Timothy Swope’s ‘CISO Panel, Managing Organizational Risk During A World Pandemic’

BSides Knoxville 2023 – Patterson Cake – 10 Things I Wish Every CISO Knew Before An Incident: A View From The IR Trenches

Burnout: The Hidden Cost of Working in Cybersecurity & Other High Risk Fields

Importance of Cybersecurity Profession Highlights SecureWorld Chicago

First American Financial Pays Farcical $500K Fine

New York Financial Services Firms to Face More Cybersecurity Oversight

Inside the Complex Universe of Cybersecurity

CyberSaint STRONGER 2022 Conference Call for Speakers is Open!

CISO Stories Podcast: Fiscally Responsible Ways to Train and Build Community

CISO Stories Podcast: Necessity is the Mother of Security

My Top 5 Blogs of the Year

Water utility CISO offers tips to stay secure as IT and OT converge

Business Must Change: InfoSec in 2019

CISO Stories Podcast: He Fought the FTC Over a Breach and Won

Zero Trust and the Failure of Sampling: Two Important Cybersecurity Trends

BSides Knoxville 2023 – Sara Anstey – Educating Your Guesses: How To Quantify Risk and Uncertainty

Noname Security Appoints Strategic Advisory Board Amid Impressive Growth

Stay Connected