CISO, Network Security and Security Awareness

Should the CISO Report to the CIO?

Cisco Security

JULY 1, 2021

The Chief Information Security Officer (CISO) is the organization’s senior executive in charge of the cybersecurity and the information technology risk management posture of the enterprise. federal government in particular, the CISO reports to the Chief Information Officer (CIO). In many organizations, and in the U.S.

CISO

CISO Technology Risk Government

Managing the great return: What CISOs should consider when reopening the office

SC Magazine

MARCH 24, 2021

“It will be interesting to know if security people are even in the conversations about how to bring people back to work. My guess is they’re probably not,” said Helen Patton, advisory CISO with Cisco’s Duo Security. “I I suspect that security people, as is historically the case, will be stuck in react mode.” .

CISO

CISO Technology Wireless Cybercrime

CISO Stories Podcast: Fiscally Responsible Ways to Train and Build Community

Security Boulevard

SEPTEMBER 23, 2021

All organizations must have security awareness training programs to teach basics to end users. The post CISO Stories Podcast: Fiscally Responsible Ways to Train and Build Community appeared first on Security Boulevard. Similarly, the technical teams need to be exposed to flexible training that is interesting to them.

CISO

CISO Security Awareness InfoSec Risk

A CISO’s Guide to SaaS Security Posture Management

Security Boulevard

FEBRUARY 29, 2024

As today’s security threat environment evolves, SaaS security posture management (SSPM) has become a key part of a CISO's security defense plan. The post A CISO’s Guide to SaaS Security Posture Management appeared first on Security Boulevard.

CISO

CISO Security Defenses Security Awareness Cybersecurity

Cyber Security Awareness and Risk Management

Spinone

DECEMBER 26, 2018

How to Enhance Cyber Security Awareness and Cyber Intelligence Enterprise cyber security awareness and cyber risk management programs encircle a full range of actions required to protect corporate IT infrastructure and sensitive data. What are the benefits of cyber security awareness trainings?

Security Awareness

Security Awareness Risk Cyber threats Cyber Risk

The Security Industry is Protecting the Wrong Thing

Security Boulevard

MAY 7, 2021

When the security industry talks about a data breach, often the first question asked involves the state of the victim’s network security – not the breach of data. It’s because organizations have their security priorities backward, and that needs to change. Why is this?

Data breaches

Data breaches Network Security Encryption CISO

NetSPI Lands $410 Million in Funding – And Other Notable Cybersecurity Deals

eSecurity Planet

OCTOBER 17, 2022

Before co-founding Cyolo, Almog Apirion was a CISO for 15 years. “I With my co-founders, we formed a team to build the tool I always wanted while I was a CISO. What sets Cyolo apart is that we are security realists and understand the day-to-day reality of cybersecurity.”. “For Arctic Wolf.

Cybersecurity

Cybersecurity Penetration Testing CISO Marketing

SolarWinds blaming intern for leaked password is symptom of ‘security failures’

SC Magazine

MARCH 2, 2021

“The latest developments in relation to the SolarWinds intern’s poor password choice highlight’s how bad password hygiene is getting and how important it is for organizations to prioritize password management,” said Joseph Carson, chief security scientist and advisory CISO at Thycotic.

Passwords

Passwords Password Management CISO InfoSec

Hackers Also Have Financial Reporting And Quotas :)

Security Boulevard

JUNE 18, 2022

We should not be focused so much on the organization’s Return on investment or Return on asset around security spending; we should consider for a moment that with every significant security awareness training, every adaptive control, and every security policy only makes the task “of being hacked” even more expensive for the cybercriminals.

Hacking

Hacking CISO Cybersecurity Banking

Common IT Security Roles and Responsibilities Explained

Spinone

JULY 29, 2020

To automate your job and remain time-efficient, you’ll probably need specialized software that helps you with app security assessment and whitelisting/blacklisting. Network Security Engineer As the name suggests, a network security engineer’s job is to protect corporate networks from data breaches, human error, or cyberattacks.

Penetration Testing

Penetration Testing CISO Engineering Software

Cybersecurity Culture: How Princeton University's Security Team Created It

SecureWorld News

MAY 19, 2020

Sherry brought to Princeton his 25 years of technology experience, 12 of which was in higher education as the former CISO at Brown University. In many ways, leading a security mission out of a university is like securing a city. Security culture: the security team and everyone else.

Cybersecurity

Cybersecurity CISO Risk Education

Local government cybersecurity: 5 best practices

Malwarebytes

SEPTEMBER 30, 2022

In Michigan’s Cyber Partners Program , for example, local communities receive services from a CISO-level consultant. University partners : Partnering with universities can help local governments get access to talent, technological insights, even real-time network security monitoring. Network monitoring.

Government

Government Cybersecurity Cyber Insurance Insurance

Sisense Hacked: CISA Warns Customers at Risk

Security Boulevard

APRIL 12, 2024

The post Sisense Hacked: CISA Warns Customers at Risk appeared first on Security Boulevard. A hard-coded credential catastrophe: The analytics firm kept big companies’ secrets in an insecure AWS bucket. Government says victims include the “critical infrastructure sector.”

Risk

Risk Hacking Government Digital transformation

Are Cyber Insurers Cybersecurity’s New Enforcers?

Security Boulevard

NOVEMBER 12, 2021

Recent ransomware attacks have dominated the headlines this year. Predictions estimate that the financial impact caused by ransomware could reach $265 billion globally by 2031.

Cyber Insurance

Cyber Insurance Insurance Ransomware Cybersecurity

Debunking Myths About CMMC 2.0

Security Boulevard

NOVEMBER 29, 2021

The cybersecurity world remains dynamic. On November 4, 2021, the Department of Defense (DoD) posted an update to its Cybersecurity Maturity Model Certification (CMMC) initiative, announcing program changes dubbed CMMC 2.0.

Cybersecurity

Cybersecurity CISO IoT Security Awareness

GoDaddy Hosting Hacked — for FOURTH Time in 4 Years

Security Boulevard

FEBRUARY 20, 2023

The post GoDaddy Hosting Hacked — for FOURTH Time in 4 Years appeared first on Security Boulevard. GoDaddy’s web hosting service breached yet again. This time, the perps were redirecting legit websites to malware.

Hacking

Hacking Malware Social Engineering CISO

How Much Cybersecurity Do You Need?

Security Boulevard

AUGUST 18, 2021

Cyberattacks are on the rise. Hackers will seize on any opportunity to accelerate or obscure their cyberattacks. So imagine their delight when the COVID-19 pandemic forced companies to shutter their offices and conduct most, if not all, of their business remotely. It was open season with easy targets everywhere. The attacks that followed were some.

Cybersecurity

Cybersecurity CISO Security Awareness Mobile

‘This is Appalling’ — Tax-Prep Sites Leak PII to Facebook

Security Boulevard

NOVEMBER 23, 2022

The post ‘This is Appalling’ — Tax-Prep Sites Leak PII to Facebook appeared first on Security Boulevard. Some incredibly personal details are being sent to Facebook, without your consent, using the “Meta Pixel.”.

CISO

CISO Security Awareness Mobile Risk

Oops! Meta Security Guards Hacked Facebook Users

Security Boulevard

NOVEMBER 18, 2022

Meta Security Guards Hacked Facebook Users appeared first on Security Boulevard. Facebook parent Meta has disciplined or fired at least 25 workers for allegedly hacking into user accounts. The post Oops!

Hacking

Hacking Accountability Social Engineering CISO

Patreon Fires its Security Team — and the Internet Freaks Out

Security Boulevard

SEPTEMBER 9, 2022

Patreon, the notorious membership monetization platform, laid off its entire security team yesterday. The post Patreon Fires its Security Team — and the Internet Freaks Out appeared first on Security Boulevard. Just like that.

Internet

Internet Internet CISO Security Awareness

Warning: N. Korean Job Scams Push Trojans via LinkedIn

Security Boulevard

OCTOBER 1, 2022

Korean Job Scams Push Trojans via LinkedIn appeared first on Security Boulevard. Hey, hey, DPRK, how many people will you scam today? The post Warning: N.

Scams

Scams Social Engineering CISO Engineering

Measuring Security Risk vs. Success

Security Boulevard

FEBRUARY 15, 2021

For IT professionals, building a set of metrics for security needs is often accompanied by feelings of anxiety, because if measurements look at the wrong data or indicators, they may lead to a false sense of security. Security programs are made up of many. The post Measuring Security Risk vs.

Risk

Risk CISO Security Awareness Mobile

NSA’s Plea: Stop Using C and C++ (Because You’re Idiots)

Security Boulevard

NOVEMBER 11, 2022

The post NSA’s Plea: Stop Using C and C++ (Because You’re Idiots) appeared first on Security Boulevard. The C and C++ languages are unsafe. Instead, the NSA would like devs to use memory-safe languages—such as Rust.

CISO

CISO IoT Security Awareness Mobile

‘Extraordinary, Egregious’ Data Breach at House and Senate

Security Boulevard

MARCH 10, 2023

The post ‘Extraordinary, Egregious’ Data Breach at House and Senate appeared first on Security Boulevard. Capitol Trouble: Senators, representatives and staffers suffer PII leak. Could it finally kickstart some action?

Data breaches

Data breaches Social Engineering Insurance CISO

U.S. and UK Ban More Chinese Kit as Xi’s Grip Weakens

Security Boulevard

NOVEMBER 28, 2022

and UK Ban More Chinese Kit as Xi’s Grip Weakens appeared first on Security Boulevard. Two key members of the Five Eyes intelligence alliance have made further moves to stop Chinese equipment imports. The post U.S.

Digital transformation

Digital transformation CISO IoT Security Awareness

Can you Become Ransomware-Proof?

Security Boulevard

OCTOBER 25, 2021

Wouldn’t it be great if you had enough confidence in your information security program that if a criminal gang attacked you, you would be able to defend yourself, keep your business going and notify the appropriate legal authorities and any vendor partners that might be impacted? With a mature information security program, you are able.

Ransomware

Ransomware Information Security Cyber Risk CISO

How to Prepare Your Workforce for the Deepfake Era

Security Boulevard

JULY 22, 2024

The post How to Prepare Your Workforce for the Deepfake Era appeared first on Security Boulevard. Of all of the AI-powered weapons, the one that your employees may be the least equipped to resist is deepfake technology.

Technology

Technology Social Engineering Engineering CISO

Why an HR-IT Partnership is Critical for Managing Cybersecurity Risk

Security Boulevard

FEBRUARY 6, 2024

The post Why an HR-IT Partnership is Critical for Managing Cybersecurity Risk appeared first on Security Boulevard. By aligning priorities into a shared game plan, HR and IT can finally set their organizations up to defend against modern cyberthreats.

Risk

Risk Cybersecurity Social Engineering Cyber Risk

The secrets to start a cybersecurity career

Responsible Cyber

JULY 14, 2024

Key Responsibilities: Analyzing security alerts Investigating security breaches Implementing protective measures Security Operations Manager: Oversees the daily operations of a security team, manages resources, coordinates incident responses, and ensures compliance with security policies.

Cybersecurity

Cybersecurity Education Penetration Testing Engineering

New Russian Hacks Revealed—but U.S. Says it’s Microsoft’s Fault

Security Boulevard

OCTOBER 26, 2021

Says it’s Microsoft’s Fault appeared first on Security Boulevard. Microsoft has issued another of its “look how clever we are” writeups of detecting APT29 hackers. But the U.S. government sees it differently. The post New Russian Hacks Revealed—but U.S.

Hacking

Hacking Government Social Engineering CISO

Chinese Tech: Banned in DC, but not in the States

Security Boulevard

OCTOBER 31, 2022

The post Chinese Tech: Banned in DC, but not in the States appeared first on Security Boulevard. There’s a massive loophole in the federal ban on Chinese technology from sus firms such as Huawei and ZTE: It doesn’t stop states from buying it.

Technology

Technology Social Engineering CISO IoT

Divide Between Security, Developers Deepens

Security Boulevard

OCTOBER 5, 2021

Security professionals work hard to plan secure IT environments for organizations, but the developers who are tasked with implementing and carrying these plans and procedures are often left out of security planning processes, creating a fractured relationship between development and security.

CISO

CISO Security Awareness Cybersecurity Network Security

External Attack Surface Management: How Focusing on Basics Improves Security

Security Boulevard

MAY 31, 2023

The task is now more challenging: According to a report by cyberinsurance provider Beazley, network attacks rose in the first quarter of 2023.

Cybersecurity

Cybersecurity Penetration Testing CISO Security Awareness

Consumer Confidence in Data Security Plummets

Security Boulevard

AUGUST 24, 2021

Organizations’ increasing use of contractors, freelancers and other third-party workers is weakening consumers’ trust in their data security, according to a study by SecZetta. The survey of more than 2,000 U.S.

CISO

CISO Security Awareness Software Risk

Pushing the Limits of IDaaS with AMaaS

Security Boulevard

JULY 29, 2021

Concern over secure access to data has led to significant adoption of cloud identity management solutions, specifically identity-as-a-service (IDaaS), to ensure that people accessing applications are who they say they are–that is, to authenticate their identity. However, IDaaS solves only half the problem.

Authentication

Authentication CISO Security Awareness Cybersecurity

Ransomware Protection: 8 Best Strategies and Solutions in 2021

Spinone

DECEMBER 23, 2019

No wonder this threat keeps our client’s CISO and security teams up at night. Network Security: Firewall A firewall is your first line of defense or your computer network gatekeepers. Ransomware attacks cost smaller companies an average of $713,000 per incident.

Ransomware

Ransomware Backups Antivirus Firewall

‘Incompetent’ FCC Fiddles With Data Breach Rules

Security Boulevard

FEBRUARY 13, 2024

The post ‘Incompetent’ FCC Fiddles With Data Breach Rules appeared first on Security Boulevard. FCC FAIL: While Rome burns, Federal Communications Commission is once again behind the curve.

Data breaches

Data breaches Data privacy CISO Security Awareness

Digital Habits During Pandemic Have Lasting Impact

Security Boulevard

JULY 9, 2021

The unexpected global pandemic left the world scrambling to maintain their daily activities and work as best they could.

Consumer Services

Consumer Services Digital transformation CISO Security Awareness

US, EU Join Paris Call for Cybersecurity

Security Boulevard

NOVEMBER 15, 2021

The United States and the European Union announced plans to join the Paris Call, an international effort to combat cyberthreats endangering citizens and infrastructure.

Cybersecurity

Cybersecurity Internet Internet CISO

Reddit Hacked — 2FA is no Phishing Phix

Security Boulevard

FEBRUARY 10, 2023

The post Reddit Hacked — 2FA is no Phishing Phix appeared first on Security Boulevard. Reddit got hacked with a “sophisticated” spear phishing attack. The individual victim was an employee who clicked the wrong email link.

Phishing

Phishing Hacking Social Engineering CISO

Understand Your Staff: How Insiders Shape Defenses

Security Boulevard

FEBRUARY 26, 2021

This vastly increased mobility, cloud computing and social networking usage; in some cases, this transition occurred before companies and staff were fully prepared. Enterprises and their staff dealt with a lot of change in 2020. The pandemic and resulting lockdowns forced organizations to allow staff to work from home.

Mobile

Mobile Social Engineering CISO Engineering

Contec SolarView: Critical Bug Unpatched After 14 MONTHS

Security Boulevard

JULY 7, 2023

The post Contec SolarView: Critical Bug Unpatched After 14 MONTHS appeared first on Security Boulevard. PV OT: VPN PDQ! CVSS known since May 2022—but still exploitable on 400+ net-connected OT/ICS/SCADA systems.

VPN

VPN IoT CISO Security Awareness

Can you Become Ransomware-Proof? Part 2: CIS Controls

Security Boulevard

NOVEMBER 3, 2021

In my previous post, I talked about the NIST Cybersecurity Framework (CSF). Some of you, I am sure, Googled “NIST CSF” after reading it and found tons of information from NIST on the framework. Then, as you looked at the details, you might have felt intimidated by the five functions (identify, protect, detect, respond and.

Ransomware

Ransomware Cybersecurity CISO Security Awareness

How Log4j Reshaped Cloud Security Thinking

Security Boulevard

MAY 2, 2022

IT leaders are changing the way they secure cloud workloads in the aftermath of the Log4j vulnerability, according to a report from Valtix. The post How Log4j Reshaped Cloud Security Thinking appeared first on Security Boulevard.

CISO

CISO Security Awareness Cybersecurity Network Security

Should the CISO Report to the CIO?

Managing the great return: What CISOs should consider when reopening the office

Trending Sources

CISO Stories Podcast: Fiscally Responsible Ways to Train and Build Community

A CISO’s Guide to SaaS Security Posture Management

Cyber Security Awareness and Risk Management

The Security Industry is Protecting the Wrong Thing

NetSPI Lands $410 Million in Funding – And Other Notable Cybersecurity Deals

SolarWinds blaming intern for leaked password is symptom of ‘security failures’

Hackers Also Have Financial Reporting And Quotas :)

Common IT Security Roles and Responsibilities Explained

Cybersecurity Culture: How Princeton University's Security Team Created It

Local government cybersecurity: 5 best practices

Sisense Hacked: CISA Warns Customers at Risk

Are Cyber Insurers Cybersecurity’s New Enforcers?

Debunking Myths About CMMC 2.0

GoDaddy Hosting Hacked — for FOURTH Time in 4 Years

How Much Cybersecurity Do You Need?

‘This is Appalling’ — Tax-Prep Sites Leak PII to Facebook

Oops! Meta Security Guards Hacked Facebook Users

Patreon Fires its Security Team — and the Internet Freaks Out

Warning: N. Korean Job Scams Push Trojans via LinkedIn

Measuring Security Risk vs. Success

NSA’s Plea: Stop Using C and C++ (Because You’re Idiots)

‘Extraordinary, Egregious’ Data Breach at House and Senate

U.S. and UK Ban More Chinese Kit as Xi’s Grip Weakens

Can you Become Ransomware-Proof?

How to Prepare Your Workforce for the Deepfake Era

Why an HR-IT Partnership is Critical for Managing Cybersecurity Risk

The secrets to start a cybersecurity career

New Russian Hacks Revealed—but U.S. Says it’s Microsoft’s Fault

Chinese Tech: Banned in DC, but not in the States

Divide Between Security, Developers Deepens

External Attack Surface Management: How Focusing on Basics Improves Security

Consumer Confidence in Data Security Plummets

Pushing the Limits of IDaaS with AMaaS

Ransomware Protection: 8 Best Strategies and Solutions in 2021

‘Incompetent’ FCC Fiddles With Data Breach Rules

Digital Habits During Pandemic Have Lasting Impact

US, EU Join Paris Call for Cybersecurity

Reddit Hacked — 2FA is no Phishing Phix

Understand Your Staff: How Insiders Shape Defenses

Contec SolarView: Critical Bug Unpatched After 14 MONTHS

Can you Become Ransomware-Proof? Part 2: CIS Controls

How Log4j Reshaped Cloud Security Thinking

Stay Connected