CISO, Risk and Social Engineering - Cyber Security Informer

From Pest Control to Cybersecurity: What CISOs Can Learn from Pestie

SecureWorld News

JANUARY 21, 2025

As I was spraying Pestiea DIY pest spray subscription servicearound my home this weekend (sun's out, spray gun's out), I was thinking about the correlation of this home perimeter defense to what CISOs and their teams do to keep their organizations secure. CISO takeaway: Effective cybersecurity isn't a generic solution.

CISO

CISO Cybersecurity Cyber threats Education

Reaction to Social Engineering Indicative of Cybersecurity Culture

Security Boulevard

JULY 5, 2021

It was a master class in social engineering, one that put an organization’s security posture at risk. Social engineering attacks like phishing take advantage of an employee’s awareness of. The post Reaction to Social Engineering Indicative of Cybersecurity Culture appeared first on Security Boulevard.

Social Engineering

Social Engineering Engineering Cybersecurity Phishing

The Biggest Cybersecurity Risk We're Ignoring—And No, It's Not AI

SecureWorld News

FEBRUARY 28, 2025

But amidst all these flashy, futuristic threats, the biggest cybersecurity risk remains the same as it's always beenhumans. What if we thought like a psychologist, not just a CISO? And I'm not talking about the shadowy hackers in hoodies. I'm talking about your employees, your executives, even you. So what do we do? The solution?

Cybersecurity

Cybersecurity Risk Social Engineering Phishing

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

Shashanka Dr. Madhu Shashanka , Chief Data Scientist, Concentric AI Generative AI in 2025 will bring transformative opportunities but heightened cybersecurity risks, including data exposure, AI misuse, and novel threats like prompt injection attacks. FIPS-203 enables legal PQC deployment, prompting CISOs to overhaul encryption strategies.

Risk

Risk Threat Detection Technology Phishing

Secure Communications: Relevant or a Nice to Have?

Jane Frankland

FEBRUARY 7, 2025

But as a CISO or cyber risk owner, it’s not just about locking down sensitive informationits about doing it without slowing down your people. It encompasses everything from ensuring the confidentiality and integrity of information to reducing risks, maintaining compliance, and building trust with customers.

Cyber Risk

Cyber Risk CISO Risk Encryption

Ghost Ransomware a Persistent Global Threat to Critical Infrastructure

SecureWorld News

FEBRUARY 20, 2025

Tim Mackey, Head of Software Supply Chain Risk Strategy at Black Duck, explains: "Attacks on legacy cyber-physical, IoT, and IIoT devicesparticularly in an OT environmentare to be expected and must be planned for as part of the operational requirements for the device. Enforce DMARC, DKIM, and SPF to prevent spoofing.

Ransomware

Ransomware IoT Encryption Social Engineering

Today’s CISO Insights – How to Tackle the Quantum Threat

CyberSecurity Insiders

MAY 3, 2023

This is why CISOs everywhere should be concerned. In a typical SNDL attack, the attacker gains access to encrypted data by intercepting network traffic, accessing data stores, or by using techniques such as social engineering or malware to gain access to critical information.

CISO

CISO Identity Theft Encryption Social Engineering

BSides Knoxville 2023 – Reanna Schultz – Social Engineering: Training The Human Firewall

Security Boulevard

JULY 9, 2023

Permalink The post BSides Knoxville 2023 – Reanna Schultz – Social Engineering: Training The Human Firewall appeared first on Security Boulevard. Our thanks to BSides Knoxville for publishing their presenter’s outstanding BSides Knoxville 2023 content on the organizations’ YouTube channel.

Social Engineering

Social Engineering Firewall Engineering CISO

GUEST ESSAY: 5 steps all SMBs should take to minimize IAM exposures in the current enviroment

The Last Watchdog

FEBRUARY 14, 2022

Which topics should CEOs, CIOs and CISOs have on their radar when it comes to Identity and Access Management ( IAM ) and cyber security risks in 2022? recurring re-confirmations of initially assigned rights and roles in all connected systems by the employees’ manager – to reduce the risk of abuse and accidents.

CISO

CISO Social Engineering Authentication Risk

GUEST ESSAY: Essential cyber hygiene practices all charities must embrace to protect their donors

The Last Watchdog

MARCH 4, 2024

Assess risks. Creating a solid cybersecurity foundation begins with understanding the organization’s risks. A recent study found only 27% of charities undertook risk assessments in 2023 and only 11% said they reviewed risks posed by suppliers. Keep software updated.

Social Engineering

Social Engineering Risk Cybersecurity Authentication

Top 5 Cyber Predictions for 2024: A CISO Perspective

Security Boulevard

JANUARY 2, 2024

This past year set a profound stage, from the advent of stringent cyber regulations to the convergence of generative AI, social engineering, and ransomware. Last year, we witnessed the fast-evolving nature of social engineering attacks, and this evolution poses greater challenges for detection and defense. The solution?

CISO

CISO Social Engineering Architecture Ransomware

The Unseen Threats: Anticipating Cybersecurity Risks in 2024

Security Boulevard

JANUARY 18, 2024

Cybersecurity risks increase every year and bludgeon victims who fail to prepare properly. For those interested in a better understanding of the oncoming risks, this is the information you are looking for. It can feel like crossing a major highway while blindfolded. Many never see the catastrophe about to happen, until it occurs.

Risk

Risk Cybersecurity CISO Technology

Sisense Hacked: CISA Warns Customers at Risk

Security Boulevard

APRIL 12, 2024

The post Sisense Hacked: CISA Warns Customers at Risk appeared first on Security Boulevard. A hard-coded credential catastrophe: The analytics firm kept big companies’ secrets in an insecure AWS bucket. Government says victims include the “critical infrastructure sector.”

Risk

Risk Hacking Government Digital transformation

Three Risk Mitigation Strategies to Address the Latest Data Security Threats

CyberSecurity Insiders

JUNE 7, 2023

By Dannie Combs , Senior Vice President and CISO, Donnelley Financial Solutions (DFIN) As security threats to data continue to ebb and flow (mostly flow!), Here are three risk mitigation imperatives that can help organizations get a better handle on these latest risks and threats.

Risk

Risk Artificial Intelligence Technology Digital transformation

What is the CISO Experience in a Red Team Exercise?

NetSpi Executives

JANUARY 16, 2024

You’re about to have your first Red Team experience, or maybe your first one in the CISO seat of your organization. Besides the debrief meeting and handing you deliverables, what’s next for a CISO after a Red Team exercise? In most cases, there will be significant security engineering and process overhaul project work.

CISO

CISO Penetration Testing Social Engineering Engineering

GUEST ESSAY: The shock waves of mental illness have begun exacerbating cybersecurity exposures

The Last Watchdog

NOVEMBER 29, 2021

The vulnerabilities and challenges associated with declining worker mental health is causing cybersecurity risks to increase, especially from insider threats. Mental health cyber risks. Socially engineered incidents have also been on the rise. Almost all of us have seen phishing emails in our inbox at some point.

Cybersecurity

Cybersecurity Social Engineering Risk Cyber Risk

Why an HR-IT Partnership is Critical for Managing Cybersecurity Risk

Security Boulevard

FEBRUARY 6, 2024

The post Why an HR-IT Partnership is Critical for Managing Cybersecurity Risk appeared first on Security Boulevard. By aligning priorities into a shared game plan, HR and IT can finally set their organizations up to defend against modern cyberthreats.

Risk

Risk Cybersecurity Social Engineering Cyber Risk

Annual Reports: How They Warn of Cyber Risk

SecureWorld News

OCTOBER 20, 2021

Cyberrisk is business risk. But how should we communicate this risk to the business, to clients, or to investors? Accenture annual report: risks we face from cyberattacks. However, we were most interested in seeing how Accenture articulated a particular business risk: the risk from a cyberattack.

Cyber Risk

Cyber Risk Risk Insurance Cyber Insurance

GUEST ESSAY: Addressing DNS, domain names and Certificates to improve security postures

The Last Watchdog

DECEMBER 6, 2019

Although, the topic has gained popularity amongst CIOs and CISOs, most companies are still overlooking important security blind spots when it comes to securing their digital assets outside the enterprise firewalls—domains, DNS, digital certificates. I like to think of this topic like the electricity that powers our homes.

DNS

DNS Firewall Social Engineering Risk

The challenges of being a CISO during the COVID-19 pandemic

IT Security Guru

OCTOBER 14, 2021

The pre-COVID-19 CISO. The global COVID-19 pandemic has been a tumultuous time for Chief information security officers (CISOs) who on any given day have a long and complicated list of responsibilities. An explosion of cyber risks and a complicated and constantly changing threat landscape.

CISO

CISO Social Engineering Marketing Cyber Risk

News alert: INE Security advisory: The steep cost of neglecting cybersecurity training

The Last Watchdog

AUGUST 20, 2024

Choosing the right training partner and prioritizing cybersecurity training for businesses should not be viewed as optional by CISOs and CIOs.” Compliance costs Neglecting cybersecurity training also exposes organizations to regulatory risks.

Cybersecurity

Cybersecurity Education Social Engineering Cyber threats

A Reactive Cybersecurity Strategy Is No Strategy at All

CyberSecurity Insiders

MAY 18, 2022

A foundational approach to cybersecurity empowers CISOs to see abnormalities and block threats before they do damage. By increasing visibility into DNS traffic, CISOs can detect, block, and respond to incidents more quickly as well as use this data to institute new controls and increase overall resiliency.

DNS

DNS Cybersecurity CISO Social Engineering

Can Cybersecurity Make You a Millionaire?

Hacker's King

OCTOBER 22, 2024

As businesses, governments, and individuals continue to migrate to digital platforms, the risk of cyberattacks rises exponentially. Security Engineers – A technical, hands-on role that ensures the security systems are in place. The Growing Demand for Cybersecurity Cybersecurity is a critical need for nearly every organization today.

Cybersecurity

Cybersecurity CISO Engineering Education

Australia Recorded the Highest Rate of iOS & Android App Threats

Appknox

JUNE 23, 2022

More threats were detected on iOS than Android devices; 68% of Australian CISOs expect their organization to suffer a material cyber-attack within the next year. The risks to the privacy of Australian customers are at an all-time high, as the nation has reported the highest percentage of mobile threats globally, standing at 26.9%.

Social Engineering

Social Engineering Mobile Scams Engineering

Nurturing Our Cyber Talent

IT Security Guru

SEPTEMBER 25, 2023

The IT Security Guru caught up with Tarnveer Singh a CISO and finalist in the Security Serious Unsung Heroes Awards 2023 for his thoughts on how to get more professionals involved in the cybersecurity industry: There are many ways we can inspire new cybersecurity professionals to join our industry. We must reduce barriers to entry.

CISO

CISO Identity Theft Cybercrime Cybersecurity

‘The people’ of cybersecurity are its greatest strength and weakness

SC Magazine

MAY 17, 2021

Senior security and IT leaders point to employees and their companies’ own supply chains as the source of constant risk of malicious and unintentional vulnerabilities, exacerbated by remote work and cloud-based environments. . Respondents said blurring the boundaries between work and personal computing exacerbates the problems.

Cybersecurity

Cybersecurity Social Engineering Risk CISO

ChatGPT and How Generative AI Is Changing the Attack Landscape

SecureWorld News

MAY 30, 2023

In the recent SecureWorld Financial Services virtual conference , Mike Britton and Dan Sheiber of Abnormal Security joined Adam Pendleton, CISO of LendingPoint, to discuss ChatGPT's impressive capabilities. Britton, CISO for Abnormal, disagrees, saying that the tactic of banning it isn't going to be helpful.

Artificial Intelligence

Artificial Intelligence CISO Social Engineering Financial Services

Charting a Course to Zero Trust Maturity: 5 Steps to Securing User Access to Apps

Duo's Security Blog

OCTOBER 6, 2023

Threat actors have dramatically escalated their attacks – targeting security controls like multi-factor authentication (MFA), conducting wily social engineering attacks and extorting businesses large and small with ransomware. To achieve more resilience in this heightened risk environment, stepping up zero trust maturity is essential.

Authentication

Authentication Risk Social Engineering InfoSec

Red Team vs Blue Team vs Purple Team: Differences Explained

eSecurity Planet

FEBRUARY 21, 2023

Blue team members might be led by a chief information security officer (CISO) or director of security operations, making this team the largest among the three. Learn more about Cybersecurity Risk Management Red Teams Red teams simulate the tactics, techniques, and procedures ( TTPs ) an adversary might use against the organization.

Social Engineering

Social Engineering Penetration Testing Engineering Risk

Security Researchers Find Nearly 400,000 Exposed Databases

eSecurity Planet

MAY 3, 2022

The Attack Surface Management team at Group-IB said it constantly scans the IPv4 landscape for exposed databases, potentially unwanted programs, and other risks. A data breach, a follow-up strike on clients whose data was exposed, and other risks may result from an exposed database. Redis DBMS Tops the List.

Social Engineering

Social Engineering Internet Internet Risk

A Guide to Articulating Risk: Speaking the Language of the Stakeholder

Security Boulevard

JUNE 29, 2023

The role of the modern CISO today is just as much about managing technical solutions as it is about communicating risk to key decision-making stakeholders. The post A Guide to Articulating Risk: Speaking the Language of the Stakeholder appeared first on Security Boulevard.

Risk

Risk CISO Social Engineering Engineering

Cybersecurity Outlook 2022: Third-party, Ransomware and AI Attacks Will Get Worse

eSecurity Planet

JANUARY 6, 2022

Third-party Risks Take Center Stage. Third-party risks are at the forefront of security concerns, with identity risk management provider SecZetta predicting that “supply chain paranoia” will take over the cybersecurity world this year. Also read: Best Third-Party Risk Management (TPRM) Tools for 2022.

Ransomware

Ransomware Cybersecurity Artificial Intelligence CISO

Remote Working One Year On: What the Future Holds for Cybersecurity

Security Boulevard

MARCH 19, 2021

In late 2020, HelpSystems research with CISOs of global financial organizations revealed that 45% of respondents reported an increase in cyber-attacks since the pandemic first emerged. Social engineering lures are a good example. Yet they are not without risk in terms of cybersecurity. Request a Demo. Featured: .

Cybersecurity

Cybersecurity CISO Social Engineering Technology

Tackling Cyber Threats: Is AI Cybersecurity Our Only Hope?

Jane Frankland

MAY 8, 2024

This not only frees up valuable time for security professionals to focus on more complex tasks but also reduces the risk of human error. As CISOs, and ITDMs who are responsible for cybersecurity we can do three things: 1. It’s up to us as CISOs and ITDMs to ensure that AI is used as a powerful tool for defence.

Cyber threats

Cyber threats Cybersecurity Artificial Intelligence CISO

Defending Against Credential Phishing Starts by Protecting Your Users

SecureWorld News

MARCH 1, 2021

As the global pandemic continues to run rampant, CISOs are not only struggling to solve traditional cybersecurity challenges, but are faced with a new surge of pandemic themed phishing scams intended to deceive users and infiltrate organizations. Of these, credential phishing still remains one of the most common tactics used by threat actors.

Phishing

Phishing CISO Scams Social Engineering

Protecting your Customers and Brand in 2022: Are you doing enough?

Jane Frankland

APRIL 28, 2022

Nowadays, organisations need digital leaders such as CIOs, CISOs, and CTOs who are strategists, visionaries, and know how to manage, effectively. The pressure for those in charge is immense as cyber risks have scaled, and can now bring businesses, economies, and communities to a halt. billion) is expected online.

CISO

CISO Mobile Technology Risk

Cost-Effective Steps the Healthcare Industry Can Take To Mitigate Damaging Ransomware Attacks

CyberSecurity Insiders

OCTOBER 25, 2022

For many of these hospitals and rural clinics, insufficient security measures dramatically escalate the risk of an attack. By making sure employees are aware of common attack vectors, what a ransomware attack is, and how to report suspicious activity, CISO’s can ensure there is always a first line of defense against hacking attempts.

Healthcare

Healthcare Ransomware Social Engineering Backups

NYDFS Cybersecurity Regulation: Dates, Facts and Requirements

Centraleyes

MARCH 13, 2025

Enacted in 2017, this regulation is all about minimizing risk in the financial services sector, which, lets face it, is prime real estate for cybercriminals. The program should be tailored to your specific business risks. Insight: Many businesses make the mistake of copying templates without understanding their unique risks.

Cybersecurity

Cybersecurity Financial Services Risk Encryption

Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk

The Security Ledger

MAY 16, 2024

In this Spotlight Podcast, host Paul Roberts talks with Chris Walcutt, the CSO of DirectDefense about the rising cyber threats facing operational technology (OT) and how organizations that manage OT - including critical infrastructure owners can best manage increased cyber risks to OT environments. Read the whole entry. »

CSO

CSO Risk Energy and Utilities Social Engineering

8 Cyber Predictions for 2025: A CSO’s Perspective

Security Boulevard

JANUARY 9, 2025

Threat actors used AI tools to orchestrate highly convincing and scalable social engineering campaigns, making it easier to deceive users and infiltrate systems. This trend, among other AI-powered social engineering attacks, will amplify identity compromise, ransomware, and data exfiltration in 2025.

Social Engineering

Social Engineering Architecture Phishing Risk

LinkedIn Hack is Scraped Data, Company Claims

eSecurity Planet

JUNE 30, 2021

Further reading : How to Control API Security Risks. Qualys CISO Ben Carr told eSecurity Planet that all platforms should be constantly reviewing and logging where their data resides and how it’s accessed. ” A Wake-Up Call for Social Media Users. ” LinkedIn’s Response. “Bottom line? .

Hacking

Hacking Social Engineering Identity Theft Data breaches

ROUNDTABLE: Why T-Mobile’s latest huge data breach could fuel attacks directed at mobile devices

The Last Watchdog

AUGUST 19, 2021

Related: Kaseya hack worsens supply chain risk. This stolen booty reportedly included social security numbers, phone numbers, names, home addresses, unique IMEI numbers, and driver’s license information. Once more, a heavily protected enterprise network has been pillaged by data thieves.

Mobile

Mobile Data breaches Authentication Accountability

Preventing Critical Email Attacks: Brian Krebs and Mike Britton Discuss

SecureWorld News

MARCH 17, 2022

That was the case for a broadcast SecureWorld recently hosted with Mike Britton, CISO of Abnormal Security , and legendary investigative journalist Brian Krebs. Key takeaway #2: Collaborative platforms are at heightened risk for security breaches due to WFH. And you know, that can cause a potential loss for that organization.".

InfoSec

InfoSec Social Engineering Phishing Cybercrime

Inflation Is Making Cybersecurity Even More Challenging for Leaders

SecureWorld News

OCTOBER 19, 2023

Increased risk of cyberattacks The rising cost of living can lead to an increase in cybercrime, as people become more desperate to make money. I think it requires taking a step back and assessing what you can do with less," said Chris Roberts, CISO and Senior Director at Boom Supersonic. This is more critical now than it's ever been."

Cybersecurity

Cybersecurity CISO Education Phishing

From Pest Control to Cybersecurity: What CISOs Can Learn from Pestie

Reaction to Social Engineering Indicative of Cybersecurity Culture

Webinars

Trending Sources

The Biggest Cybersecurity Risk We're Ignoring—And No, It's Not AI

Webinars

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

Secure Communications: Relevant or a Nice to Have?

Ghost Ransomware a Persistent Global Threat to Critical Infrastructure

Today’s CISO Insights – How to Tackle the Quantum Threat

BSides Knoxville 2023 – Reanna Schultz – Social Engineering: Training The Human Firewall

GUEST ESSAY: 5 steps all SMBs should take to minimize IAM exposures in the current enviroment

GUEST ESSAY: Essential cyber hygiene practices all charities must embrace to protect their donors

Top 5 Cyber Predictions for 2024: A CISO Perspective

The Unseen Threats: Anticipating Cybersecurity Risks in 2024

Sisense Hacked: CISA Warns Customers at Risk

Three Risk Mitigation Strategies to Address the Latest Data Security Threats

What is the CISO Experience in a Red Team Exercise?

GUEST ESSAY: The shock waves of mental illness have begun exacerbating cybersecurity exposures

Why an HR-IT Partnership is Critical for Managing Cybersecurity Risk

Annual Reports: How They Warn of Cyber Risk

GUEST ESSAY: Addressing DNS, domain names and Certificates to improve security postures

The challenges of being a CISO during the COVID-19 pandemic

News alert: INE Security advisory: The steep cost of neglecting cybersecurity training

A Reactive Cybersecurity Strategy Is No Strategy at All

Can Cybersecurity Make You a Millionaire?

Australia Recorded the Highest Rate of iOS & Android App Threats

Nurturing Our Cyber Talent

‘The people’ of cybersecurity are its greatest strength and weakness

ChatGPT and How Generative AI Is Changing the Attack Landscape

Charting a Course to Zero Trust Maturity: 5 Steps to Securing User Access to Apps

Red Team vs Blue Team vs Purple Team: Differences Explained

Security Researchers Find Nearly 400,000 Exposed Databases

A Guide to Articulating Risk: Speaking the Language of the Stakeholder

Cybersecurity Outlook 2022: Third-party, Ransomware and AI Attacks Will Get Worse

Remote Working One Year On: What the Future Holds for Cybersecurity

Tackling Cyber Threats: Is AI Cybersecurity Our Only Hope?

Defending Against Credential Phishing Starts by Protecting Your Users

Protecting your Customers and Brand in 2022: Are you doing enough?

Cost-Effective Steps the Healthcare Industry Can Take To Mitigate Damaging Ransomware Attacks

NYDFS Cybersecurity Regulation: Dates, Facts and Requirements

Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk

8 Cyber Predictions for 2025: A CSO’s Perspective

LinkedIn Hack is Scraped Data, Company Claims

ROUNDTABLE: Why T-Mobile’s latest huge data breach could fuel attacks directed at mobile devices

Preventing Critical Email Attacks: Brian Krebs and Mike Britton Discuss

Inflation Is Making Cybersecurity Even More Challenging for Leaders

Stay Connected