CISO, Risk and Technology - Cyber Security Informer

MY TAKE: COVID-19 cements the leadership role CISOs must take to secure company networks

The Last Watchdog

MAY 13, 2020

cybersecurity policy needs to match societal values CISOs must preserve and protect their companies in a fast-changing business environment at a time when their organizations are under heavy bombardment. I had the chance to discuss this state of affairs with Vishal Salvi, CISO of Infosys. Salvi “The CISO role has fundamentally changed.

CISO

CISO Cybersecurity Digital transformation Risk

Black Hat insights: JupiterOne’s whodunnit puts CISOs on the trail of solving a devastating breach

The Last Watchdog

AUGUST 6, 2023

Related: A call to regulate facial recognition That said, a few dozen CISOs attending Black Hat USA 2023 will get to experience, hands-on, what it must have been like to be in the crucible of milestone hacks like Capital One, SolarWinds and Colonial Pipeline. San Diego or New York City , feel free to skip ahead.

CISO

CISO Data breaches Technology Hacking

Best Practices Q&A: Guidance about what directors need to hear from CISOs — from a board member

The Last Watchdog

APRIL 8, 2024

CISOs can sometimes be their own worst enemy, especially when it comes to communicating with the board of directors. She serves on the board of several technology companies and also happens to be steeped in cyber risk governance. LW: Why do so many CISOs still not get it that FUD and doom-and-gloom don’t work?

CISO

CISO Risk Cybersecurity Insurance

Why Predator is the ultimate CISO movie

Javvad Malik

OCTOBER 29, 2020

The movie starts on the outskirts of a jungle and the CISO (Arnie) with his team land in their helicopters. This is a perfect metaphor for how a CISO operates in day to day situations. This is a reminder to all security pros that they need to continually keep their skills up to date or risk becoming a dinosaur. Well read on.

CISO

CISO InfoSec Banking Ransomware

GUEST ESSAY: Could CISOs be on the verge of disproving the ‘security-as-a-cost-center’ fallacy?

The Last Watchdog

MARCH 13, 2023

So how will this affect chief information security officers (CISOs) and security programs? Given the perennial skills and staffing shortage in security, it’s unlikely that CISOs will be asked to make deep budget or staffing cuts, yet they may not come out of this period unscathed. Related: Attack surface management takes center stage.

CISO

CISO Insurance Cybersecurity Risk

IT asset disposal is a security risk CISOs need to take seriously

CSO Magazine

JUNE 21, 2021

Asset disposal normally isn’t one of those burning topics that is top-of-mind for CISOs, yet every CISO must be able to address it when asked to describe their information technology asset disposal (ITAD) program. Sign up for CSO newsletters. ]. Sign up for CSO newsletters. ].

CISO

CISO Risk CSO Accountability

Best Practices Q&A: The importance of articulating how cybersecurity can be a business enabler

The Last Watchdog

APRIL 1, 2024

The technology and best practices for treating cybersecurity as a business enabler, instead of an onerous cost-center, have long been readily available. These key capabilities fall under the four competencies of oversight, process risk management, technology risk management, and human risk management.

Cybersecurity

Cybersecurity CISO B2B Risk

RSAC Fireside Chat: Tightened budgets impose discipline on CISOs, resets security investments

The Last Watchdog

JUNE 20, 2024

CISOs have been on something of a wild roller coaster ride the past few years. Given carte blanche, many CISOs purchased a hodge podge of unproven point solutions, adding to complexity. Today, with purse strings tightened – and cyber risks and compliance pressures mounting — CISOs must recalibrate.

CISO

CISO Marketing Cyber Risk Cybersecurity

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

Businesses must adopt tools and automation capable of invoking immediate action, even at the risk of false positives. Raising security baselines across industries is essential, with risk mitigationnot acceptancebecoming the standard. Security teams will need to address the unique risks posed using LLMs in mission critical environments.

Cyber threats

Cyber threats CISO IoT Phishing

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

Krebs on Security

JULY 21, 2023

A review of the executives pages published by the 2022 list of Fortune 100 companies found only four — BestBuy , Cigna , Coca-Cola , and Walmart — that listed a Chief Security Officer (CSO) or Chief Information Security Officer (CISO) in their highest corporate ranks. Nor is the average pay hugely different among all these roles.

CSO

CSO CISO Insurance Risk

A Chief Security Concern for Executive Teams

Krebs on Security

DECEMBER 18, 2018

Even among top tech firms, less than half list a chief technology officer (CTO). KrebsOnSecurity reviewed the Web sites for the global top 100 companies by market value, and found just five percent of top 100 firms listed a chief information security officer (CISO) or chief security officer (CSO). ” EXHIBIT A: EQUIFAX.

CSO

CSO CISO Marketing Banking

Today’s CISO Insights – How to Tackle the Quantum Threat

CyberSecurity Insiders

MAY 3, 2023

As you may have noticed, daily headlines around quantum computing and its impact on technologies are becoming commonplace. This is why CISOs everywhere should be concerned. CISOs should begin to familiarize themselves with these and evaluate their potential suitability for adoption.

CISO

CISO Identity Theft Encryption Social Engineering

GUEST ESSAY: In pursuit of smarter cybersecurity — to overcome complex risks and grow revenue

The Last Watchdog

JANUARY 8, 2023

Smarter security to me broadly refers to relentlessly focusing on fundamentals while maturing the program, making sure your risk posture aligns with your business strategy. Business initiatives demand faster, more efficient outcomes and technology responds. Complexity challenge. Managed solutions can help.

Risk

Risk Cybersecurity Technology CISO

CISO Liability Risk and Jail Time, (ISC)2 Bylaw Vote and the Value of Cybersecurity Certifications

Security Boulevard

OCTOBER 30, 2022

Rafal Los, host of the popular Down the Security Rabbithole Podcast, joins us to discuss CISO liability risk and the ongoing discussion in the cybersecurity community about CISOs going to jail.

CISO

CISO Risk Cybersecurity Data privacy

GUEST ESSAY: Why the arrests of cyber criminals in 2021 will incentize attackers in 2022

The Last Watchdog

DECEMBER 16, 2021

After all, a malicious actor only needs a few minutes of time with a privileged account to take over the entire directory, and there are volumes of exploitable identity risks at every organization. The ascendency of CISOs. In 2022 we expect to see organizations increasingly moving identity management systems into the CISO organization.

CISO

CISO Ransomware Risk Authentication

The Top Challenges Faced by CISOs in 2023

CyberSecurity Insiders

APRIL 11, 2023

As the world continues to face unprecedented cyber threats, Chief Information Security Officers (CISOs) are facing a growing number of challenges in their roles. In 2023, these challenges are likely to increase, and CISOs will have to be well-equipped to overcome them. Failure to do so can result in hefty fines and penalties.

CISO

CISO Data privacy Cyber threats Technology

New Office of the CISO Paper: Organizing Security for Digital Transformation

Anton on Security

SEPTEMBER 13, 2024

The OOT (Organization, Operations, Technology) Approach: The guide advocates for prioritizing organizational and operational changes before finalizing technology decisions. This may challenge the conventional approach in traditional organizations where technology choices often precede organizational adaptation.

Digital transformation

Digital transformation CISO Technology Cybersecurity

Zero Trust and the Failure of Sampling: Two Important Cybersecurity Trends

Joseph Steinberg

JUNE 10, 2022

Many of Gillis’s comments echoed those that I have heard in recent months from CISOs and others within the cybersecurity industry who witness developments from various vantage points quite different from those of a vendor of cybersecurity technologies. Sampling No Longer Works.

Cybersecurity

Cybersecurity Artificial Intelligence CISO Wireless

The Unseen Threats: Anticipating Cybersecurity Risks in 2024

Security Boulevard

JANUARY 18, 2024

Cybersecurity risks increase every year and bludgeon victims who fail to prepare properly. For those interested in a better understanding of the oncoming risks, this is the information you are looking for. It can feel like crossing a major highway while blindfolded. Many never see the catastrophe about to happen, until it occurs.

Risk

Risk Cybersecurity CISO Technology

6 risk factors to know when hiring an MSSP

CSO Magazine

AUGUST 13, 2021

With enterprise adoption of managed security services gradually maturing, the rewards and risks of using these services have become a lot clearer for current and potential customers. Keep up with 8 hot cyber security trends (and 4 going cold). Sign up for CSO newsletters. ].

Risk

Risk CSO CISO Technology

You've Made the Ascent to CISO. Now What?

SecureWorld News

JANUARY 3, 2025

And now, you finally got that call, to be a CISO at an organization. Can you balance the needs of the business, versus the risks they face? Before diving into security strategies, CISOs need to invest time in understanding the organization's culture, strategic roadmaps, operational dynamics, industry, and so forth.

CISO

CISO Risk Technology Cybersecurity

Introducing our new CISO Advisor, Pam Lindemeon

Cisco Security

AUGUST 3, 2021

I’m delighted to announce the latest member of our growing CISO Advisor team, Pam Lindemeon. At Anthem Pam was considered a bold and strategic thinker who envisioned and delivered a world class Enterprise Information Security strategy, including leading the Steering Committee with cross functional business and technology membership.

CISO

CISO Technology Information Security Cybersecurity

The strong link between cyber threat intelligence and digital risk protection

CSO Magazine

APRIL 21, 2023

In fact, these changes have led to a CTI subcategory focused on digital risk protection. DRP is broadly defined as, “telemetry, analysis, processes, and technologies used to identify and mitigate risks associated with digital assets.” CISOs are investing here but challenges remain. I’ve also dug into the CTI lifecycle.

Cyber threats

Cyber threats Risk Digital transformation CISO

International Association of Chiefs of Police (IACP) Appoints CyberSecurity Expert Witness Joseph Steinberg To Computer Crime & Digital Evidence Committee

Joseph Steinberg

DECEMBER 11, 2023

The IACP is the publisher of The Police Chief magazine, the leading periodical for law enforcement executives, and the host of the IACP Annual Conference, the largest police educational and technology exposition in the world. The IACP is a not-for-profit 501c(3) organization, and is headquartered in Alexandria, Virginia. patent filings.

Cybersecurity

Cybersecurity Artificial Intelligence CISO Technology

GUEST ESSAY: The case for network defenders to focus on leading — not lagging — indicators

The Last Watchdog

JANUARY 17, 2022

Minimum adherence to security requirements policy, based on an application’s inherent risk profile, can lead to reduction in risk vulnerabilities. Accountability for software security often falls under the Chief Information Security Officer (CISO). Like other major changes, it’s important to set realistic expectations.

CISO

CISO Software B2B Marketing

Economic pressures are increasing cybersecurity risks; a recession would amp them up more

CSO Magazine

FEBRUARY 28, 2023

CISOs have never had an easy time — they’ve certainly faced inordinate challenges in recent years working to secure an ever-expanding and more distributed technology and data landscape. Even if one doesn’t hit anytime soon, economic volatility, more cautious corporate spending plans, and employee layoffs are already in play.

Risk

Risk CISO Cybersecurity Technology

First Directory of Virtual CISO Providers Launched by Cynomi

CyberSecurity Insiders

JUNE 22, 2023

This extensive list of virtual CISO (vCISO) providers, collated by Cynomi , means that small- and medium-sized businesses (SMBs) can easily tap the expertise of qualified cybersecurity professionals to protect their digital assets and ensure compliance. In this climate, strong cybersecurity measures are crucial.

CISO

CISO Cybersecurity Technology Information Security

LW ROUNDTABLE: CrowdStrike outage reveals long road ahead to achieve digital resiliency

The Last Watchdog

JULY 25, 2024

With this in mind, Last Watchdog sought commentary from technology thought leaders about what the CrowdStrike outage says about the state of digital resiliency. Implementing zero trust across the entirety of the technology stack would go a long way toward increasing resilience against events like this.

Technology

Technology Ransomware Software Cyber Attacks

Battling Burnout: A Growing Concern for CISOs and Security Professionals

SecureWorld News

JUNE 20, 2024

As defenders of digital assets, Chief Information Security Officers (CISOs) and cybersecurity professionals face immense pressure, often leading to burnout. It also cites the emergence of recent technologies, and the proliferation of criminal groups, as issues increasing pressure on staff.

CISO

CISO Cybersecurity Technology Digital transformation

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

To wrap up our 2024 year-end roundtable, we turn our attention to new technologies and trends that are emerging to help bridge the gaps. FIPS-203 enables legal PQC deployment, prompting CISOs to overhaul encryption strategies. Organizations face rising risks of AI-driven social engineering and personal device breaches.

Risk

Risk Threat Detection Technology Phishing

GUEST ESSAY: The role advanced ‘VM’ is ideally suited to play in combating modern cyber attacks

The Last Watchdog

APRIL 3, 2023

Related: Taking a risk-assessment approach to VM Unlike a typical cyber attack that exploits a software vulnerability, recent cyber attacks exploit other security risks, such as misconfigurations, security deviations, and posture anomalies. But VM vendors tend to focus more on software vulnerabilities and leave out everything else.

Cyber Attacks

Cyber Attacks Risk Software Technology

NEW TECH: CyberGRX seeks to streamline morass of third-party cyber risk assessments

The Last Watchdog

MARCH 14, 2019

So they began inundating their third-party suppliers with “bespoke assessments” – customized cyber risk audits that were time consuming and redundant. Kneip also painted the wider context about why effective third-party cyber risk management is an essential ingredient to baking-in security at a foundational level.

Cyber Risk

Cyber Risk Risk Digital transformation Accountability

Cyber insurer launches InsurSec solution to help SMBs improve security, risk management

CSO Magazine

APRIL 20, 2023

Cyber insurance provider At-Bay has announced the launch of a new InsurSec solution to help small-to-mid sized businesses (SMBs) improve their security and risk management postures through their insurance policy. The emergence of InsurSec technology reflects a cyber insurance landscape that has seen significant change recently.

Cyber Insurance

Cyber Insurance Insurance Risk CISO

LinkedIn Adds Verified Emails, Profile Creation Dates

Krebs on Security

NOVEMBER 4, 2022

LinkedIn also said it is adding a warning to some LinkedIn messages that include high-risk content, or that try to entice the user into taking the conversation to another platform (like WeChat). “These warnings will also give you the choice to report the content without letting the sender know.” A follow-up story on Oct.

Scams

Scams Artificial Intelligence Cryptocurrency Accountability

CISOs: How to improve cybersecurity in an ever-changing threat landscape

CyberSecurity Insiders

MAY 15, 2023

Everybody within an organization should work to establish and maintain good cybersecurity habits and measures, but much of the security burden falls on the chief information security officer (CISO). Below are some key insights for any CISO to take into consideration. Many security fundamentals are classics for a reason.

CISO

CISO Cybersecurity Data breaches Technology

Managing the great return: What CISOs should consider when reopening the office

SC Magazine

MARCH 24, 2021

Ideally, “organizations had crisis management programs activated a year ago,” said Andrew Turner, senior vice president in Booz Allen’s cybersecurity services, bringing together human resources, security teams, technology, and executive management. A second, more nuanced problem relates to technology.

CISO

CISO Technology Wireless Cybercrime

From Compliance to Resilience: Cyber Governance as the Cornerstone of CISO Strategy

SecureWorld News

MAY 2, 2024

The role of a Chief Information Security Officer (CISO) is undeniably complex, yet incredibly rewarding. However, the challenges faced by CISOs are mounting, exacerbated by the evolving threat landscape and regulatory environment. The recent release of NIST's Cybersecurity Framework version 2.0

CISO

CISO Government CSO Artificial Intelligence

Three Risk Mitigation Strategies to Address the Latest Data Security Threats

CyberSecurity Insiders

JUNE 7, 2023

By Dannie Combs , Senior Vice President and CISO, Donnelley Financial Solutions (DFIN) As security threats to data continue to ebb and flow (mostly flow!), Here are three risk mitigation imperatives that can help organizations get a better handle on these latest risks and threats.

Risk

Risk Artificial Intelligence Technology Digital transformation

RSAC insights: How ‘TPRM’ can help shrink security skills gap — while protecting supply chains

The Last Watchdog

JUNE 2, 2022

Third-Party Risk Management ( TPRM ) has been around since the mid-1990s – and has become something of an auditing nightmare. Related: A call to share risk assessments. This is because third-party risk has become a huge problem for enterprises in the digital age. Cyber risks profiling. based CyberGRX.

Cyber Risk

Cyber Risk Risk Digital transformation Insurance

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

The Last Watchdog

DECEMBER 18, 2024

This shift is expected to place significant pressure on organizations that haven’t yet developed trusted data to manage risk effectively. To mitigate risks, businesses will invest in modern, privacy-enhancing technologies (PETs), such as trusted execution environments (TEEs) and fully homomorphic encryption (FHE).

Cybersecurity

Cybersecurity CISO Risk Government

How to manage the security risk of remote working

CyberSecurity Insiders

DECEMBER 20, 2021

Businesses that had never even considered letting their teams work from home were suddenly thrust into a sink or swim environment where they simply had to make it work or risk stalling their operations. The post How to manage the security risk of remote working appeared first on Cybersecurity Insiders.

Risk

Risk Identity Theft Digital transformation Data breaches

Strategic Risk Management for CISOs: A Holistic and Consolidated Approach

Veracode Security

JUNE 26, 2024

As Chief Information Security Officers (CISOs), it's crucial to manage risks in a holistic and consolidated manner as the landscape of threats, particularly those targeting applications, continues to evolve and expand. Here’s what you need to know about a holistic and consolidated approach to risk management for 2024 and beyond.

CISO

CISO Risk Artificial Intelligence Cyber threats

News Alert: Cynomi launches first of its kind directory of virtual CISO providers

The Last Watchdog

JUNE 22, 2023

This extensive list of virtual CISO (vCISO) providers, collated by Cynomi , means that small- and medium-sized businesses (SMBs) can easily tap the expertise of qualified cybersecurity professionals to protect their digital assets and ensure compliance. In this climate, strong cybersecurity measures are crucial.

CISO

CISO Cybersecurity Media Marketing

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

SecureWorld News

JULY 31, 2023

Sam Masiello , CISO, The Anschutz Corporation: "I would expect that many CISOs today are feeling as if their job just got harder and now has a brighter spotlight shining specifically on them. Many CISOs are already burnt out, and there is shortage of qualified CISOs globally. CISOs are expected to be a unicorn already.

CISO

CISO InfoSec Risk Cybersecurity

MY TAKE: COVID-19 cements the leadership role CISOs must take to secure company networks

Black Hat insights: JupiterOne’s whodunnit puts CISOs on the trail of solving a devastating breach

Trending Sources

Best Practices Q&A: Guidance about what directors need to hear from CISOs — from a board member

Why Predator is the ultimate CISO movie

GUEST ESSAY: Could CISOs be on the verge of disproving the ‘security-as-a-cost-center’ fallacy?

IT asset disposal is a security risk CISOs need to take seriously

Best Practices Q&A: The importance of articulating how cybersecurity can be a business enabler

RSAC Fireside Chat: Tightened budgets impose discipline on CISOs, resets security investments

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

A Chief Security Concern for Executive Teams

Today’s CISO Insights – How to Tackle the Quantum Threat

GUEST ESSAY: In pursuit of smarter cybersecurity — to overcome complex risks and grow revenue

CISO Liability Risk and Jail Time, (ISC)2 Bylaw Vote and the Value of Cybersecurity Certifications

GUEST ESSAY: Why the arrests of cyber criminals in 2021 will incentize attackers in 2022

The Top Challenges Faced by CISOs in 2023

New Office of the CISO Paper: Organizing Security for Digital Transformation

Zero Trust and the Failure of Sampling: Two Important Cybersecurity Trends

The Unseen Threats: Anticipating Cybersecurity Risks in 2024

6 risk factors to know when hiring an MSSP

You've Made the Ascent to CISO. Now What?

Introducing our new CISO Advisor, Pam Lindemeon

The strong link between cyber threat intelligence and digital risk protection

International Association of Chiefs of Police (IACP) Appoints CyberSecurity Expert Witness Joseph Steinberg To Computer Crime & Digital Evidence Committee

GUEST ESSAY: The case for network defenders to focus on leading — not lagging — indicators

Economic pressures are increasing cybersecurity risks; a recession would amp them up more

First Directory of Virtual CISO Providers Launched by Cynomi

LW ROUNDTABLE: CrowdStrike outage reveals long road ahead to achieve digital resiliency

Battling Burnout: A Growing Concern for CISOs and Security Professionals

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

GUEST ESSAY: The role advanced ‘VM’ is ideally suited to play in combating modern cyber attacks

NEW TECH: CyberGRX seeks to streamline morass of third-party cyber risk assessments

Cyber insurer launches InsurSec solution to help SMBs improve security, risk management

LinkedIn Adds Verified Emails, Profile Creation Dates

CISOs: How to improve cybersecurity in an ever-changing threat landscape

Managing the great return: What CISOs should consider when reopening the office

From Compliance to Resilience: Cyber Governance as the Cornerstone of CISO Strategy

Three Risk Mitigation Strategies to Address the Latest Data Security Threats

RSAC insights: How ‘TPRM’ can help shrink security skills gap — while protecting supply chains

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

How to manage the security risk of remote working

Strategic Risk Management for CISOs: A Holistic and Consolidated Approach

News Alert: Cynomi launches first of its kind directory of virtual CISO providers

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

Stay Connected