CISO, Risk and Technology - Cyber Security Informer

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Related: Technology and justice systems The U.S. Avaya Holdings , Check Point Software Technologies , and Mimecast Limited each minimized or obscured the extent of security breaches linked to the SolarWinds Orion hack, impacting investor trust and highlighting the critical importance of clear, truthful communication.

CISO

CISO CSO Risk Cyber threats

News alert: Aptori’s AI-driven platform reduces risk, ensures compliance — now on Google Marketplace

The Last Watchdog

MARCH 12, 2025

This new agentic AI solution leverages semantic reasoning to analyze application code and logic in real time, delivering deterministic vulnerability detection, contextual risk prioritization, and automated remediation. Aptoris AI-driven approach goes beyond traditional static analysis. Explore the details at the Aptori AI Security Center.

Risk

Risk Engineering Digital transformation Technology

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

Businesses must adopt tools and automation capable of invoking immediate action, even at the risk of false positives. Raising security baselines across industries is essential, with risk mitigationnot acceptancebecoming the standard. Security teams will need to address the unique risks posed using LLMs in mission critical environments.

Cyber threats

Cyber threats CISO IoT Phishing

MY TAKE: COVID-19 cements the leadership role CISOs must take to secure company networks

The Last Watchdog

MAY 13, 2020

cybersecurity policy needs to match societal values CISOs must preserve and protect their companies in a fast-changing business environment at a time when their organizations are under heavy bombardment. I had the chance to discuss this state of affairs with Vishal Salvi, CISO of Infosys. Salvi “The CISO role has fundamentally changed.

CISO

CISO Cybersecurity Digital transformation Risk

Black Hat insights: JupiterOne’s whodunnit puts CISOs on the trail of solving a devastating breach

The Last Watchdog

AUGUST 6, 2023

Related: A call to regulate facial recognition That said, a few dozen CISOs attending Black Hat USA 2023 will get to experience, hands-on, what it must have been like to be in the crucible of milestone hacks like Capital One, SolarWinds and Colonial Pipeline. San Diego or New York City , feel free to skip ahead.

CISO

CISO Data breaches Technology Hacking

Best Practices Q&A: Guidance about what directors need to hear from CISOs — from a board member

The Last Watchdog

APRIL 8, 2024

CISOs can sometimes be their own worst enemy, especially when it comes to communicating with the board of directors. She serves on the board of several technology companies and also happens to be steeped in cyber risk governance. LW: Why do so many CISOs still not get it that FUD and doom-and-gloom don’t work?

CISO

CISO Risk Cybersecurity Insurance

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

To wrap up our 2024 year-end roundtable, we turn our attention to new technologies and trends that are emerging to help bridge the gaps. FIPS-203 enables legal PQC deployment, prompting CISOs to overhaul encryption strategies. Organizations face rising risks of AI-driven social engineering and personal device breaches.

Risk

Risk Threat Detection Technology Phishing

Why Predator is the ultimate CISO movie

Javvad Malik

OCTOBER 29, 2020

The movie starts on the outskirts of a jungle and the CISO (Arnie) with his team land in their helicopters. This is a perfect metaphor for how a CISO operates in day to day situations. This is a reminder to all security pros that they need to continually keep their skills up to date or risk becoming a dinosaur. Well read on.

CISO

CISO InfoSec Banking Ransomware

Should the CISO Report to the CIO?

Cisco Security

JULY 1, 2021

The Chief Information Security Officer (CISO) is the organization’s senior executive in charge of the cybersecurity and the information technology risk management posture of the enterprise. federal government in particular, the CISO reports to the Chief Information Officer (CIO). In many organizations, and in the U.S.

CISO

CISO Technology Risk Government

GUEST ESSAY: Could CISOs be on the verge of disproving the ‘security-as-a-cost-center’ fallacy?

The Last Watchdog

MARCH 13, 2023

So how will this affect chief information security officers (CISOs) and security programs? Given the perennial skills and staffing shortage in security, it’s unlikely that CISOs will be asked to make deep budget or staffing cuts, yet they may not come out of this period unscathed. Related: Attack surface management takes center stage.

CISO

CISO Insurance Cybersecurity Risk

Shifting from Business Continuity to Continuous Business in Cyber

Jane Frankland

OCTOBER 25, 2024

As ITDMs, CISOs and cyber risk owners this is our dream scenario, and he got me thinking. It’s a subtle shift in focus, and requires a fundamental change in how we, as ITDMs, CISOs and cyber risk owners view and action resilience—not as a one-time project, but as an ongoing programme that provides strategic advantage.

Cyber Risk

Cyber Risk CISO Cyber threats Risk

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

Krebs on Security

JULY 21, 2023

A review of the executives pages published by the 2022 list of Fortune 100 companies found only four — BestBuy , Cigna , Coca-Cola , and Walmart — that listed a Chief Security Officer (CSO) or Chief Information Security Officer (CISO) in their highest corporate ranks. Nor is the average pay hugely different among all these roles.

CSO

CSO CISO Insurance Risk

Secure Communications: Relevant or a Nice to Have?

Jane Frankland

FEBRUARY 7, 2025

But as a CISO or cyber risk owner, it’s not just about locking down sensitive informationits about doing it without slowing down your people. It encompasses everything from ensuring the confidentiality and integrity of information to reducing risks, maintaining compliance, and building trust with customers.

Cyber Risk

Cyber Risk CISO Risk Encryption

News alert: Sweet Security releases its evolutionary Cloud Native Detection and Response platform

The Last Watchdog

DECEMBER 3, 2024

“Sweet Security’s Cloud Native Detection and Response platform has been a game changer for us,” said Shai Sivan, CISO at Kaltura. Founded by the IDF’s former CISO, Sweet’s solution unifies threats insights from cloud applications, workloads and infrastructure. For more information, please visit [link].

CISO

CISO Threat Detection Media Technology

RSAC Fireside Chat: Tightened budgets impose discipline on CISOs, resets security investments

The Last Watchdog

JUNE 20, 2024

CISOs have been on something of a wild roller coaster ride the past few years. Given carte blanche, many CISOs purchased a hodge podge of unproven point solutions, adding to complexity. Today, with purse strings tightened – and cyber risks and compliance pressures mounting — CISOs must recalibrate.

CISO

CISO Marketing Cyber Risk Cybersecurity

SEC Fines Four Companies $7M for Misleading Cybersecurity Disclosures

SecureWorld News

OCTOBER 23, 2024

Check Point Software Technologies Ltd., The SEC charged the companies with "materially misleading disclosures regarding cybersecurity risks and intrusions." The SEC further noted that Unisys lacked proper internal controls to ensure accurate and timely reporting of such high-risk incidents. Check Point Software Technologies Ltd.

Cybersecurity

Cybersecurity Risk Hacking Software

A Chief Security Concern for Executive Teams

Krebs on Security

DECEMBER 18, 2018

Even among top tech firms, less than half list a chief technology officer (CTO). KrebsOnSecurity reviewed the Web sites for the global top 100 companies by market value, and found just five percent of top 100 firms listed a chief information security officer (CISO) or chief security officer (CSO). ” EXHIBIT A: EQUIFAX.

CSO

CSO CISO Marketing Banking

Best Practices Q&A: The importance of articulating how cybersecurity can be a business enabler

The Last Watchdog

APRIL 1, 2024

The technology and best practices for treating cybersecurity as a business enabler, instead of an onerous cost-center, have long been readily available. These key capabilities fall under the four competencies of oversight, process risk management, technology risk management, and human risk management.

Cybersecurity

Cybersecurity CISO B2B Risk

The Risk-Conscious, Security-Aware Culture: The Forgotten Critical Security Control

Cisco Security

JULY 12, 2021

Chief Information Security Officers (CISOs) across the Global 2000 and Fortune 1000 are obsessed with protecting the workforce endpoints as critical vulnerabilities in the cybersecurity and risk management posture of their enterprises. Should a risk-conscious, security-aware culture be considered a critical security control?

Security Awareness

Security Awareness Risk CISO Cybersecurity

Today’s CISO Insights – How to Tackle the Quantum Threat

CyberSecurity Insiders

MAY 3, 2023

As you may have noticed, daily headlines around quantum computing and its impact on technologies are becoming commonplace. This is why CISOs everywhere should be concerned. CISOs should begin to familiarize themselves with these and evaluate their potential suitability for adoption.

CISO

CISO Identity Theft Encryption Social Engineering

GUEST ESSAY: In pursuit of smarter cybersecurity — to overcome complex risks and grow revenue

The Last Watchdog

JANUARY 8, 2023

Smarter security to me broadly refers to relentlessly focusing on fundamentals while maturing the program, making sure your risk posture aligns with your business strategy. Business initiatives demand faster, more efficient outcomes and technology responds. Complexity challenge. Managed solutions can help.

Risk

Risk Cybersecurity Technology CISO

Introducing our new CISO Advisor, Pam Lindemeon

Cisco Security

AUGUST 3, 2021

I’m delighted to announce the latest member of our growing CISO Advisor team, Pam Lindemeon. At Anthem Pam was considered a bold and strategic thinker who envisioned and delivered a world class Enterprise Information Security strategy, including leading the Steering Committee with cross functional business and technology membership.

CISO

CISO Technology Information Security Cybersecurity

You've Made the Ascent to CISO. Now What?

SecureWorld News

JANUARY 3, 2025

And now, you finally got that call, to be a CISO at an organization. Can you balance the needs of the business, versus the risks they face? Before diving into security strategies, CISOs need to invest time in understanding the organization's culture, strategic roadmaps, operational dynamics, industry, and so forth.

CISO

CISO Risk Technology Cybersecurity

From Compliance to Resilience: Cyber Governance as the Cornerstone of CISO Strategy

SecureWorld News

MAY 2, 2024

The role of a Chief Information Security Officer (CISO) is undeniably complex, yet incredibly rewarding. However, the challenges faced by CISOs are mounting, exacerbated by the evolving threat landscape and regulatory environment. The recent release of NIST's Cybersecurity Framework version 2.0

CISO

CISO Government CSO Artificial Intelligence

GUEST ESSAY: Why the arrests of cyber criminals in 2021 will incentize attackers in 2022

The Last Watchdog

DECEMBER 16, 2021

After all, a malicious actor only needs a few minutes of time with a privileged account to take over the entire directory, and there are volumes of exploitable identity risks at every organization. The ascendency of CISOs. In 2022 we expect to see organizations increasingly moving identity management systems into the CISO organization.

CISO

CISO Ransomware Risk Authentication

The Top Challenges Faced by CISOs in 2023

CyberSecurity Insiders

APRIL 11, 2023

As the world continues to face unprecedented cyber threats, Chief Information Security Officers (CISOs) are facing a growing number of challenges in their roles. In 2023, these challenges are likely to increase, and CISOs will have to be well-equipped to overcome them. Failure to do so can result in hefty fines and penalties.

CISO

CISO Data privacy Cyber threats Technology

New Office of the CISO Paper: Organizing Security for Digital Transformation

Anton on Security

SEPTEMBER 13, 2024

The OOT (Organization, Operations, Technology) Approach: The guide advocates for prioritizing organizational and operational changes before finalizing technology decisions. This may challenge the conventional approach in traditional organizations where technology choices often precede organizational adaptation.

Digital transformation

Digital transformation CISO Technology Cybersecurity

Battling Burnout: A Growing Concern for CISOs and Security Professionals

SecureWorld News

JUNE 20, 2024

As defenders of digital assets, Chief Information Security Officers (CISOs) and cybersecurity professionals face immense pressure, often leading to burnout. It also cites the emergence of recent technologies, and the proliferation of criminal groups, as issues increasing pressure on staff.

CISO

CISO Cybersecurity Technology Digital transformation

News alert: Sweet Security rolls out its advanced runtime detection and response platform for AWS

The Last Watchdog

NOVEMBER 11, 2024

Vulnerability management enriched with runtime insights, reducing CVEs by 99% and putting only the critical risks in front of security personnel. Founded by the IDF’s former CISO, Sweet’s solution focuses on the relationships between cloud infrastructure, workloads and applications , as well as network, and identity components.

Threat Detection

Threat Detection CISO Technology Risk

Zero Trust and the Failure of Sampling: Two Important Cybersecurity Trends

Joseph Steinberg

JUNE 10, 2022

Many of Gillis’s comments echoed those that I have heard in recent months from CISOs and others within the cybersecurity industry who witness developments from various vantage points quite different from those of a vendor of cybersecurity technologies. Sampling No Longer Works.

Cybersecurity

Cybersecurity Artificial Intelligence CISO Wireless

6 risk factors to know when hiring an MSSP

CSO Magazine

AUGUST 13, 2021

With enterprise adoption of managed security services gradually maturing, the rewards and risks of using these services have become a lot clearer for current and potential customers. Keep up with 8 hot cyber security trends (and 4 going cold). Sign up for CSO newsletters. ].

Risk

Risk CSO CISO Technology

The CISO’s Midset for 2025: Outcomes, Automation, and Leadership

Lenny Zeltser

FEBRUARY 10, 2025

As the year 2025 rushes forward, the responsibilities of CISOs are continuing to evolve. We increasingly recognize the importance of not just identifying risks but actively addressing them through direct action and influence. To remain relevant, we must continue to stay on top of emerging technologies, such as AI and automation.

CISO

CISO Technology Risk Data breaches

Federal Contractor Cybersecurity Vulnerability Reduction Act Passes in U.S. House

SecureWorld News

MARCH 6, 2025

National Institute of Standards and Technology (NIST) guidelines. VDP guidelines are based on NIST SP 800-216 to help manage risk related to reporting security vulnerabilities in software and information systems owned or utilized by the federal government," Dunham said.

Cybersecurity

Cybersecurity Government Marketing Cyber threats

The strong link between cyber threat intelligence and digital risk protection

CSO Magazine

APRIL 21, 2023

In fact, these changes have led to a CTI subcategory focused on digital risk protection. DRP is broadly defined as, “telemetry, analysis, processes, and technologies used to identify and mitigate risks associated with digital assets.” CISOs are investing here but challenges remain. I’ve also dug into the CTI lifecycle.

Cyber threats

Cyber threats Risk Digital transformation CISO

International Association of Chiefs of Police (IACP) Appoints CyberSecurity Expert Witness Joseph Steinberg To Computer Crime & Digital Evidence Committee

Joseph Steinberg

DECEMBER 11, 2023

The IACP is the publisher of The Police Chief magazine, the leading periodical for law enforcement executives, and the host of the IACP Annual Conference, the largest police educational and technology exposition in the world. The IACP is a not-for-profit 501c(3) organization, and is headquartered in Alexandria, Virginia. patent filings.

Cybersecurity

Cybersecurity Artificial Intelligence CISO Technology

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

SecureWorld News

DECEMBER 12, 2024

Thankfully, customers can still visit physical stores to purchase their favorite treats, but the incident reminds us of our operational reliance on interconnected technologies. To mitigate such risks, organizations must adopt proactive measures. Cybersecurity experts often ask critical questions: "What is our attack surface?"

Password Management

Password Management Passwords CISO Cybersecurity

The Unseen Threats: Anticipating Cybersecurity Risks in 2024

Security Boulevard

JANUARY 18, 2024

Cybersecurity risks increase every year and bludgeon victims who fail to prepare properly. For those interested in a better understanding of the oncoming risks, this is the information you are looking for. It can feel like crossing a major highway while blindfolded. Many never see the catastrophe about to happen, until it occurs.

Risk

Risk Cybersecurity CISO Technology

First Directory of Virtual CISO Providers Launched by Cynomi

CyberSecurity Insiders

JUNE 22, 2023

This extensive list of virtual CISO (vCISO) providers, collated by Cynomi , means that small- and medium-sized businesses (SMBs) can easily tap the expertise of qualified cybersecurity professionals to protect their digital assets and ensure compliance. In this climate, strong cybersecurity measures are crucial.

CISO

CISO Cybersecurity Technology Information Security

GUEST ESSAY: The case for network defenders to focus on leading — not lagging — indicators

The Last Watchdog

JANUARY 17, 2022

Minimum adherence to security requirements policy, based on an application’s inherent risk profile, can lead to reduction in risk vulnerabilities. Accountability for software security often falls under the Chief Information Security Officer (CISO). Like other major changes, it’s important to set realistic expectations.

CISO

CISO Software B2B Marketing

Economic pressures are increasing cybersecurity risks; a recession would amp them up more

CSO Magazine

FEBRUARY 28, 2023

CISOs have never had an easy time — they’ve certainly faced inordinate challenges in recent years working to secure an ever-expanding and more distributed technology and data landscape. Even if one doesn’t hit anytime soon, economic volatility, more cautious corporate spending plans, and employee layoffs are already in play.

Risk

Risk CISO Cybersecurity Technology

LinkedIn Adds Verified Emails, Profile Creation Dates

Krebs on Security

NOVEMBER 4, 2022

LinkedIn also said it is adding a warning to some LinkedIn messages that include high-risk content, or that try to entice the user into taking the conversation to another platform (like WeChat). “These warnings will also give you the choice to report the content without letting the sender know.” A follow-up story on Oct.

Scams

Scams Artificial Intelligence Cryptocurrency Accountability

Wells Notice Against SolarWinds CISO Could Be First of Its Kind

SecureWorld News

JUNE 26, 2023

In a LinkedIn post today, June 26th, Jamil Farshchi, EVP and CISO at Equifax, had this to say about the news: "This is a really big deal. It's unprecedented: this is likely the first time a CISO has ever received one of these. So it seems odd for a CISO to get one of these," he wrote. federal securities laws."

CISO

CISO CSO Data privacy Cyber Risk

GUEST ESSAY: The role advanced ‘VM’ is ideally suited to play in combating modern cyber attacks

The Last Watchdog

APRIL 3, 2023

Related: Taking a risk-assessment approach to VM Unlike a typical cyber attack that exploits a software vulnerability, recent cyber attacks exploit other security risks, such as misconfigurations, security deviations, and posture anomalies. But VM vendors tend to focus more on software vulnerabilities and leave out everything else.

Cyber Attacks

Cyber Attacks Risk Software Technology

Cross-post: Office of the CISO 2024 Year in Review: AI Trust and Security

Anton on Security

JANUARY 28, 2025

Gen AI Security Fundamentals Gen AI demystified: Understanding gen AI types and theirrisks In todays rapidly evolving technological landscape, gen AI presents both opportunities and security challenges for business leaders. A recap of our key blogs, papers and podcasts on AI security in 2024follows.

CISO

CISO Risk Government Artificial Intelligence

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

News alert: Aptori’s AI-driven platform reduces risk, ensures compliance — now on Google Marketplace

Trending Sources

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

MY TAKE: COVID-19 cements the leadership role CISOs must take to secure company networks

Black Hat insights: JupiterOne’s whodunnit puts CISOs on the trail of solving a devastating breach

Best Practices Q&A: Guidance about what directors need to hear from CISOs — from a board member

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

Why Predator is the ultimate CISO movie

Should the CISO Report to the CIO?

GUEST ESSAY: Could CISOs be on the verge of disproving the ‘security-as-a-cost-center’ fallacy?

Shifting from Business Continuity to Continuous Business in Cyber

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

Secure Communications: Relevant or a Nice to Have?

News alert: Sweet Security releases its evolutionary Cloud Native Detection and Response platform

RSAC Fireside Chat: Tightened budgets impose discipline on CISOs, resets security investments

SEC Fines Four Companies $7M for Misleading Cybersecurity Disclosures

A Chief Security Concern for Executive Teams

Best Practices Q&A: The importance of articulating how cybersecurity can be a business enabler

The Risk-Conscious, Security-Aware Culture: The Forgotten Critical Security Control

Today’s CISO Insights – How to Tackle the Quantum Threat

GUEST ESSAY: In pursuit of smarter cybersecurity — to overcome complex risks and grow revenue

Introducing our new CISO Advisor, Pam Lindemeon

You've Made the Ascent to CISO. Now What?

From Compliance to Resilience: Cyber Governance as the Cornerstone of CISO Strategy

GUEST ESSAY: Why the arrests of cyber criminals in 2021 will incentize attackers in 2022

The Top Challenges Faced by CISOs in 2023

New Office of the CISO Paper: Organizing Security for Digital Transformation

Battling Burnout: A Growing Concern for CISOs and Security Professionals

News alert: Sweet Security rolls out its advanced runtime detection and response platform for AWS

Zero Trust and the Failure of Sampling: Two Important Cybersecurity Trends

6 risk factors to know when hiring an MSSP

The CISO’s Midset for 2025: Outcomes, Automation, and Leadership

Federal Contractor Cybersecurity Vulnerability Reduction Act Passes in U.S. House

The strong link between cyber threat intelligence and digital risk protection

International Association of Chiefs of Police (IACP) Appoints CyberSecurity Expert Witness Joseph Steinberg To Computer Crime & Digital Evidence Committee

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

The Unseen Threats: Anticipating Cybersecurity Risks in 2024

First Directory of Virtual CISO Providers Launched by Cynomi

GUEST ESSAY: The case for network defenders to focus on leading — not lagging — indicators

Economic pressures are increasing cybersecurity risks; a recession would amp them up more

LinkedIn Adds Verified Emails, Profile Creation Dates

Wells Notice Against SolarWinds CISO Could Be First of Its Kind

GUEST ESSAY: The role advanced ‘VM’ is ideally suited to play in combating modern cyber attacks

Cross-post: Office of the CISO 2024 Year in Review: AI Trust and Security

Stay Connected