CISO, Risk and Technology - Cyber Security Informer

Author’s Q&A: It’s high time for CISOs to start leading strategically — or risk being scapegoated

The Last Watchdog

MAY 13, 2025

Related: How real people are really using GenAI Todays Chief Information Security Officers (CISOs) operate in a pressure cooker: responsible for protecting critical assets, expected to show up in the boardroom with fluency, yet rarely granted the authority, resources or organizational alignment to succeed. Its not a people problem.

CISO

CISO Risk Cybersecurity Government

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Related: Technology and justice systems The U.S. Avaya Holdings , Check Point Software Technologies , and Mimecast Limited each minimized or obscured the extent of security breaches linked to the SolarWinds Orion hack, impacting investor trust and highlighting the critical importance of clear, truthful communication.

CISO

CISO CSO Risk Cyber threats

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

Businesses must adopt tools and automation capable of invoking immediate action, even at the risk of false positives. Raising security baselines across industries is essential, with risk mitigationnot acceptancebecoming the standard. Security teams will need to address the unique risks posed using LLMs in mission critical environments.

Cyber threats

Cyber threats CISO IoT Phishing

MY TAKE: COVID-19 cements the leadership role CISOs must take to secure company networks

The Last Watchdog

MAY 13, 2020

cybersecurity policy needs to match societal values CISOs must preserve and protect their companies in a fast-changing business environment at a time when their organizations are under heavy bombardment. I had the chance to discuss this state of affairs with Vishal Salvi, CISO of Infosys. Salvi “The CISO role has fundamentally changed.

CISO

CISO Cybersecurity Digital transformation Risk

News alert: Aptori’s AI-driven platform reduces risk, ensures compliance — now on Google Marketplace

The Last Watchdog

MARCH 12, 2025

This new agentic AI solution leverages semantic reasoning to analyze application code and logic in real time, delivering deterministic vulnerability detection, contextual risk prioritization, and automated remediation. Aptoris AI-driven approach goes beyond traditional static analysis. Explore the details at the Aptori AI Security Center.

Risk

Risk Engineering Digital transformation Technology

What Rebels Teach us About Stronger Cyber Defence

Jane Frankland

APRIL 25, 2025

But if we switch our focus to the world of technology, we seei a starkly different picturea landscape increasingly shaped by control, compliance, and automation. The rapid advancement of technology, particularly in AI and automation, is transforming the way we interact with the digital world.

Technology

Technology Cyber threats Risk Cybersecurity

Black Hat insights: JupiterOne’s whodunnit puts CISOs on the trail of solving a devastating breach

The Last Watchdog

AUGUST 6, 2023

Related: A call to regulate facial recognition That said, a few dozen CISOs attending Black Hat USA 2023 will get to experience, hands-on, what it must have been like to be in the crucible of milestone hacks like Capital One, SolarWinds and Colonial Pipeline. San Diego or New York City , feel free to skip ahead.

CISO

CISO Data breaches Technology Hacking

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

To wrap up our 2024 year-end roundtable, we turn our attention to new technologies and trends that are emerging to help bridge the gaps. FIPS-203 enables legal PQC deployment, prompting CISOs to overhaul encryption strategies. Organizations face rising risks of AI-driven social engineering and personal device breaches.

Risk

Risk Threat Detection Technology Phishing

Why Predator is the ultimate CISO movie

Javvad Malik

OCTOBER 29, 2020

The movie starts on the outskirts of a jungle and the CISO (Arnie) with his team land in their helicopters. This is a perfect metaphor for how a CISO operates in day to day situations. This is a reminder to all security pros that they need to continually keep their skills up to date or risk becoming a dinosaur. Well read on.

CISO

CISO InfoSec Banking Ransomware

Best Practices Q&A: Guidance about what directors need to hear from CISOs — from a board member

The Last Watchdog

APRIL 8, 2024

CISOs can sometimes be their own worst enemy, especially when it comes to communicating with the board of directors. She serves on the board of several technology companies and also happens to be steeped in cyber risk governance. LW: Why do so many CISOs still not get it that FUD and doom-and-gloom don’t work?

CISO

CISO Risk Cybersecurity Insurance

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

The Last Watchdog

DECEMBER 18, 2024

This shift is expected to place significant pressure on organizations that haven’t yet developed trusted data to manage risk effectively. To mitigate risks, businesses will invest in modern, privacy-enhancing technologies (PETs), such as trusted execution environments (TEEs) and fully homomorphic encryption (FHE).

Cybersecurity

Cybersecurity CISO Risk Government

The Biggest Cybersecurity Risk We're Ignoring—And No, It's Not AI

SecureWorld News

FEBRUARY 28, 2025

But amidst all these flashy, futuristic threats, the biggest cybersecurity risk remains the same as it's always beenhumans. What if we thought like a psychologist, not just a CISO? And I'm not talking about the shadowy hackers in hoodies. I'm talking about your employees, your executives, even you. The solution?

Cybersecurity

Cybersecurity Risk Social Engineering Phishing

Should the CISO Report to the CIO?

Cisco Security

JULY 1, 2021

The Chief Information Security Officer (CISO) is the organization’s senior executive in charge of the cybersecurity and the information technology risk management posture of the enterprise. federal government in particular, the CISO reports to the Chief Information Officer (CIO). In many organizations, and in the U.S.

CISO

CISO Technology Risk Government

GUEST ESSAY: Could CISOs be on the verge of disproving the ‘security-as-a-cost-center’ fallacy?

The Last Watchdog

MARCH 13, 2023

So how will this affect chief information security officers (CISOs) and security programs? Given the perennial skills and staffing shortage in security, it’s unlikely that CISOs will be asked to make deep budget or staffing cuts, yet they may not come out of this period unscathed. Related: Attack surface management takes center stage.

CISO

CISO Insurance Cybersecurity Risk

What Maslow’s Hierarchy of Needs Reveals About Cybersecurity Flaws

Jane Frankland

APRIL 18, 2025

Organisations invest heavily in governance, risk, and compliance (GRC) and risk management efforts while neglecting foundational elements like leadership and culture. Without these foundations, all the technology in the world wont secure your organisation. However, technology alone cannot solve the security puzzle.

Cybersecurity

Cybersecurity Technology Risk Security Awareness

MY TAKE: RSAC 2025 – Conversing with vendors hanging out in the Marriott Marquis mezzanine

The Last Watchdog

MAY 1, 2025

Alcavio: AI-powered deception Anand Akela of Alcavio Technologies offered a provocative take: Deception technology is the only way to detect threats that no one has seen before zero days generated on the fly by LLMs. Thats preemptive defense, Akela says an approach born for the GenAI era. Approovs solution?

Mobile

Mobile Government CISO Technology

Healthcare Cybersecurity Market Soars: Key Trends and Insights

SecureWorld News

MAY 2, 2025

This surge is driven by a convergence of factorsfrom a spike in ransom ware attacks to the digital transformation of healthcarethat CISOs and healthcare executives must understand and act upon. Breaches can disrupt care delivery and put lives at risk, not to mention lead to hefty compliance fines.

Healthcare

Healthcare Marketing Cybersecurity CISO

Shifting from Business Continuity to Continuous Business in Cyber

Jane Frankland

OCTOBER 25, 2024

As ITDMs, CISOs and cyber risk owners this is our dream scenario, and he got me thinking. It’s a subtle shift in focus, and requires a fundamental change in how we, as ITDMs, CISOs and cyber risk owners view and action resilience—not as a one-time project, but as an ongoing programme that provides strategic advantage.

Cyber Risk

Cyber Risk CISO Cyber threats Risk

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

Krebs on Security

JULY 21, 2023

A review of the executives pages published by the 2022 list of Fortune 100 companies found only four — BestBuy , Cigna , Coca-Cola , and Walmart — that listed a Chief Security Officer (CSO) or Chief Information Security Officer (CISO) in their highest corporate ranks. Nor is the average pay hugely different among all these roles.

CSO

CSO CISO Insurance Risk

Top 9 Trends In Cybersecurity Careers for 2025

eSecurity Planet

OCTOBER 18, 2024

Technologies that were figments of the imagination a dozen years ago, if they were conceived of at all, quickly become mainstream — think generative artificial intelligence (GenAI) or blockchain. Chief Information Security Officer (CISO) As Chief Information Security Officer, you’ve arrived at the C-Suite.

Cybersecurity

Cybersecurity Artificial Intelligence Penetration Testing CISO

Secure Communications: Relevant or a Nice to Have?

Jane Frankland

FEBRUARY 7, 2025

But as a CISO or cyber risk owner, it’s not just about locking down sensitive informationits about doing it without slowing down your people. It encompasses everything from ensuring the confidentiality and integrity of information to reducing risks, maintaining compliance, and building trust with customers.

Cyber Risk

Cyber Risk CISO Risk Encryption

News alert: Sweet Security releases its evolutionary Cloud Native Detection and Response platform

The Last Watchdog

DECEMBER 3, 2024

“Sweet Security’s Cloud Native Detection and Response platform has been a game changer for us,” said Shai Sivan, CISO at Kaltura. Founded by the IDF’s former CISO, Sweet’s solution unifies threats insights from cloud applications, workloads and infrastructure. For more information, please visit [link].

CISO

CISO Threat Detection Media Technology

RSAC Fireside Chat: Tightened budgets impose discipline on CISOs, resets security investments

The Last Watchdog

JUNE 20, 2024

CISOs have been on something of a wild roller coaster ride the past few years. Given carte blanche, many CISOs purchased a hodge podge of unproven point solutions, adding to complexity. Today, with purse strings tightened – and cyber risks and compliance pressures mounting — CISOs must recalibrate.

CISO

CISO Marketing Cyber Risk Cybersecurity

SEC Fines Four Companies $7M for Misleading Cybersecurity Disclosures

SecureWorld News

OCTOBER 23, 2024

Check Point Software Technologies Ltd., The SEC charged the companies with "materially misleading disclosures regarding cybersecurity risks and intrusions." The SEC further noted that Unisys lacked proper internal controls to ensure accurate and timely reporting of such high-risk incidents. Check Point Software Technologies Ltd.

Cybersecurity

Cybersecurity Risk Hacking Software

Best Practices Q&A: The importance of articulating how cybersecurity can be a business enabler

The Last Watchdog

APRIL 1, 2024

The technology and best practices for treating cybersecurity as a business enabler, instead of an onerous cost-center, have long been readily available. These key capabilities fall under the four competencies of oversight, process risk management, technology risk management, and human risk management.

Cybersecurity

Cybersecurity CISO B2B Risk

The Risk-Conscious, Security-Aware Culture: The Forgotten Critical Security Control

Cisco Security

JULY 12, 2021

Chief Information Security Officers (CISOs) across the Global 2000 and Fortune 1000 are obsessed with protecting the workforce endpoints as critical vulnerabilities in the cybersecurity and risk management posture of their enterprises. Should a risk-conscious, security-aware culture be considered a critical security control?

Security Awareness

Security Awareness Risk CISO Cybersecurity

Today’s CISO Insights – How to Tackle the Quantum Threat

CyberSecurity Insiders

MAY 3, 2023

As you may have noticed, daily headlines around quantum computing and its impact on technologies are becoming commonplace. This is why CISOs everywhere should be concerned. CISOs should begin to familiarize themselves with these and evaluate their potential suitability for adoption.

CISO

CISO Identity Theft Encryption Social Engineering

A Chief Security Concern for Executive Teams

Krebs on Security

DECEMBER 18, 2018

Even among top tech firms, less than half list a chief technology officer (CTO). KrebsOnSecurity reviewed the Web sites for the global top 100 companies by market value, and found just five percent of top 100 firms listed a chief information security officer (CISO) or chief security officer (CSO). ” EXHIBIT A: EQUIFAX.

CSO

CSO CISO Marketing Banking

GUEST ESSAY: In pursuit of smarter cybersecurity — to overcome complex risks and grow revenue

The Last Watchdog

JANUARY 8, 2023

Smarter security to me broadly refers to relentlessly focusing on fundamentals while maturing the program, making sure your risk posture aligns with your business strategy. Business initiatives demand faster, more efficient outcomes and technology responds. Complexity challenge. Managed solutions can help.

Risk

Risk Cybersecurity Technology CISO

Introducing our new CISO Advisor, Pam Lindemeon

Cisco Security

AUGUST 3, 2021

I’m delighted to announce the latest member of our growing CISO Advisor team, Pam Lindemeon. At Anthem Pam was considered a bold and strategic thinker who envisioned and delivered a world class Enterprise Information Security strategy, including leading the Steering Committee with cross functional business and technology membership.

CISO

CISO Information Security Technology Cybersecurity

You've Made the Ascent to CISO. Now What?

SecureWorld News

JANUARY 3, 2025

And now, you finally got that call, to be a CISO at an organization. Can you balance the needs of the business, versus the risks they face? Before diving into security strategies, CISOs need to invest time in understanding the organization's culture, strategic roadmaps, operational dynamics, industry, and so forth.

CISO

CISO Risk Technology Cybersecurity

Navigating the SEC’s Cybersecurity Disclosure Rules: One Year On

Security Boulevard

DECEMBER 30, 2024

In this post, we look at the enforcement actions the SEC has taken and what public company CISOs should do to stay in compliance. As part of their fiduciary duties, boards play a key role in the oversight of risks from cybersecurity threats. This pushed C-level executives and boards to adopt measures for compliance and transparency.

Cybersecurity

Cybersecurity Cyber Risk CISO Risk

GUEST ESSAY: Why the arrests of cyber criminals in 2021 will incentize attackers in 2022

The Last Watchdog

DECEMBER 16, 2021

After all, a malicious actor only needs a few minutes of time with a privileged account to take over the entire directory, and there are volumes of exploitable identity risks at every organization. The ascendency of CISOs. In 2022 we expect to see organizations increasingly moving identity management systems into the CISO organization.

CISO

CISO Ransomware Risk Authentication

Cybersecurity Governance: The Road Ahead in an Era of Constant Evolution

SecureWorld News

FEBRUARY 17, 2025

We have moved beyond traditional compliance-driven security models to risk-based approaches, integrating cybersecurity into enterprise risk management (ERM) frameworks. This led to a reactive approach where organizations were more focused on regulatory adherence than on actual security risk management.

Government

Government Cybersecurity Risk CISO

The Top Challenges Faced by CISOs in 2023

CyberSecurity Insiders

APRIL 11, 2023

As the world continues to face unprecedented cyber threats, Chief Information Security Officers (CISOs) are facing a growing number of challenges in their roles. In 2023, these challenges are likely to increase, and CISOs will have to be well-equipped to overcome them. Failure to do so can result in hefty fines and penalties.

CISO

CISO Data privacy Cyber threats Technology

Battling Burnout: A Growing Concern for CISOs and Security Professionals

SecureWorld News

JUNE 20, 2024

As defenders of digital assets, Chief Information Security Officers (CISOs) and cybersecurity professionals face immense pressure, often leading to burnout. It also cites the emergence of recent technologies, and the proliferation of criminal groups, as issues increasing pressure on staff.

CISO

CISO Cybersecurity Technology Digital transformation

New Office of the CISO Paper: Organizing Security for Digital Transformation

Anton on Security

SEPTEMBER 13, 2024

The OOT (Organization, Operations, Technology) Approach: The guide advocates for prioritizing organizational and operational changes before finalizing technology decisions. This may challenge the conventional approach in traditional organizations where technology choices often precede organizational adaptation.

Digital transformation

Digital transformation CISO Technology Cybersecurity

From Compliance to Resilience: Cyber Governance as the Cornerstone of CISO Strategy

SecureWorld News

MAY 2, 2024

The role of a Chief Information Security Officer (CISO) is undeniably complex, yet incredibly rewarding. However, the challenges faced by CISOs are mounting, exacerbated by the evolving threat landscape and regulatory environment. The recent release of NIST's Cybersecurity Framework version 2.0

CISO

CISO Government CSO Artificial Intelligence

News alert: Sweet Security rolls out its advanced runtime detection and response platform for AWS

The Last Watchdog

NOVEMBER 11, 2024

Vulnerability management enriched with runtime insights, reducing CVEs by 99% and putting only the critical risks in front of security personnel. Founded by the IDF’s former CISO, Sweet’s solution focuses on the relationships between cloud infrastructure, workloads and applications , as well as network, and identity components.

Threat Detection

Threat Detection CISO Technology Risk

Verizon's 2025 DBIR: Threats Are Faster, Smarter, and More Personal

SecureWorld News

APRIL 23, 2025

Manufacturing: IP theft and ransomware are top risks; OT/ICS systems still lag in basic controls. The 2025 DBIR is a call to arms for CISOs and security leaders to rethink how they detect, respond to, and recover from breaches. Your response must be equally fast." These tools can also be used to automatically generate resulting SBOMs.

Ransomware

Ransomware CISO Backups Risk

6 risk factors to know when hiring an MSSP

CSO Magazine

AUGUST 13, 2021

With enterprise adoption of managed security services gradually maturing, the rewards and risks of using these services have become a lot clearer for current and potential customers. Keep up with 8 hot cyber security trends (and 4 going cold). Sign up for CSO newsletters. ].

Risk

Risk CSO CISO Technology

Zero Trust and the Failure of Sampling: Two Important Cybersecurity Trends

Joseph Steinberg

JUNE 10, 2022

Many of Gillis’s comments echoed those that I have heard in recent months from CISOs and others within the cybersecurity industry who witness developments from various vantage points quite different from those of a vendor of cybersecurity technologies. Sampling No Longer Works.

Cybersecurity

Cybersecurity Artificial Intelligence CISO Wireless

The CISO’s Midset for 2025: Outcomes, Automation, and Leadership

Lenny Zeltser

FEBRUARY 10, 2025

As the year 2025 rushes forward, the responsibilities of CISOs are continuing to evolve. We increasingly recognize the importance of not just identifying risks but actively addressing them through direct action and influence. To remain relevant, we must continue to stay on top of emerging technologies, such as AI and automation.

CISO

CISO Technology Risk Data breaches

The strong link between cyber threat intelligence and digital risk protection

CSO Magazine

APRIL 21, 2023

In fact, these changes have led to a CTI subcategory focused on digital risk protection. DRP is broadly defined as, “telemetry, analysis, processes, and technologies used to identify and mitigate risks associated with digital assets.” CISOs are investing here but challenges remain. I’ve also dug into the CTI lifecycle.

Cyber threats

Cyber threats Risk Digital transformation CISO

Author’s Q&A: It’s high time for CISOs to start leading strategically — or risk being scapegoated

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

Trending Sources

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

MY TAKE: COVID-19 cements the leadership role CISOs must take to secure company networks

News alert: Aptori’s AI-driven platform reduces risk, ensures compliance — now on Google Marketplace

What Rebels Teach us About Stronger Cyber Defence

Black Hat insights: JupiterOne’s whodunnit puts CISOs on the trail of solving a devastating breach

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

Why Predator is the ultimate CISO movie

Best Practices Q&A: Guidance about what directors need to hear from CISOs — from a board member

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

The Biggest Cybersecurity Risk We're Ignoring—And No, It's Not AI

Should the CISO Report to the CIO?

GUEST ESSAY: Could CISOs be on the verge of disproving the ‘security-as-a-cost-center’ fallacy?

What Maslow’s Hierarchy of Needs Reveals About Cybersecurity Flaws

MY TAKE: RSAC 2025 – Conversing with vendors hanging out in the Marriott Marquis mezzanine

Healthcare Cybersecurity Market Soars: Key Trends and Insights

Shifting from Business Continuity to Continuous Business in Cyber

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

Top 9 Trends In Cybersecurity Careers for 2025

Secure Communications: Relevant or a Nice to Have?

News alert: Sweet Security releases its evolutionary Cloud Native Detection and Response platform

RSAC Fireside Chat: Tightened budgets impose discipline on CISOs, resets security investments

SEC Fines Four Companies $7M for Misleading Cybersecurity Disclosures

Best Practices Q&A: The importance of articulating how cybersecurity can be a business enabler

The Risk-Conscious, Security-Aware Culture: The Forgotten Critical Security Control

Today’s CISO Insights – How to Tackle the Quantum Threat

A Chief Security Concern for Executive Teams

GUEST ESSAY: In pursuit of smarter cybersecurity — to overcome complex risks and grow revenue

Introducing our new CISO Advisor, Pam Lindemeon

You've Made the Ascent to CISO. Now What?

Navigating the SEC’s Cybersecurity Disclosure Rules: One Year On

GUEST ESSAY: Why the arrests of cyber criminals in 2021 will incentize attackers in 2022

Cybersecurity Governance: The Road Ahead in an Era of Constant Evolution

The Top Challenges Faced by CISOs in 2023

Battling Burnout: A Growing Concern for CISOs and Security Professionals

New Office of the CISO Paper: Organizing Security for Digital Transformation

From Compliance to Resilience: Cyber Governance as the Cornerstone of CISO Strategy

News alert: Sweet Security rolls out its advanced runtime detection and response platform for AWS

Verizon's 2025 DBIR: Threats Are Faster, Smarter, and More Personal

6 risk factors to know when hiring an MSSP

Zero Trust and the Failure of Sampling: Two Important Cybersecurity Trends

The CISO’s Midset for 2025: Outcomes, Automation, and Leadership

The strong link between cyber threat intelligence and digital risk protection

Stay Connected