CSO and Risk - Cyber Security Informer

Report finds women are declining CISO/CSO roles

Tech Republic Security

SEPTEMBER 30, 2022

Professional risk factors into career decisions, and successful women need to encourage other women to accept the risks, says Accenture. The post Report finds women are declining CISO/CSO roles appeared first on TechRepublic.

CSO

CSO CISO Risk Cybersecurity

A Chief Security Concern for Executive Teams

Krebs on Security

DECEMBER 18, 2018

KrebsOnSecurity reviewed the Web sites for the global top 100 companies by market value, and found just five percent of top 100 firms listed a chief information security officer (CISO) or chief security officer (CSO). Not that these roles are somehow more or less important than that of a CISO/CSO within the organization.

CSO

CSO CISO Marketing Banking

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

Krebs on Security

JULY 21, 2023

A review of the executives pages published by the 2022 list of Fortune 100 companies found only four — BestBuy , Cigna , Coca-Cola , and Walmart — that listed a Chief Security Officer (CSO) or Chief Information Security Officer (CISO) in their highest corporate ranks. Nor is the average pay hugely different among all these roles.

CSO

CSO CISO Insurance Risk

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

The Last Watchdog

MAY 5, 2022

Let’s walk through some practical steps organizations can take today, implementing zero trust and remote access strategies to help reduce ransomware risks: •Obvious, but difficult – get end users to stop clicking unknown links and visiting random websites that they know little about, an educational challenge. Best practices.

Ransomware

Ransomware Risk Internet Internet

Security teams report rise in cyber risk

CSO Magazine

AUGUST 18, 2021

If you are like 80% of respondents to the Trend Micro’s biannual Cyber Risk Index (CRI) report, you expect to experience a data breach that compromises customer data in the next 12 months. Learn the 7 keys to better risk assessment. | Get the latest from CSO by signing up for our newsletters. ].

Cyber Risk

Cyber Risk Risk CSO Data breaches

CSO Global Intelligence Report: The State of Cybersecurity in 2021

CSO Magazine

JULY 30, 2021

Any lingering indifference to cybersecurity risk has evaporated in the face of spiking ransomware attacks, software supply chain threats , and the challenges of securing remote workers. That’s the clear message of CSO’s Global Intelligence Report: The State of Cybersecurity in 2021, fielded via online survey in May and June of this year.

CSO

CSO Cybersecurity Ransomware Software

6 risk factors to know when hiring an MSSP

CSO Magazine

AUGUST 13, 2021

With enterprise adoption of managed security services gradually maturing, the rewards and risks of using these services have become a lot clearer for current and potential customers. Sign up for CSO newsletters. ]. Keep up with 8 hot cyber security trends (and 4 going cold). Keep up with 8 hot cyber security trends (and 4 going cold).

Risk

Risk CSO CISO Technology

Amazon Sidewalk highlights network security visibility risks consumer services pose

CSO Magazine

AUGUST 17, 2021

New research from security firm Cato Networks has highlighted potential security risks surrounding the use of Amazon sidewalk and other consumer-grade services that connect to corporate networks due to a lack of visibility. Get the latest from CSO by signing up for our newsletters. ] To read this article in full, please click here

Consumer Services

Consumer Services Network Security Risk CSO

Unpatched Exchange Servers an overlooked risk

CSO Magazine

SEPTEMBER 1, 2021

Get the latest from CSO by signing up for our newsletters. ] The two bad practices are: Use of unsupported (or end-of-life) software. Use of known/fixed/default passwords and credentials. Learn the must-have features in a modern network security architecture. | To read this article in full, please click here

CSO

CSO Risk Architecture Passwords

Insider risk management: Where your program resides shapes its focus

CSO Magazine

MAY 29, 2023

Today we call programs that help prevent or identify breaches of trust insider risk management (IRM). In 2019, a CSO article raised the question “ Insider risk management — who’s the boss ?” and examined where the buck should stop in terms of taking responsibility for threats from within.

Risk

Risk CSO Government

DISA Breach Highlights Need for Stronger Oversight: AppOmni CSO

Security Boulevard

FEBRUARY 26, 2025

million people was exposed in a data breach lasts year, prompting AppOmni CSO Cory Michal to say that data collection companies like DISA and National Public Data need more oversight, regulations, and penalties. The post DISA Breach Highlights Need for Stronger Oversight: AppOmni CSO appeared first on Security Boulevard.

CSO

CSO Data collection Data breaches Social Engineering

Strategic risk analysis is key to ensure customer trust in product, customer-facing app security

CSO Magazine

APRIL 5, 2023

In many organizations they also focus on securing products and public-facing applications, and one way to do this well is through risk assessment. From the start, you've got things you’re committed to such as requirements in customer contracts and regulatory requirements and you have to work within those parameters.

Risk

Risk CSO CISO Cybersecurity

Chris Wysopal: Open source is becoming a national security risk

CSO Magazine

MAY 25, 2022

Chris Wysopal, founder and chief technology officer of application security company Veracode, sat down with CSO Senior Writer Lucian Constantin at a recent Security Summit to discuss just that.

CSO

CSO Risk Software Government

Enterprises report rise in risk events, yet risk management lags

CSO Magazine

MAY 19, 2022

Enterprises around the world are being barraged by risk events, according to a report released Wednesday by Forrester. Risk events, incidents and disruptions have become so frequent that the increased level of risk is the “new normal,” Forrester reported.

Risk

Cloud computing concentration and systemic risk

Security Boulevard

MAY 21, 2022

The post Cloud computing concentration and systemic risk appeared first on Security Boulevard. I came across an interesting blog post over at Finextra which got me thinking about a topic that has been in the back of my.

Risk

Risk CSO

How attackers could exploit breached T-Mobile user data

CSO Magazine

AUGUST 23, 2021

The exposed details differed across different types of customers, so the level of risk users are exposed to varies. Related: The T-Mobile data breach: A timeline | Get the latest from CSO by signing up for our newsletters. ] These include SMS/text-based phishing, SIM swapping and unauthorized number porting.

Mobile

Mobile CSO Data breaches Phishing

Why you need a SaaS governance plan, and what should be in it

CSO Magazine

AUGUST 17, 2021

They must also consider a SaaS governance plan that implements security measures to reduce risk associated with their SaaS usage. That plan includes a combination of compliance frameworks, documentation/due diligence and technical measures for ongoing monitoring and risk reduction. Follow these 5 tips for better cloud security. |

Government

Government CSO Risk

4 lessons from recent Microsoft Azure cloud vulnerabilities

CSO Magazine

SEPTEMBER 29, 2021

Both are subject to similar risks and vulnerabilities, and the cloud can sometimes be more complicated than on-premises because of our unfamiliarity with deployment and patching. Get the latest from CSO by signing up for our newsletters. ]. Recent events have brought cloud risks into focus.

CSO

CSO Risk

9 notable government cybersecurity initiatives of 2021

CSO Magazine

SEPTEMBER 2, 2021

“Government-led cybersecurity initiatives are critical to addressing cybersecurity issues such as destructive attacks, massive data breaches, poor security posture, and attacks on critical infrastructure,” Steve Turner, security and risk analyst at Forrester, tells CSO.

Government

Government Cybersecurity CSO Data breaches

Real-time is where the cybersecurity risk is

CSO Magazine

APRIL 5, 2022

I don’t know how many times I’ve heard cybersecurity professionals say something like, “Not having multi-factor authentication is a huge risk for our organization.” The real risk is the probability of a ransomware incident, for example, or the leak of personally identifiable information (PII) from a customer database.

Risk

Risk Cybersecurity Authentication Ransomware

Cyber insurance explained: What it covers and why prices continue to rise

CSO Magazine

DECEMBER 1, 2021

Cyber insurance, also referred to as cyber risk insurance or cyber liability insurance coverage (CLIC), is a policy with an insurance carrier to mitigate risk exposure by offsetting costs involved with damages and recovery after a cyber-related security breach or similar event. Cyber insurance definition.

Cyber Insurance

Cyber Insurance Insurance CSO Cyber Risk

Decline in ransomware claims could spark change for cyber insurance

CSO Magazine

OCTOBER 21, 2021

Learn the 7 keys to better risk assessment. | Get the latest from CSO by signing up for our newsletters. ]. Could such variations trigger changes in the cyber insurance market and, if so, how will they impact insurance carriers and organizations? Shifting ransomware priorities impacting claim costs.

Cyber Insurance

Cyber Insurance Insurance Ransomware CSO

How Jefferson Health enhanced cybersecurity via its cloud transformation

CSO Magazine

AUGUST 16, 2021

Learn the 7 keys to better risk assessment. | Get the latest from CSO by signing up for our newsletters. ]. In fact, by putting cybersecurity at the fore of its cloud innovations, Odom believes the hospital has installed a more efficient, agile, and risk-focused security approach to protect is 34,000 employees.

Cybersecurity

Cybersecurity CSO Healthcare CISO

Device identity: The overlooked insider threat

CSO Magazine

OCTOBER 5, 2021

Throughout National Insider Threat Awareness Month there has been no shortage of thoughts and ideas proffered on how to manage and mitigate insider risk that comes with having humans as part of the ecosystem. They are called upon to mitigate the risk and ameliorate the actions of the malevolent or careless employee.

CSO

CSO Risk

Cyber insurance explained and why you need it

CSO Magazine

DECEMBER 1, 2021

Cyber insurance, also referred to as cyber risk insurance or cyber liability insurance coverage (CLIC), is a policy with an insurance carrier to mitigate risk exposure by offsetting costs involved with damages and recovery after a cyber-related security breach or similar event. Cyber insurance definition.

Cyber Insurance

Cyber Insurance Insurance CSO Cyber Risk

11 cybersecurity buzzwords you should stop using right now

CSO Magazine

NOVEMBER 2, 2021

However, such terms are not always helpful and can be inaccurate, outdated, misleading, or even risk causing harm. Sign up for CSO newsletters. ]. Sign up for CSO newsletters. ]. Learn 8 pitfalls that undermine security program success and 12 tips for effectively presenting cybersecurity to the board.

Cybersecurity

Cybersecurity CSO Marketing Information Security

GAO report faults CIOs, OMB for slow adoption of cybersecurity recommendations

CSO Magazine

AUGUST 3, 2021

The US General Accountability Office (GAO) issued the 19-page report , “Cybersecurity and Information Technology: Federal Agencies need to Strengthen Efforts to Address High-Risk Areas” on July 29. Sign up for CSO newsletters. ]. Both pointed out shortcomings in the cyber readiness of the United States government.

CSO

CSO Cybersecurity Government Accountability

5 IT risk assessment frameworks compared

CSO Magazine

NOVEMBER 11, 2021

From a cybersecurity standpoint, organizations are operating in a high-risk world. The ability to assess and manage risk has perhaps never been more important.

Risk

Risk Telecommunications CISO Data breaches

4 ways to keep the cybersecurity conversation going after the crisis has passed

CSO Magazine

MARCH 8, 2021

But nothing more than that.” [ Learn the 7 keys to better risk assessment. | Get the latest from CSO by signing up for our newsletters. ]. Could this happen to us? Should we be concerned?

CSO

CSO Cybersecurity CISO Healthcare

6 steps to getting risk acceptance right

CSO Magazine

MARCH 22, 2022

Cybersecurity and risk expert David Wilkinson has heard some executives put off discussions about risk acceptance, saying they don’t have any appetite or tolerance for risk. Yet there are indicators that many CISOs aren’t having productive conversations around risk acceptance. Otherwise, they’d be unable to function.

Risk

Risk CISO Cybersecurity

In-app browser security risks, and what to do about them

CSO Magazine

SEPTEMBER 6, 2022

In-app browsers can pose significant security risks to businesses, with their tendency to track data a primary concern. This was highlighted in recent research which examined how browsers within apps like Facebook, Instagram and TikTok can be a data privacy risk for iOS users.

Risk

Risk Data privacy Passwords

Which countries are most (and least) at risk for cybercrime?

CSO Magazine

NOVEMBER 12, 2021

The risk of cybercrime is not spread equally across the globe. Cyberthreats differ widely, with internet users in some countries at much higher risk than those in nations that offer more security due to strong cybercrime legislation and widely implemented cybersecurity programs, according to fraud-detection software company SEON.

Cybercrime

Cybercrime Risk Internet Internet

Three recent events prove the need for an insider risk playbook

CSO Magazine

JANUARY 18, 2022

Every company, regardless of size, should have an insider risk management playbook in place to address the insider threat. The human factor is always in play, mistakes will happen that inadvertently place the company at risk.

Risk

With AI RMF, NIST addresses artificial intelligence risks

CSO Magazine

APRIL 11, 2022

The National Institute of Standards and Technology (NIST) is developing a voluntary framework to better manage risks associated with AI called the Artificial Intelligence Risk Management Framework (AI RMF).

Artificial Intelligence

Artificial Intelligence Risk Technology Government

CISOs: Do you know what's in your company’s products?

CSO Magazine

AUGUST 5, 2021

The question COOs should be asking their CISO’s is: “How can I make my product and processes the most secure and operate within acceptable risk parameters for the company and our customers?” [ Learn the 5 key qualities of successful CISOs, and how to develop them and 7 security incidents that cost CISOs their jobs.

CISO

CISO CSO Information Security Risk

Proofpoint lawsuits underscore risk of employee offboarding

CSO Magazine

SEPTEMBER 6, 2021

is fraught with risk and requires as much (if not more) attention than who is coming in the door. The hiring entity often spends an inordinate amount of time on process and acclimation onboarding new employees. The C-suite focus is rarely on who departed, yet the offboarding of employees, contractors, advisors, etc.

Risk

Top 10 open source software risks for 2023

CSO Magazine

MARCH 1, 2023

Known vulnerabilities, compromise of legitimate package, and name confusion attacks are expected to be among the top ten open source software risks in 2023, according to a report by Endor Labs. To read this article in full, please click here

Software

Software Risk

Secrets to building a healthy CISO-vendor partnership

CSO Magazine

MAY 3, 2022

Conversely, one that is problematic and incohesive can have the opposite effect, negatively impacting a company’s security practices and leaving them vulnerable to risks and wasted investment. A well-oiled relationship built on trust, communication and mutual understanding can reap significant benefits for a business’s cybersecurity posture.

CISO

CISO CSO Cybersecurity Accountability

8 notable open-source security initiatives of 2022

CSO Magazine

SEPTEMBER 12, 2022

Vendors, tech firms, collectives and governments have contributed to helping raise the open-source security bar amid organizations’ increasing use of and reliance upon open-source resources, along with the complex security risks and challenges that come with it. In sum: things are just getting started, but progress has been made,” David A.

CSO

CSO Government Software Risk

Critical flaw in AI testing framework MLflow can lead to server and data compromise

CSO Magazine

MARCH 24, 2023

Basically, every organization that uses this tool is at risk of losing their AI models, having an internal server compromised, and having their AWS account compromised," Dan McInerney, a senior security engineer with cybersecurity startup Protect AI, told CSO. It's pretty brutal." To read this article in full, please click here

CSO

CSO Authentication Engineering Internet

Basic flaws put pneumatic tube transport systems in hospitals at risk

CSO Magazine

AUGUST 2, 2021

Researchers have identified several high-risk vulnerabilities in a popular model of pneumatic tube systems (PTS) that are used by many hospitals to transport sensitive materials including lab specimens, blood products, tests and medications between different departments.

Risk

Risk Manufacturing Healthcare

5 strategies to manage cybersecurity risks in mergers and acquisitions

CSO Magazine

APRIL 3, 2023

Mergers and acquisitions (M&A) have the potential to introduce significant cybersecurity risks for organizations.

Risk

Risk Cybersecurity Technology

The strong link between cyber threat intelligence and digital risk protection

CSO Magazine

APRIL 21, 2023

In fact, these changes have led to a CTI subcategory focused on digital risk protection. DRP is broadly defined as, “telemetry, analysis, processes, and technologies used to identify and mitigate risks associated with digital assets.” I’ve earlier examined ESG research on enterprise CTI programs based on.

Cyber threats

Cyber threats Risk Digital transformation CISO

5 biggest risks of using third-party services providers

CSO Magazine

FEBRUARY 15, 2023

The use of third-party services can also come with significant—often unforeseen—risks. It’s often more efficient and less expensive to contract out work that would otherwise require significant effort and potentially drain in-house resources to those who can do it for you.

Risk

Report finds women are declining CISO/CSO roles

A Chief Security Concern for Executive Teams

Trending Sources

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

Security teams report rise in cyber risk

CSO Global Intelligence Report: The State of Cybersecurity in 2021

6 risk factors to know when hiring an MSSP

Amazon Sidewalk highlights network security visibility risks consumer services pose

Unpatched Exchange Servers an overlooked risk

Insider risk management: Where your program resides shapes its focus

DISA Breach Highlights Need for Stronger Oversight: AppOmni CSO

Strategic risk analysis is key to ensure customer trust in product, customer-facing app security

Chris Wysopal: Open source is becoming a national security risk

Enterprises report rise in risk events, yet risk management lags

Cloud computing concentration and systemic risk

How attackers could exploit breached T-Mobile user data

Why you need a SaaS governance plan, and what should be in it

4 lessons from recent Microsoft Azure cloud vulnerabilities

9 notable government cybersecurity initiatives of 2021

Real-time is where the cybersecurity risk is

Cyber insurance explained: What it covers and why prices continue to rise

Decline in ransomware claims could spark change for cyber insurance

How Jefferson Health enhanced cybersecurity via its cloud transformation

Device identity: The overlooked insider threat

Cyber insurance explained and why you need it

11 cybersecurity buzzwords you should stop using right now

GAO report faults CIOs, OMB for slow adoption of cybersecurity recommendations

5 IT risk assessment frameworks compared

4 ways to keep the cybersecurity conversation going after the crisis has passed

6 steps to getting risk acceptance right

In-app browser security risks, and what to do about them

Which countries are most (and least) at risk for cybercrime?

Three recent events prove the need for an insider risk playbook

With AI RMF, NIST addresses artificial intelligence risks

CISOs: Do you know what's in your company’s products?

Proofpoint lawsuits underscore risk of employee offboarding

Top 10 open source software risks for 2023

Secrets to building a healthy CISO-vendor partnership

8 notable open-source security initiatives of 2022

Critical flaw in AI testing framework MLflow can lead to server and data compromise

Basic flaws put pneumatic tube transport systems in hospitals at risk

5 strategies to manage cybersecurity risks in mergers and acquisitions

The strong link between cyber threat intelligence and digital risk protection

5 biggest risks of using third-party services providers

Stay Connected