CSO, Risk and Technology - Cyber Security Informer

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Related: Technology and justice systems The U.S. Avaya Holdings , Check Point Software Technologies , and Mimecast Limited each minimized or obscured the extent of security breaches linked to the SolarWinds Orion hack, impacting investor trust and highlighting the critical importance of clear, truthful communication.

CISO

CISO CSO Risk Cyber threats

A Chief Security Concern for Executive Teams

Krebs on Security

DECEMBER 18, 2018

Even among top tech firms, less than half list a chief technology officer (CTO). KrebsOnSecurity reviewed the Web sites for the global top 100 companies by market value, and found just five percent of top 100 firms listed a chief information security officer (CISO) or chief security officer (CSO). ” EXHIBIT A: EQUIFAX.

CSO

CSO CISO Marketing Banking

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

Krebs on Security

JULY 21, 2023

A review of the executives pages published by the 2022 list of Fortune 100 companies found only four — BestBuy , Cigna , Coca-Cola , and Walmart — that listed a Chief Security Officer (CSO) or Chief Information Security Officer (CISO) in their highest corporate ranks. Nor is the average pay hugely different among all these roles.

CSO

CSO CISO Insurance Risk

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

The Last Watchdog

MAY 5, 2022

Let’s walk through some practical steps organizations can take today, implementing zero trust and remote access strategies to help reduce ransomware risks: •Obvious, but difficult – get end users to stop clicking unknown links and visiting random websites that they know little about, an educational challenge. Best practices.

Ransomware

Ransomware Risk Internet Internet

6 risk factors to know when hiring an MSSP

CSO Magazine

AUGUST 13, 2021

With enterprise adoption of managed security services gradually maturing, the rewards and risks of using these services have become a lot clearer for current and potential customers. Sign up for CSO newsletters. ]. Keep up with 8 hot cyber security trends (and 4 going cold).

Risk

Risk CSO CISO Technology

Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk

The Security Ledger

MAY 16, 2024

In this Spotlight Podcast, host Paul Roberts talks with Chris Walcutt, the CSO of DirectDefense about the rising cyber threats facing operational technology (OT) and how organizations that manage OT - including critical infrastructure owners can best manage increased cyber risks to OT environments. Read the whole entry. »

CSO

CSO Risk Energy and Utilities Social Engineering

LW ROUNDTABLE: CrowdStrike outage reveals long road ahead to achieve digital resiliency

The Last Watchdog

JULY 25, 2024

With this in mind, Last Watchdog sought commentary from technology thought leaders about what the CrowdStrike outage says about the state of digital resiliency. Implementing zero trust across the entirety of the technology stack would go a long way toward increasing resilience against events like this.

Technology

Technology Ransomware Software Cyber Attacks

Chris Wysopal: Open source is becoming a national security risk

CSO Magazine

MAY 25, 2022

Chris Wysopal, founder and chief technology officer of application security company Veracode, sat down with CSO Senior Writer Lucian Constantin at a recent Security Summit to discuss just that.

CSO

CSO Risk Software Government

IT asset disposal is a security risk CISOs need to take seriously

CSO Magazine

JUNE 21, 2021

Asset disposal normally isn’t one of those burning topics that is top-of-mind for CISOs, yet every CISO must be able to address it when asked to describe their information technology asset disposal (ITAD) program. Sign up for CSO newsletters. ]. Sign up for CSO newsletters. ].

CISO

CISO Risk CSO Accountability

GAO report faults CIOs, OMB for slow adoption of cybersecurity recommendations

CSO Magazine

AUGUST 3, 2021

The US General Accountability Office (GAO) issued the 19-page report , “Cybersecurity and Information Technology: Federal Agencies need to Strengthen Efforts to Address High-Risk Areas” on July 29. Sign up for CSO newsletters. ]. Both pointed out shortcomings in the cyber readiness of the United States government.

CSO

CSO Cybersecurity Government Accountability

GAO calls out US government agencies: Get your supply chain security act together

CSO Magazine

JUNE 8, 2021

In December 2020, the US Government Accounting Office (GAO) made 145 recommendations to 23 federal agencies relating to supply chain risks. In May 2021, the GAO’s director of information technology and cybersecurity, Vijay A. D’Souza, testified before Congress on supply chain risks.

Government

Government CSO Risk Accountability

With AI RMF, NIST addresses artificial intelligence risks

CSO Magazine

APRIL 11, 2022

Like any digital technology, AI can suffer from a range of traditional security weaknesses and other emerging concerns such as privacy, bias, inequality, and safety issues.

Artificial Intelligence

Artificial Intelligence Risk Technology Government

Cybersecurity Snapshot: CSA Outlines Data Security Challenges and Best Practices, While ISACA Offers Tips To Retain IT Pros

Security Boulevard

MARCH 7, 2025

Check out best practices for shoring up data security and reducing cyber risk. 1 - CSA: How to boost data security and reduce cyber risk Risk assessment gaps. 1 - CSA: How to boost data security and reduce cyber risk Risk assessment gaps. Plus, get tips on how to improve job satisfaction among tech staff.

Cybersecurity

Cybersecurity Scams CSO Risk

Which countries are most (and least) at risk for cybercrime?

CSO Magazine

NOVEMBER 12, 2021

The risk of cybercrime is not spread equally across the globe. Cyberthreats differ widely, with internet users in some countries at much higher risk than those in nations that offer more security due to strong cybercrime legislation and widely implemented cybersecurity programs, according to fraud-detection software company SEON.

Cybercrime

Cybercrime Risk Internet Internet

Google launches Secure AI Framework to help secure AI technology

CSO Magazine

JUNE 9, 2023

Google, owner of the generative AI chatbot Bard and parent company of AI research lab DeepMind, said a framework across the public and private sectors is essential for making sure that responsible actors safeguard the technology that supports AI advancements so that when AI models are implemented, they’re secure-by-default.

Technology

Technology Risk

The strong link between cyber threat intelligence and digital risk protection

CSO Magazine

APRIL 21, 2023

In fact, these changes have led to a CTI subcategory focused on digital risk protection. DRP is broadly defined as, “telemetry, analysis, processes, and technologies used to identify and mitigate risks associated with digital assets.” I’ve earlier examined ESG research on enterprise CTI programs based on.

Cyber threats

Cyber threats Risk Digital transformation CISO

5 strategies to manage cybersecurity risks in mergers and acquisitions

CSO Magazine

APRIL 3, 2023

Mergers and acquisitions (M&A) have the potential to introduce significant cybersecurity risks for organizations. Assumptions about connecting networks, ‘rationalizing’ IT and cybersecurity platforms and staff are generally made with limited knowledge of the actual functions and work performed in each organization,” Saylor says.

Risk

Risk Cybersecurity Technology

Auditing the IRS: Asset Management Problems Causing Cybersecurity Risks

SecureWorld News

AUGUST 26, 2020

The Inspector General's report summarizes the IRS and its IT environment like this: "The reliance on legacy systems, aged hardware and software, and use of outdated programming languages poses significant risks, including increased cybersecurity threats and maintenance costs. How massive is the IRS information technology infrastructure?

Risk

Risk Cybersecurity CSO Technology

The Relevance of Privacy-Preserving Techniques and Generative AI to DORA Legislation

Thales Cloud Protection & Licensing

OCTOBER 28, 2024

The Relevance of Privacy-Preserving Techniques and Generative AI to DORA Legislation madhav Tue, 10/29/2024 - 04:55 The increasing reliance on digital technologies has created a complex landscape of risks, especially in critical sectors like finance. The world has changed.

Encryption

Encryption Risk Data privacy Artificial Intelligence

BrandPost: Your Employees Aren’t the Problem—It’s Your Technology

CSO Magazine

OCTOBER 15, 2021

After all, the increase in remote work naturally leads to increased insider risk. For those of us that have experienced the implications of an insider breach, this shouldn’t sound too surprising. And for those who have cast their security spotlight on external threats, maybe this is a timely wake-up call to look within (quite literally).

Technology

Technology Risk Cybersecurity

Economic pressures are increasing cybersecurity risks; a recession would amp them up more

CSO Magazine

FEBRUARY 28, 2023

CISOs have never had an easy time — they’ve certainly faced inordinate challenges in recent years working to secure an ever-expanding and more distributed technology and data landscape. At the same time, they’ve had to contend with bad actors who have become more organized, better resourced, and increasingly sophisticated.

Risk

Risk CISO Cybersecurity Technology

Evolving cyberattacks, alert fatigue creating DFIR burnout, regulatory risk

CSO Magazine

FEBRUARY 16, 2023

The evolution of cybercrime is weighing heavily on digital forensics and incident response (DFIR) teams, leading to significant burnout and potential regulatory risk. That’s according to the 2023 State of Enterprise DFIR survey by Magnet Forensics , a developer of digital investigation solutions.

Risk

Risk Telecommunications Cybercrime Manufacturing

Spotlight: Traceable CSO Richard Bird on Securing the API Economy

The Security Ledger

APRIL 5, 2023

In this Spotlight episode of the Security Ledger podcast, I interview Richard Bird, the CSO of the firm Traceable AI about the challenge of securing application programming interfaces (APIs), which are increasingly being abused to steal sensitive data. The post Spotlight: Traceable CSO Richard Bird on Securing the API Economy appeared first.

CSO

CSO Digital transformation Cyber Attacks Financial Services

Cyber insurer launches InsurSec solution to help SMBs improve security, risk management

CSO Magazine

APRIL 20, 2023

Cyber insurance provider At-Bay has announced the launch of a new InsurSec solution to help small-to-mid sized businesses (SMBs) improve their security and risk management postures through their insurance policy. The emergence of InsurSec technology reflects a cyber insurance landscape that has seen significant change recently.

Cyber Insurance

Cyber Insurance Insurance Risk CISO

Cyber arms race, economic headwinds among top macro cybersecurity risks for 2023

CSO Magazine

FEBRUARY 21, 2023

The technological complexity and growing attack surface, along with a growing array of threat actors and increased interconnectivity, make securing digital systems and assets a perennial pipedream. Chief among the challenges for decision-makers and experts is simply identifying and comprehending society's cybersecurity risks.

Risk

Risk Cybersecurity Government Technology

12 risk-based authentication tools compared

CSO Magazine

MARCH 1, 2022

Risk-based authentication (RBA), also called adaptive authentication, has come of age, and it couldn’t happen fast enough for many corporate security managers. What is risk-based authentication? It creates a risk profile of the person or device requesting access to the system. To read this article in full, please click here

Authentication

Authentication Risk Phishing Accountability

Should CISOs stop using Russian security and tech products?

CSO Magazine

MARCH 10, 2022

The Ukraine-Russia conflict has raised the question of whether organizations should stop using Russian-made security and tech products and the risks of continuing to do so in the current situation. From a moral standpoint, CISOs should absolutely stop using Russian-made security and technology products.

CISO

CISO CSO Backups Technology

MY TAKE: NIST Cybersecurity Framework has become a cornerstone for securing networks

The Last Watchdog

APRIL 30, 2019

Prior to launching CyberSaint, Wrenn was CSO of Schneider Electric, a supplier of technologies used in industrial control systems. The participation led to the idea behind CyberSaint The company supplies a platform, called CyberStrong, that automatically manages risk and compliance assessments across many types of frameworks.

Cybersecurity

Cybersecurity Insurance Cyber Insurance Risk

From Compliance to Resilience: Cyber Governance as the Cornerstone of CISO Strategy

SecureWorld News

MAY 2, 2024

By spearheading cybersecurity programs, CISOs empower organizations to fend off cyber threats from criminal enterprises, insider risks, hackers, and other malicious entities that pose significant risks to operations, critical infrastructure, and even national security. RELATED: Uber CSO Found Guilty: The Sky Is Not Falling.

CISO

CISO Government CSO Artificial Intelligence

TrustCloud releases TrustRegister to help gauge business impact of risks

CSO Magazine

APRIL 4, 2023

Trust assurance platform TrustCloud has announced the release of the TrustRegister application to help software companies identify risks and understand risk-related revenue/business impact. To read this article in full, please click here

Risk

Risk Government Technology Software

Location data poses risks to individuals, organizations

CSO Magazine

JUNE 16, 2022

Companies that produce location-tracking algorithms and technological magic are riding the hyper-personalized marketing rocket, which continues to expand at breathtaking speed. That data is collected by your network provider, by apps on your smart devices, and by the websites with which you engage. from 2022 to 2030.

Risk

Risk Marketing Technology

Why UnionDigital Bank invests in an AI-driven approach to cybersecurity

CSO Magazine

AUGUST 2, 2022

The data-reliance of digital banking means an AI-driven approach to cybersecurity and risk management is integral to success, UnionDigital Bank CISO Dominic Grunden tells CSO. Working together, the two used autonomous technology to instill a “truly holistic” AI-enhanced security and risk management strategy.

Banking

Banking CSO Cybersecurity CISO

SecureAuth unveils new end-to-end access and authentication solution

CSO Magazine

JUNE 2, 2022

The platform, Arculix, combines orchestration, passwordless technology and continuous authentication and can be deployed out of the box with any industry-standard identity provider as an end-to-end solution or as augmentation to an existing identity and access management (IAM) scheme. "If,

Authentication

Authentication Artificial Intelligence CSO Passwords

BrandPost: The convergence of IT and OT and its impact on growing infrastructure risks

CSO Magazine

MARCH 27, 2023

Internet-of-Things (IoT) and Operational Technology (OT) devices represent a rapidly expanding, often unchecked risk surface that is largely driven by the technology’s pervasiveness, vulnerability, and cloud connectivity.

Risk

Risk IoT Internet Internet

Clearview AI commercialization of facial recognition raises concerns, risks

CSO Magazine

MARCH 8, 2022

The prescience displayed in the 2002 film has actually short-changed the advances of science and technology between then and now. Recently, Clearview AI has announced that it is taking its advanced facial recognition technologies beyond the already controversial government/law enforcement usage into the commercial sector.

Risk

Risk Technology Government

APT campaign targeting SOHO routers highlights risks to remote workers

CSO Magazine

JULY 5, 2022

To read this article in full, please click here

Small Business

Small Business Telecommunications Risk Technology

Shadow IT is increasing and so are the associated security risks

CSO Magazine

JUNE 6, 2023

Despite years of modernization initiatives, CISOs are still contending with an old-school problem: shadow IT, technology that operates within an enterprise but is not officially sanctioned — or on the radar of — the IT department.

Risk

Risk CISO Technology Malware

BrandPost: How Much Risk Are You Willing to Take?

CSO Magazine

SEPTEMBER 30, 2021

Just as the threat landscape evolves over time, so does security technology. Having been in the cyber security space for more than 15 years, I have witnessed a number of evolutions first hand.

Antivirus

Antivirus Risk Encryption Technology

BrandPost: Safe at Any Speed: Formalizing Consumer Privacy Risk Management

CSO Magazine

MARCH 22, 2022

As regulators and legislators consider new approaches to addressing consumer privacy, CISO s and colleagues in technology and consumer products companies that use personal data should reconsider how they’re balancing their management of data privacy risks and the need for speed.

Risk

Risk Data privacy CISO Technology

The tech behind the 2022 US CSO50 winners: Celebrating the CSO50 Solutions Partners

CSO Magazine

JUNE 8, 2022

The CSO50 Award is a recognized mark of risk and security excellence. Here for the first time we recognise the technologies behind our CSO 50-winning projects, each by itself a provider of excellence in security and IT. These vendors partnered with our winning organizations. To read this article in full, please click here

CSO

CSO Technology Risk

These Roles Require Cybersecurity Training

CyberSecurity Insiders

APRIL 26, 2021

That means cybersecurity training and education so that key stakeholders understand the risks that businesses are facing, and which strategies are most effective for protection. Even if a company employs a Chief Information Security Officer (CISO) or Chief Security Officer (CSO), the position may still report to the CIO.

Cybersecurity

Cybersecurity CISO Education CSO

How to find a security-savvy MSP

CSO Magazine

SEPTEMBER 15, 2021

The US Cybersecurity and Infrastructure Security Agency (CISA) released a document called Risk Considerations for Managed Service Provider Customers. In particular, CISA recommends that “SMBs should catalog which assets are the most critical to operations and characterize the risk to those assets.

Small Business

Small Business Technology Risk Cybersecurity

5 Top Questions About Deception Technology in Cybersecurity

SecureWorld News

AUGUST 12, 2020

Your questions about deception technology in cybersecurity, answered. What exactly is deception technology and how can it play a vital part in your cyber defense? How do you define deception technology? The old word for deception technologies is honeypot. The old technology really no longer applies.

Technology

Technology Cybersecurity CSO IoT

BrandPost: 5 Key Security Technologies for Work from Anywhere

CSO Magazine

JUNE 22, 2022

The work-from-anywhere ( WFA ) model presents security risks, so it's critical for organizations to provide enterprise-level security everywhere employees work, whether they are at home, in the office, or on the road. The following five key technologies keep employees productive and secure wherever they happen to be working.

Technology

Technology Risk

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

A Chief Security Concern for Executive Teams

Trending Sources

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

6 risk factors to know when hiring an MSSP

Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk

LW ROUNDTABLE: CrowdStrike outage reveals long road ahead to achieve digital resiliency

Chris Wysopal: Open source is becoming a national security risk

IT asset disposal is a security risk CISOs need to take seriously

GAO report faults CIOs, OMB for slow adoption of cybersecurity recommendations

GAO calls out US government agencies: Get your supply chain security act together

With AI RMF, NIST addresses artificial intelligence risks

Cybersecurity Snapshot: CSA Outlines Data Security Challenges and Best Practices, While ISACA Offers Tips To Retain IT Pros

Which countries are most (and least) at risk for cybercrime?

Google launches Secure AI Framework to help secure AI technology

The strong link between cyber threat intelligence and digital risk protection

5 strategies to manage cybersecurity risks in mergers and acquisitions

Auditing the IRS: Asset Management Problems Causing Cybersecurity Risks

The Relevance of Privacy-Preserving Techniques and Generative AI to DORA Legislation

BrandPost: Your Employees Aren’t the Problem—It’s Your Technology

Economic pressures are increasing cybersecurity risks; a recession would amp them up more

Evolving cyberattacks, alert fatigue creating DFIR burnout, regulatory risk

Spotlight: Traceable CSO Richard Bird on Securing the API Economy

Cyber insurer launches InsurSec solution to help SMBs improve security, risk management

Cyber arms race, economic headwinds among top macro cybersecurity risks for 2023

12 risk-based authentication tools compared

Should CISOs stop using Russian security and tech products?

MY TAKE: NIST Cybersecurity Framework has become a cornerstone for securing networks

From Compliance to Resilience: Cyber Governance as the Cornerstone of CISO Strategy

TrustCloud releases TrustRegister to help gauge business impact of risks

Location data poses risks to individuals, organizations

Why UnionDigital Bank invests in an AI-driven approach to cybersecurity

SecureAuth unveils new end-to-end access and authentication solution

BrandPost: The convergence of IT and OT and its impact on growing infrastructure risks

Clearview AI commercialization of facial recognition raises concerns, risks

APT campaign targeting SOHO routers highlights risks to remote workers

Shadow IT is increasing and so are the associated security risks

BrandPost: How Much Risk Are You Willing to Take?

BrandPost: Safe at Any Speed: Formalizing Consumer Privacy Risk Management

The tech behind the 2022 US CSO50 winners: Celebrating the CSO50 Solutions Partners

These Roles Require Cybersecurity Training

How to find a security-savvy MSP

5 Top Questions About Deception Technology in Cybersecurity

BrandPost: 5 Key Security Technologies for Work from Anywhere

Stay Connected