CISO, Encryption and Information Security

Why CISA is Warning CISOs About a Breach at Sisense

Krebs on Security

APRIL 11, 2024

On April 10, Sisense Chief Information Security Officer Sangram Dash told customers the company had been made aware of reports that “certain Sisense company information may have been made available on what we have been advised is a restricted access server (not generally available on the internet.)”

CISO

CISO Encryption Telecommunications Financial Services

GUEST ESSAY: The key differences between ‘information privacy’ vs. ‘information security’

The Last Watchdog

JUNE 12, 2023

Information privacy and information security are two different things. Related: Tapping hidden pools of security talent Information privacy is the ability to control who (or what) can view or access information that is collected about you or your customers. still available for you to use.

Information Security

Information Security Data breaches CISO Encryption

Today’s CISO Insights – How to Tackle the Quantum Threat

CyberSecurity Insiders

MAY 3, 2023

By: Craig Debban , Chief Information Security Officer, QuSecure, Inc. Due to this specific way of processing, quantum computers can also break many of the current encryption algorithms used to protect data. This is why CISOs everywhere should be concerned. It is safe, encrypted, and should take forever to decrypt.”

CISO

CISO Identity Theft Encryption Social Engineering

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Understanding the Core Principles of Information Security

Centraleyes

NOVEMBER 1, 2023

To build a robust information security strategy, one must understand and apply the core principles of information security. This blog post will delve into the fundamental principles underpinning effective information security principles and practices. Is The Demise of the CIA Triad Imminent?

Information Security

Information Security Encryption Risk Authentication

On the Irish Health Services Executive Hack

Schneier on Security

FEBRUARY 11, 2022

Under-resourced Information Security Managers were not performing their business as usual role (including a NIST-based cybersecurity review of systems) but were working on evaluating security controls for the COVID-19 vaccination system. The antivirus server was later encrypted in the attack).

Antivirus

Antivirus Hacking Ransomware CISO

7 Things Every CISO Needs to Know About PKI

Security Boulevard

OCTOBER 7, 2022

7 Things Every CISO Needs to Know About PKI. A public key infrastructure (PKI) is responsible for supporting public encryption keys while also enabling users and computers to safely exchange data over networks and verify the identity of other parties. As a CISO, you probably know the stress audits can put on you and your team.

CISO

CISO Risk Cyber Attacks Technology

The Resurgence of Zero Trust: Why it’s Essential for CISOs and CIOs to Include in Their Strategy

CyberSecurity Insiders

JUNE 8, 2023

Zero trust emphasizes the importance of micro-segmentation, multi-factor authentication, encryption, and monitoring of user behavior to prevent lateral movement within the network and detect and respond to potential threats in real time. Importance for CISOs and CIOs Zero trust is no longer just a buzzword for CISOs and CIOs.

CISO

CISO Cyber threats Risk Cybersecurity

How Zero Trust helps CIOs and CTOs in Corporate Environments

CyberSecurity Insiders

JUNE 11, 2023

Zero Trust is a cybersecurity framework that can greatly support Chief Information Security Officers (CISOs) and Chief Technology Officers (CTOs) in their roles of securing organizational systems and data. This approach significantly reduces the risk of lateral movement and unauthorized access within the network.

CISO

CISO Technology Architecture Cybersecurity

Analytics Insight Announces ‘The 10 Most Influential CISOs to Watch in 2021’

CyberSecurity Insiders

OCTOBER 7, 2021

. & HYDERABAD, India–( BUSINESS WIRE )–Analytics Insight has named ‘ The 10 Most Influential CISOs to Watch in 2021 ’ in its October magazine issue. The issue is focusing on trailblazing leaders who are remodelling their security strategy and staying abreast with the latest trends. He holds a Ph.D He holds a Ph.D

CISO

CISO Computers and Electronics Information Security Technology

On the Irish Health Services Executive Hack

Security Boulevard

FEBRUARY 11, 2022

Under-resourced Information Security Managers were not performing their business as usual role (including a NIST-based cybersecurity review of systems) but were working on evaluating security controls for the COVID-19 vaccination system. The antivirus server was later encrypted in the attack).

Hacking

Hacking Antivirus CISO Ransomware

NetApp ONTAP Becomes First Enterprise Storage Platform to Receive Validation from NSA for Security and Encryption

CyberSecurity Insiders

DECEMBER 15, 2021

National Security Agency (NSA), CSfC is a key component of the organization’s commercial cybersecurity strategy. CSfC validates commercial IT products that have met the highest level of strict encryption standards and rigorous security requirements for both hardware and software solutions.

Encryption

Encryption Energy and Utilities Digital transformation Software

GUEST ESSAY: Leveraging best practices and an open standard to protect corporate data

The Last Watchdog

MARCH 21, 2022

Become familiar with the standards that affect your industry, such as GDPR, CCPA, SOX, HIPAA, the Gramm-Leach-Bliley Act, Payment Card Industry Data Security Standard (PCI-DSS), Federal Information Security Management Act (FISMA) and Children’s Online Privacy Protection Rule (COPPA). Assign roles and responsibilities.

Encryption

Encryption Data privacy Cloud Migration Risk

Clorox counts the cost of cyberattack

Malwarebytes

FEBRUARY 5, 2024

Another indication that things may not have been up to par was the chief information security officer (CISO) leaving in November, while the company was still recovering from the cyberattack. Stop malicious encryption. These are things that, however cumbersome, need to be tested.

Backups

Backups Ransomware CISO Malware

Jason Witty: ‘We have to adapt to new ways of thinking’

SC Magazine

APRIL 8, 2021

A conversation with Jason Witty, head of cybersecurity and technology controls, and global chief information security officer for JPMorgan Chase. One of a series of security leadership profiles prepared by Cybersecurity Collaborative in conjunction with SC Media. Find out more here.

CISO

CISO Technology Financial Services Cybersecurity

GUEST ESSAY: In pursuit of smarter cybersecurity — to overcome complex risks and grow revenue

The Last Watchdog

JANUARY 8, 2023

However, security – the often overlooked and undervalued visitor – is struggling to communicate across the table. When it comes down to it, C-level goals and CISO initiatives are not all that misaligned. Smart security also means doing more with less so the company as a whole can run lean. Automated offense.

Risk

Risk Cybersecurity Technology CISO

Brazil’s court system shut down after a massive ransomware attack

Security Affairs

NOVEMBER 6, 2020

Brazilian media outlet CISO Advisor claims it has viewed an internal report on the security breach incident that suggests the threat actor was a cybercrime organization financially motivated. Our report tried to contact the agency’s press office, but the contact information has even disappeared from Google’s cache.”

Ransomware

Ransomware CISO Encryption Cyber Attacks

Firms with exposed IoT have a higher concentration of other security problems

SC Magazine

JANUARY 29, 2021

For example, companies with exposed IoT are more than 50% more likely to have email security issues, according to a new report and blog post from the Cyentia Institute and RiskRecon. But what does that correlation mean for chief information security officers? So, how can CISOs operationalize that kind of information?

IoT

IoT Internet Internet CISO

SHARED INTEL: Here’s why CEOs who’ve quit Tweeting are very smart to do so

The Last Watchdog

MARCH 6, 2020

For many Chief Information Security Officers, having the CEO’s ear, at the moment, is proving to be a double-edged sword, Pollard told me. “We We find many CISOs spend their time explaining what threats matter and why, as opposed to why cybersecurity matters in the first place,” he says. “New But it’s only a baby step.

CISO

CISO VPN Digital transformation Internet

Quantum Computing: A Looming Threat to Organizations and Nation States

SecureWorld News

SEPTEMBER 7, 2023

Quantum computing poses a potential threat to current cybersecurity practices, which are based on encryption algorithms that can be broken by quantum computers. As for the panel presentation at SecureWorld Denver , it features Edgar Acosta, Experienced Cybersecurity Professional (former CISO at DCP Midstream ); Craig Hurter, Sr.

Encryption

Encryption Technology Risk Architecture

Italy, France and Singapore Warn of a Spike in ESXI Ransomware

Security Affairs

FEBRUARY 6, 2023

Investigations are still ongoing to confirm those assumptions,” OVHcloud CISO Julien Levrard said. “The attack is primarily targeting ESXi servers in versions before 7.0 U3i, apparently through the OpenSLP port (427).”

Ransomware

Ransomware Encryption CISO Hacking

Fact check: Quantum computing may transform cybersecurity eventually – but not yet

SC Magazine

JUNE 23, 2021

While experts don’t know when or where a quantum computer will emerge that can break most forms of classical encryption, most agree that enterprises will need to replace their encryption protocols well in advance of that day. billion operations.

Encryption

Encryption Cybersecurity Technology Marketing

Using Foundational Controls to “Secure IT”

Thales Cloud Protection & Licensing

OCTOBER 17, 2019

Phishing attacks, account takeover (ATO) fraud and data breaches can be mitigated by multi-factor authentication, strong access controls for regular as well as privileged users, and by encrypting all sensitive data for instance. Encryption and tokenization can help organizations secure their customers’ digital transactions.

Encryption

Encryption Authentication Passwords Data privacy

ConnectWise Quietly Patches Flaw That Helps Phishers

Krebs on Security

DECEMBER 1, 2022

“Our team quickly triaged the report and determined the risk to partners to be minimal,” said Patrick Beggs , ConnectWise’s chief information security officer. ” However, LastPass maintains that its “customer passwords remain safely encrypted due to LastPass’s Zero Knowledge architecture.”

Phishing

Phishing Architecture Passwords Accountability

7 Cloud Security Predictions for 2022 to Help Organizations Protect Their Data

CyberSecurity Insiders

JANUARY 19, 2022

Seven Cloud Security Predictions CISOs Can Use in 2022. Since hybrid work models and digital business models are here to stay, IT and security teams will need to rethink how they can better protect data to prevent data breaches in the future. Now, it’s time to right the ship. If that sounds challenging, that’s correct.

CISO

CISO Data breaches Artificial Intelligence Digital transformation

“Left of Boom” Cybersecurity: Proactive Cybersecurity in a Time of Increasing Threats and Attacks

Cisco Security

OCTOBER 18, 2021

The primary job of the Chief Information Security Officer (CISO) is to exercise continuous diligence in reducing risk, within the risk appetite and risk tolerance of the organization, so that the likelihood of a boom is low, and the corresponding magnitude of harm is limited. Cisco Secure Social Channels. Frameworks.

Cybersecurity

Cybersecurity CISO Insurance Risk

IoT Devices a Huge Risk to Enterprises

eSecurity Planet

JULY 22, 2021

. “For more than a year, most corporate offices have stood mostly abandoned as employees continued to work remotely during the COVID-19 pandemic,” Deepen Desai, chief information security officer (CISO) at Zscaler, said in a statement. ” Most Devices Communicate in Plaintext.

IoT

IoT Risk Architecture Manufacturing

New York Takes Bold Stance Against Hospital Cyber Attacks

SecureWorld News

DECEMBER 6, 2023

Hospitals will be required to implement comprehensive cybersecurity programs, including vulnerability assessments, access controls, and security awareness training for their employees. I view it as a welcomed step in helping security teams secure the funding and support they need to keep our heads above water.

Cyber Attacks

Cyber Attacks Healthcare Computers and Electronics Financial Services

Shipping Giant Hit by 'Nuclear Ransomware' and Vows Not to Pay

SecureWorld News

MAY 14, 2020

And in addition to encrypting data, this ransomware attacker exfiltrated data, as well: "Our ongoing investigations have established that the attacker has accessed at least one specific corporate server. If it simply encrypts data on your corporate network, that's the former worst case scenario for ransomware.

Ransomware

Ransomware Encryption CISO Marketing

Important Strategies for Aligning Security With Business Objectives

Security Boulevard

APRIL 14, 2021

Know the business objectives inside out One of the key challenges in aligning security with business objectives is that information security/data security executives (i.e. CISO/Chief Information Security Officer) are often too concerned about security and not the overall business objectives.

Cybersecurity

Cybersecurity Marketing CISO Social Engineering

Online map visualizes the widespread presence of automated ransomware

SC Magazine

JUNE 14, 2021

For example, Comparitech found one Read_me note in an infected Elasticsearch cluster that warned the recipient to pay 0.0175 bitcoins within 48 hours to recover encrypted data. Still, “information security professionals know that there are more attack vectors for ransomware to have an eye on,” Schrader continued. “A

Ransomware

Ransomware CISO Media Engineering

bA Data-Centric Approach to DEFEND

Thales Cloud Protection & Licensing

DECEMBER 18, 2019

Consistent with the federal government’s deployment of Information Security Continuous Monitoring (ISCM), the CDM program is a dynamic approach to fortifying the cybersecurity of government networks and systems. 1: Developing a decision tree approach to security. I follow that path down to where that data is stored.

Digital transformation

Digital transformation CISO Government Cybersecurity

We're Doing an All New Series on Pluralsight: Creating a Security-centric Culture

Troy Hunt

JANUARY 24, 2018

Usually when we talk about information security, we're talking about the mechanics of how things work. These are all good discussions - essential discussions - but there's a broader and perhaps even more important one that we need to have and that's about the security culture within organisations.

Education

Education CISO Encryption Passwords

The DDR Advantage: Real-Time Data Defense

Security Affairs

MARCH 27, 2024

Speaking of zero trust, Dave Lewis , the global advisory CISO for Duo Security, offered some words of advice that could sum up the rationale of DDR in a soundbite: “Don’t trust something simply because it’s inside your firewall — there’s no reason for that.” She has written for Bora , Venafi, Tripwire and many other sites.

Data privacy

Data privacy Risk CISO Firewall

CISSPs from Around the Globe: An Interview with Dr. Christine Izuakor

CyberSecurity Insiders

NOVEMBER 8, 2021

The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. Those doors lead to many different types of positions and opportunities, thus making the information security community dynamic and multifaceted.

CISO

CISO Cybersecurity Education Engineering

Protecting Against Ransomware 3.0 and Building Resilience

Duo's Security Blog

JUNE 27, 2023

It is also more sophisticated, using advanced encryption algorithms that make it more difficult to decrypt files that have been encrypted by the malware, moving laterally to disrupt cloud applications and taking advantage of inconspicuous crypto-mining schemes. Today, we can start with securing user access.

Ransomware

Ransomware Healthcare Phishing Authentication

The Top Five Habits of Cyber-Aware Employees

CyberSecurity Insiders

JULY 21, 2021

By: Matt Lindley, COO and CISO at NINJIO. This is because most people have bad habits when it comes to information security – 39 percent have reused their social media login credentials on other sites, while a significant proportion of employees overshare online.

Social Engineering

Social Engineering Password Management Passwords Phishing

State auditor’s office clashes with file transfer service provider after breach

SC Magazine

FEBRUARY 2, 2021

But the SAO is accusing Accellion of being less than forthcoming, with officials explaining in a virtual press conference and a public statement that it was not aware of any security incident at Accellion until the Jan. Hence the reason why credit card information is never transmitted to the retailer.

Government

Government CISO Media Encryption

10 Reasons to Trust Your Enterprise APIs

Cisco Security

AUGUST 30, 2021

Using this list as a backdrop the following best practices are presented as a call to action to help organizations take a proactive approach at addressing API security risk. Encrypt sensitive traffic using Transport Layer Security (TLS). You may find that many of these best practices are already in use across your organization.

Software

Software Authentication Risk Encryption

Spotlight on Cybersecurity Leaders: Women in Cybersecurity Delaware Valley

SecureWorld News

MARCH 10, 2022

After spending 25 years of her career in IT, including more than 17 years in information security, Nancy considers joining the Federal Reserve Bank in 2017 as the highlight of her career. She has demonstrated passion, knowledge, and proven ability to engage others in the emerging market needs for cybersecurity initiatives.

Cybersecurity

Cybersecurity Data privacy Education Banking

A roadmap for developing a secure enterprise cloud operating model

SC Magazine

JUNE 4, 2021

Network security: Includes Direct Connect (DC) private and public interfaces; DMZ, VPC, and VNet endpoints; transit gateways; load balancers; and DNS. Data Security: Encrypt data in transit and at rest, S3 bucket data (at rest), and EBS root volume and dynamo db. Raj Badhwar, chief information security officer, Voya Financial.

Penetration Testing

Penetration Testing DNS Technology CISO

CryptoAgility to take advantage of Quantum Computing

Thales Cloud Protection & Licensing

MAY 4, 2021

The same goes with the advent of Quantum Computing , which is supposed to bring exponential computing power that shall not only bring endless benefits but also raises question marks on the current state of cryptography that is the bedrock of all information security as we know today. How much time do we have?

Computers and Electronics

Computers and Electronics Banking IoT Risk

To Achieve Zero Trust Security, Trust The Human Element

Thales Cloud Protection & Licensing

MAY 6, 2021

We have asked leading information security professionals to offer us their valuable advice on how organizations and people can achieve a Zero Trust mentality. Angus Macrae, Head of Cyber Security. Encryption Key Management. Encryption. Database Encryption. Data security. Here is what they told us.

Social Engineering

Social Engineering Authentication Passwords Technology

As Internet-Connected Medical Devices Multiply, So Do Challenges

Cisco Security

JUNE 15, 2022

That doesn’t mean the risk is zero, noted Christos Sarris , a longtime information security analyst. He shared an anecdote in Cisco Secure’s recent e-book, “ Building Security Resilience ,” about finding malware on an intensive care unit device that compromised a pump used to deliver precise doses of medicine.

Internet

Internet Internet Manufacturing Healthcare

The Biggest Lessons about Vulnerabilities at RSAC 2021

eSecurity Planet

MAY 28, 2021

Ransomware: Encryption, Exfiltration, and Extortion. Ransomware perpetrators of the past presented a problem of availability through encryption. Nickels suggests organizations follow this guidance: Also Read: How Zero Trust Security Can Protect Against Ransomware. Detect Focus on encryption Assume exfiltration.

Software

Software Firmware DNS VPN

Why CISA is Warning CISOs About a Breach at Sisense

GUEST ESSAY: The key differences between ‘information privacy’ vs. ‘information security’

Webinars

Trending Sources

Today’s CISO Insights – How to Tackle the Quantum Threat

Webinars

Understanding the Core Principles of Information Security

On the Irish Health Services Executive Hack

7 Things Every CISO Needs to Know About PKI

The Resurgence of Zero Trust: Why it’s Essential for CISOs and CIOs to Include in Their Strategy

How Zero Trust helps CIOs and CTOs in Corporate Environments

Analytics Insight Announces ‘The 10 Most Influential CISOs to Watch in 2021’

On the Irish Health Services Executive Hack

NetApp ONTAP Becomes First Enterprise Storage Platform to Receive Validation from NSA for Security and Encryption

GUEST ESSAY: Leveraging best practices and an open standard to protect corporate data

Clorox counts the cost of cyberattack

Jason Witty: ‘We have to adapt to new ways of thinking’

GUEST ESSAY: In pursuit of smarter cybersecurity — to overcome complex risks and grow revenue

Brazil’s court system shut down after a massive ransomware attack

Firms with exposed IoT have a higher concentration of other security problems

SHARED INTEL: Here’s why CEOs who’ve quit Tweeting are very smart to do so

Quantum Computing: A Looming Threat to Organizations and Nation States

Italy, France and Singapore Warn of a Spike in ESXI Ransomware

Fact check: Quantum computing may transform cybersecurity eventually – but not yet

Using Foundational Controls to “Secure IT”

ConnectWise Quietly Patches Flaw That Helps Phishers

7 Cloud Security Predictions for 2022 to Help Organizations Protect Their Data

“Left of Boom” Cybersecurity: Proactive Cybersecurity in a Time of Increasing Threats and Attacks

IoT Devices a Huge Risk to Enterprises

New York Takes Bold Stance Against Hospital Cyber Attacks

Shipping Giant Hit by 'Nuclear Ransomware' and Vows Not to Pay

Important Strategies for Aligning Security With Business Objectives

Online map visualizes the widespread presence of automated ransomware

bA Data-Centric Approach to DEFEND

We're Doing an All New Series on Pluralsight: Creating a Security-centric Culture

The DDR Advantage: Real-Time Data Defense

CISSPs from Around the Globe: An Interview with Dr. Christine Izuakor

Protecting Against Ransomware 3.0 and Building Resilience

The Top Five Habits of Cyber-Aware Employees

State auditor’s office clashes with file transfer service provider after breach

10 Reasons to Trust Your Enterprise APIs

Spotlight on Cybersecurity Leaders: Women in Cybersecurity Delaware Valley

A roadmap for developing a secure enterprise cloud operating model

CryptoAgility to take advantage of Quantum Computing

To Achieve Zero Trust Security, Trust The Human Element

As Internet-Connected Medical Devices Multiply, So Do Challenges

The Biggest Lessons about Vulnerabilities at RSAC 2021

Stay Connected