2022, CSO and Risk - Cyber Security Informer

2022 CSO Hall of Fame honorees

CSO Magazine

MAY 31, 2022

The CSO Hall of Fame was created to spotlight outstanding leaders who have significantly contributed to the practice of information risk management and security. Selected by the editors of CSO, its advisors, and executives, the individuals bestowed with this award exemplify excellence in security leadership.

CSO

CSO CISO Risk

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

Krebs on Security

JULY 21, 2023

A review of the executives pages published by the 2022 list of Fortune 100 companies found only four — BestBuy , Cigna , Coca-Cola , and Walmart — that listed a Chief Security Officer (CSO) or Chief Information Security Officer (CISO) in their highest corporate ranks.

CSO

CSO CISO Insurance Risk

8 notable open-source security initiatives of 2022

CSO Magazine

SEPTEMBER 12, 2022

Open-source security has been high on the agenda this year, with a number of initiatives, projects, and guidance launched in 2022 to help improve the cyber resiliency of open-source code, software and development. 2022 has intensified the necessary focus on the important topics of open-source security, including supply chain security.

CSO

CSO Government Software Risk

Enterprises report rise in risk events, yet risk management lags

CSO Magazine

MAY 19, 2022

Enterprises around the world are being barraged by risk events, according to a report released Wednesday by Forrester. Risk events, incidents and disruptions have become so frequent that the increased level of risk is the “new normal,” Forrester reported.

Risk

Why CISOs Are Stepping Away and What the Future Holds

SecureWorld News

DECEMBER 9, 2024

Burnout and job dissatisfaction The State of the CISO 20232024" report reveals a decline in job satisfaction, with only 64% of CISOs satisfied with their rolesa sharp drop from 74% in 2022. Stress and burnout are leading contributors, with 60% citing stress and 53% citing burnout as risks that could prompt them to leave.

CISO

CISO Cyber threats Risk Cybersecurity

BrandPost: 5 Threats to Watch Out for in 2022

CSO Magazine

DECEMBER 22, 2021

In 2022, threats are unlikely to slow down. If your network and security tools aren't up to the task of protecting your organization now, it's not going to be any better in 2022. Although no one can definitively predict the future, here are five up-and-coming threats we're keeping an eye on at FortiGuard Labs.

Risk

15 Top Cybersecurity Certifications for 2022

eSecurity Planet

JUNE 21, 2022

” Also read: Cybersecurity Employment in 2022: Solving the Skills Gap. My advice for anybody that asks me which certifications they should get is this: find a certification in a subject that you wish to learn about,” Palo Alto Networks CSO Rick Howard said. “If As of mid-2022, the cost is $381 USD.

Cybersecurity

Cybersecurity Penetration Testing System Administration Cyber Attacks

Cyberattacks against governments jumped 95% in last half of 2022, CloudSek says

CSO Magazine

JANUARY 4, 2023

The number of attacks targeting the government sector increased by 95% worldwide in the second half of 2022 compared to the same period in 2021, according to a new report by AI-based cybersecurity company CloudSek. There is also a risk that national security and military data can be used by terrorist organizations.

Government

Government Risk Cybersecurity

Cider Security Publishes New Research Identifying the Top 10 CI/CD Security Risks

CyberSecurity Insiders

MARCH 16, 2022

Tel Aviv, Israel – March 16, 2022 ] – Researchers from Cider Security , the world’s first AppSec Operating System, today published a new research report, “Top 10 CI/CD Security Risks”, detailing the major security risks to the CI/CD (Continuous Integration/Continuous Delivery) ecosystem. . “CI/CD The risks outlined are: .

Risk

Risk CISO Insurance Engineering

M&A Trending In Cybersecurity Industry Vertical For 2022

CyberSecurity Insiders

JANUARY 28, 2022

According to CSO, 2021 shaped up to be an active year for mergers and acquisitions in the cybersecurity industry. Top cybersecurity M&A deals for 2021 | CSO Online. In 2022 M& A in cybersecurity will likely expand to ever greater heights. It is all about risks. In fact, the volume of U.S.

Cybersecurity

Cybersecurity Digital transformation CSO Penetration Testing

How Northfield Hospital uses AI to minimize risk from cyberattacks

CSO Magazine

MAY 16, 2023

A study by Proofpoint and the Ponemon Institute released in September 2022 found that patient mortality rates increased across more than 20% of healthcare organizations that suffered the most common types of attacks. “If To read this article in full, please click here

Risk

Risk CSO Healthcare Cybersecurity

Security startups to watch for 2022

CSO Magazine

FEBRUARY 4, 2022

It’s a risk for a company to commit to a startup’s product or platform, and it requires a different kind of customer/vendor relationship. They can move faster than most established companies to fill gaps or emerging needs. Startups can often innovative faster because they are unfettered by an installed base.

Risk

Risk Cybersecurity

Spotlight: Traceable CSO Richard Bird on Securing the API Economy

The Security Ledger

APRIL 5, 2023

In this Spotlight episode of the Security Ledger podcast, I interview Richard Bird, the CSO of the firm Traceable AI about the challenge of securing application programming interfaces (APIs), which are increasingly being abused to steal sensitive data. The post Spotlight: Traceable CSO Richard Bird on Securing the API Economy appeared first.

CSO

CSO Digital transformation Cyber Attacks Financial Services

Security hygiene and posture management: A 2022 priority

CSO Magazine

JANUARY 21, 2022

Experts agree that strong cybersecurity starts with the basics, like knowing about all IT assets deployed, establishing secure configurations, monitoring “drift” from these secure configurations, prioritizing remediation actions based on risk scores, and validating that everything is working as it should.

Risk

Risk Cybersecurity

Ballooning growth of digital identities exposing organizations to greater cybersecurity risk

CSO Magazine

APRIL 14, 2022

A wave of digital initiatives by organizations worldwide has created an explosion of human and machine identities that are increasing the exposure of those organizations to ransomware and supply chain threats, according to CyberArk's 2022 Identity Security Threat Landscape report released Tuesday.

Risk

Risk Cybersecurity Ransomware

US CSO50 2022 awards showcase world-class security strategies

CSO Magazine

MAY 31, 2022

It is an opportunity for security leaders to share with their peers the risk and security innovations that led the way to greater success for their organizations. Honorees will be recognized in-person at the CSO50 Conference + Awards at the MGM National Harbor Hotel in National Harbor, MD from September 19-21, 2022.

Risk

Location data poses risks to individuals, organizations

CSO Magazine

JUNE 16, 2022

from 2022 to 2030. In the fall of 2021, Grandview Research estimated the U.S. market alone to be approximately $14 billion USD and expected it to expand at a compound annual growth rate (CAGR) of 15.6% To read this article in full, please click here

Risk

Risk Marketing Technology

The Relevance of Privacy-Preserving Techniques and Generative AI to DORA Legislation

Thales Cloud Protection & Licensing

OCTOBER 28, 2024

The Relevance of Privacy-Preserving Techniques and Generative AI to DORA Legislation madhav Tue, 10/29/2024 - 04:55 The increasing reliance on digital technologies has created a complex landscape of risks, especially in critical sectors like finance. The world has changed.

Encryption

Encryption Risk Data privacy Technology

The tech behind the 2022 US CSO50 winners: Celebrating the CSO50 Solutions Partners

CSO Magazine

JUNE 8, 2022

The CSO50 Award is a recognized mark of risk and security excellence. Here for the first time we recognise the technologies behind our CSO 50-winning projects, each by itself a provider of excellence in security and IT. These vendors partnered with our winning organizations. To read this article in full, please click here

CSO

CSO Technology Risk

Internet sanctions against Russia pose risks, challenges for businesses

CSO Magazine

MARCH 22, 2022

On March 10, 2022, the internet community issued a paper titled “ Multistakeholder Imposition of Internet Sanctions.” This “conversation document,” signed by a plethora of individuals from companies and organizations, posited seven principles: To read this article in full, please click here

Internet

Internet Internet Risk Government

Shadow IT is increasing and so are the associated security risks

CSO Magazine

JUNE 6, 2023

Consider the figures from research firm Gartner, which found that 41% of employees acquired, modified, or created technology outside of IT’s visibility in 2022 and expects that number to climb to 75% by 2027. In fact, it is as big a problem as ever and may even worsen.

Risk

Risk CISO Technology Malware

Startups to watch for 2022

CSO Magazine

FEBRUARY 4, 2022

It’s a risk for a company to commit to a startup’s product or platform, and it requires a different kind of customer/vendor relationship. They can move faster than most established companies to fill gaps or emerging needs. Startups can often innovative faster because they are unfettered by an installed base.

Risk

Risk Cybersecurity

CISA issues emergency warning over two new VMware vulnerabilities

CSO Magazine

MAY 19, 2022

CISA has urged organizations to take swift action to mitigate the risks associated with the vulnerabilities. CISA has urged organizations to take swift action to mitigate the risks associated with the vulnerabilities. To read this article in full, please click here

Risk

Risk Cybersecurity

What you should know when considering cyber insurance in 2023

CSO Magazine

DECEMBER 6, 2022

billion in direct written premiums were recorded in 2021, a 61% increase over the prior year, according to an October 2022 memorandum from the National Association of Insurance Commissioners. Some companies see it as essential to their risk management strategy,” says Heather Engel, managing partner at advisory firm Strategic Cyber Partners.

Cyber Insurance

Cyber Insurance Insurance Phishing Ransomware

Evil digital twins and other risks: the use of twins opens up a host of new security concerns

CSO Magazine

MAY 10, 2023

billion in 2022, will grow at a 37.5% Their uses are multifold and can be incredibly helpful, providing real-time models of physical assets or even people or biological systems that can help identify problems as or even before they occur. Grand View Research has predicted that the global digital twin market, valued at $11.1

Risk

Risk Marketing Cybersecurity

Barracuda report: Almost everyone faced an industrial attack in the last year

CSO Magazine

JULY 12, 2022

The State of Industrial Security in 2022 report surveyed 800 senior IT and security officers responsible for these industrial systems. “In To read this article in full, please click here

IoT

IoT Technology Risk

CISOs, what's in your travel security program?

CSO Magazine

DECEMBER 22, 2021

The travel industry opines it will return to pre-pandemic levels in mid- to late-2022. For this reason, every CISO should ensure their entity is prepared for this influx, which arguably adds a layer of risk. Now, with the ubiquitous COVID testing and vaccine protocols, business travel is on the uptick.

CISO

CISO Risk

Akamai releases new threat hunting tool backed by Guardicore capabilities

CSO Magazine

MARCH 7, 2023

Akamai on Tuesday launched Akamai Hunt, a visibility tool that uses the infrastructure of microsegmentation platform Guardicore to allow customers to identify and remediate threats and risks in their cloud environments. Akamai acquired Guardicore in October 2022 for about $600 million.

Risk

Hard-coded secrets up 67% as secrets sprawl threatens software supply chain

CSO Magazine

MARCH 8, 2023

The number of detected hard-coded secrets increased by 67% last year compared to 2021, with 10 million new secrets discovered in public GitHub commits in 2022. Hard-coded secrets pose significant security risks because they are often stored in plain text, making it easier for attackers to extract them from source code.

Software

Software Risk

Cyber liability insurance vs. data breach insurance: What's the difference?

CSO Magazine

JUNE 14, 2023

billion in 2022, according to research by Fortune Business Insights , and is expected to grow from $16.66 The global cyber insurance market was valued at $13.33 billion in 2023 to $84.62 billion by 2030.

Insurance

Insurance Data breaches Cyber Insurance Marketing

GAO report: government departments need dedicated leaders to oversee privacy goals

CSO Magazine

NOVEMBER 2, 2022

The US Government Accountability Office (GAO) released a comprehensive report in late September 2022 that discussed the need for dedicated privacy leadership within the departments and agencies of the executive branch of government if goals surrounding privacy are to be achieved.

Government

Government Accountability Risk

iPhone counterfeiting case highlights risks of supply/support chain manipulation

CSO Magazine

FEBRUARY 10, 2022

The sentencing of Haiteng Wu on February 2, 2022, for his participation in a three-plus-year conspiracy to defraud Apple out of just over $1.5 million shines the light on criminals who operate in the margins of warranty fulfillment of consumer products, such as the iPhone.

Risk

Risk Architecture Engineering

BadUSB explained: How rogue USBs threaten your organization

CSO Magazine

JANUARY 20, 2022

In January 2022, the FBI issued a public warning over a USB attack campaign in which numerous USB drives, laced with malicious software, were sent to employees at organizations in the transportation, defense, and insurance sectors between August and November 2021. Postal Service and UPS. BadUSB definition.

Insurance

Insurance Malware Software Risk

As critical Microsoft vulnerabilities drop, attackers may adopt new techniques

CSO Magazine

MARCH 21, 2023

While the total number of recorded Microsoft vulnerabilities was higher in 2022 than ever before, the number of critical vulnerabilities declined to its lowest point, according to the latest Microsoft Vulnerability Report by BeyondTrust, released Tuesday. In 2022, only 6.9% To read this article in full, please click here

Risk

When CISOs are doomed to fail, and how to improve your chances of success

CSO Magazine

OCTOBER 24, 2022

They know what they should do to mitigate risks, but they can't get enough support. According to the Heidrick & Struggles 2022 global survey , almost a quarter of CISOs have held their previous position for less than two years and 62% have been in their current role for less than a year.

CISO

CISO Risk

Recent legal developments bode well for security researchers, but challenges remain

CSO Magazine

JANUARY 26, 2023

Speaking at Shmoocon 2023 , Geiger pointed to three changes in hacker law in 2021 and 2022 that minimize security researchers' risks. To read this article in full, please click here

Risk

BrandPost: Four Key Ways CISOs can Strengthen OT Security

CSO Magazine

JUNE 29, 2022

Fortinet recently released its 2022 State of Operational Technology and Cybersecurity Report revealing that 93% of OT organizations experienced one intrusion in the past year and 78% of them experienced more than three intrusions. The survey also found that CISOs and business leaders consider OT security a top concern.

CISO

CISO Technology Risk Cybersecurity

Microsoft Event Log vulnerabilities threaten some Windows operating systems

CSO Magazine

OCTOBER 26, 2022

A pair of newly discovered vulnerabilities have highlighted the ongoing risks posed by Internet Explorer’s (IE) deep integration into the Windows ecosystem, despite Microsoft ending support for IE in June 2022. To read this article in full, please click here

Risk

Risk Internet Internet

BrandPost: Protecting the Edge Is More Important Than Ever

CSO Magazine

MARCH 7, 2023

from 2022 to 2030, reaching nearly $156 billion by 2030. But as is always the case, with greater reliance on the edge comes increased risk from cyberattacks. Edge computing is fast becoming an essential part of our future technology capabilities. This trend will only increase in the weeks, months, and years ahead.

Manufacturing

Manufacturing IoT Marketing Technology

BrandPost: New and evolving phishing attacks using AI platforms like ChatGPT are causing major issues

CSO Magazine

APRIL 25, 2023

Moreover, with the COVID-19 pandemic leading to a surge in remote work over the past several years, the risk of phishing attacks has only increased. increase in phishing attacks in 2022 compared to the previous year, a result of cybercriminals using increasingly sophisticated techniques to launch large-scale attacks.

Phishing

Phishing Retail Education Risk

Cybersecurity Snapshot: CISA Calls for Stamping Out Buffer Overflow Vulnerabilities, as Europol Tells Banks To Prep For Quantum Threat

Security Boulevard

FEBRUARY 14, 2025

Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) called buffer overflow vulnerabilities unforgivable defects that put national and economic security at risk. Analyze the root cause of past buffer overflow vulnerabilities to detect trends and patterns.

Banking

Banking Cybercrime Cybersecurity Ransomware

Remote code execution flaws in Spring and Spring Cloud frameworks put Java apps at risk

CSO Magazine

MARCH 31, 2022

That vulnerability is tracked as CVE-2022-22963. There was also some early confusion between this vulnerability and a different one patched Tuesday in Spring Cloud, a microservices library that's different from the core Spring Framework. To read this article in full, please click here

Risk

Vulnerabilities and exposures to rise to 1,900 a month in 2023: Coalition

CSO Magazine

FEBRUARY 6, 2023

Cybersecurity insurance firm Coalition has predicted that there will be 1,900 average monthly critical Common Vulnerabilities and Exposures ( CVEs ) in 2023, a 13% increase over 2022. billion IP addresses.

Insurance

Insurance Cyber threats Internet Internet

Cybersecurity Snapshot: Tenable Report Warns About Toxic Cloud Exposures, as PwC Study Urges C-Suite Collaboration for Stronger Cyber Resilience

Security Boulevard

OCTOBER 18, 2024

Check out invaluable cloud security insights and recommendations from the “Tenable Cloud Risk Report 2024.” 1 - Tenable: Riskiest cloud workloads present in 38% of orgs Almost 40% of global organizations have cloud workloads that put them at the highest risk of attack — an alarmingly high percentage.

Cybersecurity

Cybersecurity CISO CSO Risk

2022 CSO Hall of Fame honorees

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

Trending Sources

8 notable open-source security initiatives of 2022

Enterprises report rise in risk events, yet risk management lags

Why CISOs Are Stepping Away and What the Future Holds

BrandPost: 5 Threats to Watch Out for in 2022

15 Top Cybersecurity Certifications for 2022

Cyberattacks against governments jumped 95% in last half of 2022, CloudSek says

Cider Security Publishes New Research Identifying the Top 10 CI/CD Security Risks

M&A Trending In Cybersecurity Industry Vertical For 2022

How Northfield Hospital uses AI to minimize risk from cyberattacks

Security startups to watch for 2022

Spotlight: Traceable CSO Richard Bird on Securing the API Economy

Security hygiene and posture management: A 2022 priority

Ballooning growth of digital identities exposing organizations to greater cybersecurity risk

US CSO50 2022 awards showcase world-class security strategies

Location data poses risks to individuals, organizations

The Relevance of Privacy-Preserving Techniques and Generative AI to DORA Legislation

The tech behind the 2022 US CSO50 winners: Celebrating the CSO50 Solutions Partners

Internet sanctions against Russia pose risks, challenges for businesses

Shadow IT is increasing and so are the associated security risks

Startups to watch for 2022

CISA issues emergency warning over two new VMware vulnerabilities

What you should know when considering cyber insurance in 2023

Evil digital twins and other risks: the use of twins opens up a host of new security concerns

Barracuda report: Almost everyone faced an industrial attack in the last year

CISOs, what's in your travel security program?

Akamai releases new threat hunting tool backed by Guardicore capabilities

Hard-coded secrets up 67% as secrets sprawl threatens software supply chain

Cyber liability insurance vs. data breach insurance: What's the difference?

GAO report: government departments need dedicated leaders to oversee privacy goals

iPhone counterfeiting case highlights risks of supply/support chain manipulation

BadUSB explained: How rogue USBs threaten your organization

As critical Microsoft vulnerabilities drop, attackers may adopt new techniques

When CISOs are doomed to fail, and how to improve your chances of success

Recent legal developments bode well for security researchers, but challenges remain

BrandPost: Four Key Ways CISOs can Strengthen OT Security

Microsoft Event Log vulnerabilities threaten some Windows operating systems

BrandPost: Protecting the Edge Is More Important Than Ever

BrandPost: New and evolving phishing attacks using AI platforms like ChatGPT are causing major issues

Cybersecurity Snapshot: CISA Calls for Stamping Out Buffer Overflow Vulnerabilities, as Europol Tells Banks To Prep For Quantum Threat

Remote code execution flaws in Spring and Spring Cloud frameworks put Java apps at risk

Vulnerabilities and exposures to rise to 1,900 a month in 2023: Coalition

Cybersecurity Snapshot: Tenable Report Warns About Toxic Cloud Exposures, as PwC Study Urges C-Suite Collaboration for Stronger Cyber Resilience

Stay Connected