Centraleyes

NOVEMBER 8, 2023

The SEC’s proposed cybersecurity disclosure rule , known as the Proposed Rule for Public Companies (PRPC), has ushered in a wave of concerns and challenges, particularly for CISOs. This tight timeline raises questions about the rules’ practicality and potential impact on CISOs’ liability.

CISO 52

CISO Cyber Risk Risk Cybersecurity 52

Security Boulevard

DECEMBER 29, 2022

The post 2023 Will Be The Year of Risk: 8 InfoSec Predictions for the New Year appeared first on Hyperproof. The post 2023 Will Be The Year of Risk: 8 InfoSec Predictions for the New Year appeared first on Security Boulevard.

InfoSec 72

InfoSec Risk Cyber Attacks CISO 72

The Last Watchdog

MARCH 4, 2024

Assess risks. Creating a solid cybersecurity foundation begins with understanding the organization’s risks. A recent study found only 27% of charities undertook risk assessments in 2023 and only 11% said they reviewed risks posed by suppliers. Keep software updated.

Social Engineering 213

Social Engineering Risk Cybersecurity Authentication 213

Anton on Security

MAY 24, 2023

talk to us :-) These are the episodes: EP52 Securing AI with DeepMind CISO EP68 How We Attack AI? What portion of AI-related “badness” (harm, risk, etc) fits within the cybersecurity domain? BTW, if you have anything fun to say about LLM security (easy!) and you actually know what you are talking about (hard!),

Artificial Intelligence 130

Artificial Intelligence CISO Risk Marketing 130

Security Boulevard

JUNE 15, 2023

The post Threat Spotlight: Incident Response & Cybercrime in 2023 appeared first on Security Boulevard.

Cybercrime 52

Cybercrime CISO Cyber threats Marketing 52

The Last Watchdog

MARCH 1, 2023

The linked white paper explains the three stages of this process: •Assessing secrets leakage risks •Establishing modern secrets management workflows •Creating a roadmap to improvement in fragile area This model emphasizes that secrets management is more than just how an organization stores and shares secrets.

Authentication 222

Authentication CISO Passwords Software 222

Security Boulevard

SEPTEMBER 6, 2023

The threat landscape has never been more challenging for CISOs and security teams than in 2023. The post Threat Intelligence Analytics: Making the Most of Your CTI Program appeared first on Security Boulevard.

CISO 111

CISO Cyber threats Ransomware Risk 111

Jane Frankland

OCTOBER 31, 2023

Instead, they’ve become complacent in their defence practices and may be exposing themselves to increased risks without even realising it. Having surveyed over 500 CISOs and ITDMs responsible for cybersecurity on the challenges faced with SOCs, their insights are not to be missed.

CISO 147

CISO Threat Detection Cyber threats Cybercrime 147

Jane Frankland

MAY 8, 2024

This is what I’ll be delving into in this blog, where I’ll be exploring how these two fields are intersecting and what that means for our digital landscape. This not only frees up valuable time for security professionals to focus on more complex tasks but also reduces the risk of human error.

Cyber threats 130

Cyber threats Cybersecurity Artificial Intelligence CISO 130

BH Consulting

NOVEMBER 22, 2023

From the off, 2023 struck a more downbeat tone than last year’s edition. Rising attacks against critical infrastructure Data Breach Today reported that cyberattacks against Ukrainian critical infrastructure have intensified during 2023. “In Stuxnet in 2010 was the first the most recent was CosmicEnergy in 2023.

Cybercrime 64

Cybercrime Technology Cybersecurity Engineering 64

Security Boulevard

MAY 24, 2023

talk to us :-) These are the episodes: EP52 Securing AI with DeepMind CISO EP68 How We Attack AI? What portion of AI-related “badness” (harm, risk, etc) fits within the cybersecurity domain? BTW, if you have anything fun to say about LLM security (easy!) and you actually know what you are talking about (hard!),

Artificial Intelligence 69

Artificial Intelligence CISO Risk Marketing 69

Security Boulevard

MAY 18, 2023

Read More The post Purchasing Pattern Trends in GRC: Where Budgets and Time Are Spent in 2023 appeared first on Hyperproof. The post Purchasing Pattern Trends in GRC: Where Budgets and Time Are Spent in 2023 appeared first on Security Boulevard.

Data privacy 59

Data privacy CISO Risk Government 59

Duo's Security Blog

JANUARY 23, 2024

Throughout 2023, we’ve heard about many high-profile security incidents targeting a wide range of publicly listed companies. Additionally, Chief Information Security Officers (CISOs) have also been under scrutiny for the actions they’ve taken to address these issues. WebAuthn is important.

Authentication 75

Authentication Accountability CISO Technology 75

Jane Frankland

JANUARY 12, 2024

Facing a perplexed gaze, I turned my back on one of cybersecurity’s most high profile CISOs, my hands pressed firmly against my ears, belting out a powerful melody. Countless studies have shown that women and men gauge risk differently. In that moment, I found myself at a crossroads. For example, Byrnes et al. Research by Gavin D.

Cybersecurity 182

Cybersecurity Risk Banking CISO 182

NetSpi Executives

OCTOBER 17, 2023

Department of Health and Human Safety is Assisting TL;DR The Consolidated Appropriations Act of 2023 brings a substantial change to the regulation of medical device cybersecurity. Department of Health and Human Safety is Assisting In March 2023, the U.S. Additionally, the requirements expand government involvement in this sector.

Healthcare 94

Healthcare Manufacturing Cyber Risk Cybersecurity 94

BH Consulting

FEBRUARY 15, 2024

Creeping cyber risk grabbing global headlines The World Economic Forum’s latest Global Cybersecurity Outlook 2024 gives senior leaders a high-level overview of cybersecurity trends. Cyber attacks featured in the top five risks for the year ahead, along with factors like extreme weather and the cost of living crisis.

Passwords 52

Passwords Surveillance Risk Data breaches 52

NetSpi Executives

OCTOBER 13, 2023

A novel 0-day vulnerability referred to as, “HTTP/2 Rapid Reset,” (CVE-2023-44487) sent the cybersecurity industry into quick action to minimize potential risks. This vulnerability abuses certain features of HTTP/2 protocol and allows for Distributed Denial of Service (DDoS) attacks at an unprecedented scale.

DDOS 52

DDOS CISO Engineering Technology 52

BH Consulting

JANUARY 16, 2024

The Economist closed 2023 by quoting experts who believe it could be the worst year on record for these attacks. Meanwhile Wired named two ransomware gangs, Alphv and CIOp, among its ‘most dangerous people 2023’ list. Although the blog focuses on the U.S., Register now Links we liked “Think 2023 on steroids.”

Ransomware 69

Ransomware Penetration Testing InfoSec Cybersecurity 69

The Last Watchdog

MARCH 21, 2022

Evolving privacy regulations like the General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) mean ongoing headaches for cybersecurity, compliance and risk management teams. Conduct risk analysis. Some regulations require a proactive approach to identifying and mitigating data risk.

Encryption 214

Encryption Data privacy Cloud Migration Risk 214

BH Consulting

MARCH 21, 2024

Creeping cyber risk grabbing global headlines Ransomware keeps reminding us of the strong connection between a cybersecurity incident and financial loss. million out of £106 million in financial losses in its 2023 fiscal year were due to a ransomware attack. MORE Jane Frankland argues that making CISOs into heroes isn’t helpful.

Cyber threats 69

Cyber threats Ransomware Healthcare Risk 69

Security Boulevard

DECEMBER 21, 2023

2023 will be remembered as the year when breaches of trust, not cybersecurity, led to a fever pitch of litigation and regulatory changes. In 2023, the Federal Trade Commission (FTC) implemented a delayed formal change to the Safeguards Rule, expanding the scope of covered entities, and announced another change to be effective in early 2024.

Cybersecurity 69

Cybersecurity Data privacy CISO Risk 69

DoublePulsar

DECEMBER 3, 2023

How CitrixBleed vulnerablity in Netscale has become the cybersecurity challenge of 2023. This Fedcomp platform was not patched for CitrixBleed, as no Netscaler patches had been applied since May 2023: [link] A ransomware group gained entry to Trellance via Ongoing Operations. This has since been confirmed by the US Treasury.

Ransomware 100

Ransomware Cybersecurity Healthcare Government 100

SecureWorld News

AUGUST 7, 2023

In a LinkedIn post today , Frank DePaola, VP & CISO at EnPro Industries, wrote this: "This is extremely excessive. I feel bad for organizations who don't have Legal or contract review teams that can weigh in on these risks. #ai July 27, 2023.AND ⌚ Effective Date? Already passed. AND NO OPT OUT.

Healthcare 89

Healthcare Accountability Data privacy CISO 89

NetSpi Executives

JANUARY 8, 2024

From the emergence of the MOVEit vulnerability to the wide adoption of ChatGPT and its associated security risks, nearly every industry was impacted by cyber threats. Nabil Hannan Field CISO “We’re still facing a deficit of cybersecurity professionals globally. has made strides in cybersecurity legislation and guidance in 2023.

Digital transformation 78

Digital transformation Cloud Migration Artificial Intelligence Software 78

Jane Frankland

AUGUST 18, 2023

risk, the human side, IAM, cloud, etc) or on group identity, like gender or leadership level, and some offer a good choice of topics. Additionally, blogging afterwards as this share not only helps others, but it helps you cement your learning as well as elevating your profile online. Many enjoy this.

Cybersecurity 130

Cybersecurity Risk Media Government 130

Thales Cloud Protection & Licensing

MAY 24, 2023

The Rise of the Sovereign Cloud sparsh Thu, 05/25/2023 - 04:04 One of the big ironies about data on the internet is that once the goal of achieving a centreless web of data communication (the internet itself) had been developed and built out, the next area of focus became how to draw borders around it.

Encryption 71

Encryption Internet Internet Data privacy 71

Duo's Security Blog

APRIL 20, 2023

As hybrid work continues in 2023 and into the foreseeable future, employees are demanding flexibility when accessing applications from any location and device. Adopting modern authentication standards like OpenID Connect (OIDC) helps organizations to reduce risk of data breaches.

Authentication 52

Authentication Mobile Data breaches Education 52

Cisco Security

AUGUST 30, 2021

billion networked devices by 2023. This massive explosion in device growth will increase reliance on APIs which brings increased security risk. Besides unauthorized data exposure from the earlier example, unsecured APIs are ripe for all the risks outlined in the OWASP API Top 10 list. I recommend working the list top down.

Software 108

Software Authentication Risk Encryption 108

Security Boulevard

JANUARY 5, 2023

Thu, 01/05/2023 - 14:45. Facing the noise that started after publication and the high number of HotNews Notes that SAP was starting to release just two days after the official SAP December Patch Day, CISOs and SAP Basis teams around the world realized that it was going to become a busy Christmas time and a challenging start into 2022.

Internet 52

Internet Internet CISO Education 52