SecureWorld News

MAY 2, 2025

This surge is driven by a convergence of factorsfrom a spike in ransom ware attacks to the digital transformation of healthcarethat CISOs and healthcare executives must understand and act upon. Understanding these factors can help CISOs and healthcare leaders prioritize their security strategies.

Healthcare 100

Healthcare Marketing Cybersecurity CISO 100

SecureWorld News

JUNE 5, 2025

Custom Detections Are Lacking: Custom detection rules tuned to an organization's unique environment account for less than 20% of detections. SIEM as a Cost Sink, Not a Value Engine: As one CISO in the report stated: "We treat our SIEM like a security Swiss Army knife, but don't use half the blades."

Engineering 109

Engineering Authentication CISO Architecture 109

Security Boulevard

DECEMBER 30, 2024

In this post, we look at the enforcement actions the SEC has taken and what public company CISOs should do to stay in compliance. Exposure management can help meet the SEC requirements So what can a CISO do about this? This pushed C-level executives and boards to adopt measures for compliance and transparency. and where are we at risk?

Cybersecurity 85

Cybersecurity Cyber Risk CISO Risk 85

Security Boulevard

JANUARY 2, 2024

The fall of VPNs and firewalls The cyberthreats and trends of 2023 send a clear message to organizations: they must evolve their security strategies to the times and embrace a zero trust architecture. As such, it is imperative to prioritize these security measures in 2024.

CISO 104

CISO Social Engineering Architecture Ransomware 104

Notice Bored

AUGUST 5, 2022

Security Posture suggests a confusing mix of application and account security metrics. A glossy, nicely-constructed and detailed PowerPoint slide deck by Microsoft Security caught my beady this morning.

CISO 63

CISO Risk Artificial Intelligence Marketing 63

Jane Frankland

OCTOBER 31, 2023

In this blog, I’ll be exploring some of the main cracks in current cybersecurity defence approaches specifically around Secure Operation Centres (SOCs) and the value that CISOs and ITDMs are currently getting from their internal teams and third-party providers. You know economic downturns incentivise cybercriminals.

CISO 147

CISO Threat Detection Cyber threats Cybercrime 147

The Last Watchdog

AUGUST 19, 2021

Chris Clements, VP of Solutions Architecture, Cerberus Sentinel. Compromising that could make other unrelated accounts vulnerable. Account takeovers can be used to steal money at its very root; and fraudsters can also use this to access loyalty accounts for airlines, hotels, etc., Baber Amin , COO, Veridium : Amin.

Mobile 235

Mobile Data breaches Authentication Accountability 235

Cisco Security

OCTOBER 18, 2021

The primary job of the Chief Information Security Officer (CISO) is to exercise continuous diligence in reducing risk, within the risk appetite and risk tolerance of the organization, so that the likelihood of a boom is low, and the corresponding magnitude of harm is limited. Some “Left of Boom” Processes. Frameworks.

Cybersecurity 141

Cybersecurity CISO Insurance Risk 141

IT Security Guru

APRIL 12, 2022

CISOs and security professionals work to limit this burgeoning threat landscape, however, it’s a work in progress. . The attackers target the legacy and insecure IMAP protocol to bypass MFA settings and compromise cloud-based accounts providing access to SaaS apps. About Maor Bin , CEO & Co-Founder of Adaptive Shield.

CISO 113

CISO Passwords Marketing System Administration 113

CyberSecurity Insiders

JANUARY 19, 2022

Seven Cloud Security Predictions CISOs Can Use in 2022. Our goal is to help chief information security officers (CISOs) and their teams place the right bets on cloud data security. Security teams will evolve from gatekeepers to enablers: Recent events have forced CISOs and security teams to transform the way they work.

CISO 126

CISO Data breaches Artificial Intelligence Digital transformation 126

McAfee

NOVEMBER 3, 2020

Forrester also predicts that the number of women CISOs at Fortune 500 companies will rise to 20 percent in 2019 , compared with 13 percent in 2017. Director/CISO of IT Risk Management. Director/CISO of IT Risk Management at Ulta Beauty located in Bolingbrook, IL. Alexandra holds a B.S. Diane Brown. Ulta Beauty. Elizabeth Moon.

Cybersecurity 93

Cybersecurity Architecture Cloud Migration Retail 93

Security Boulevard

MAY 20, 2025

That urgency was echoed powerfully in JPMorgan CISO Patrick Opets open letter to SaaS vendors. We must modernize security architecture to optimize SaaS integration and minimize risk. The shared responsibility model especially in SaaS has too often become a shield vendors use to deflect accountability. This hits a nerve.

Risk 52

Risk CISO Architecture Firewall 52

eSecurity Planet

JULY 23, 2021

On its own, it’s not going to give a remote attacker access to anything, but if combined with other attacks, it’s possible an attacker could leverage a user account from somewhere else and pivot into this to get root access,” Smith said. ‘Noisy’ Vulnerabilities.

Accountability 145

Accountability Big data CISO Architecture 145

The Last Watchdog

SEPTEMBER 19, 2024

19, 2024, CyberNewsWire — Aembit , the non-human identity and access management (IAM) company, today released its 2024 Non-Human Identity Security Report , a definitive survey highlighting how organizations currently manage and protect non-human identities (NHIs) – such as applications, scripts, and service accounts.

CISO 100

CISO Architecture Media Authentication 100

Cisco Security

APRIL 20, 2021

This action accounted for over 38% of the contributions to our findings during the evaluation. Cisco Secure Endpoint and MITRE ATT&CK: Why it matters to CISOs right now. Cisco Secure Endpoint is security that works for your secure remote worker, SASE, XDR, and Zero Trust architecture. Orbital Advanced Search.

Financial Services 133

Financial Services CISO Architecture Malware 133

SecureWorld News

JUNE 3, 2024

This allowed the threat actor to access and exfiltrate data hosted on the Snowflake platform across multiple customer accounts. Brad Jones, CISO at Snowflake, issued a Joint Statement regarding Preliminary Findings in Snowflake Cybersecurity Investigation on its Snowflake Forums. It did not contain sensitive data.

Data breaches 106

Data breaches Authentication Accountability Passwords 106

CyberSecurity Insiders

OCTOBER 7, 2021

. & HYDERABAD, India–( BUSINESS WIRE )–Analytics Insight has named ‘ The 10 Most Influential CISOs to Watch in 2021 ’ in its October magazine issue. The magazine issue recognizes ten futuristic CISOs who are reimagining the business world and adopting new ways of working. He holds a Ph.D

CISO 40

CISO Computers and Electronics Information Security Technology 40

SecureWorld News

OCTOBER 19, 2023

I think it requires taking a step back and assessing what you can do with less," said Chris Roberts, CISO and Senior Director at Boom Supersonic. Andrew Smeaton, CISO at Afiniti, says reassessment of cybersecurity programs and plans is necessary. Too many folks focus on the technology as opposed to the people or process.

Cybersecurity 104

Cybersecurity CISO Phishing Education 104

Cisco Security

APRIL 19, 2022

In 2017, Sandworm infiltrated Ukrainian accounting software MeDoc and hijacked the company’s update mechanism which resulted in malicious software being introduced to copies of the MeDoc software used by its customers. Cisco Secure Endpoint and MITRE ATT&CK: Why it matters to CISOs right now. Scenario 2: Sandworm. Protection Test.

Software 141

Software CISO Architecture Healthcare 141

Cisco Security

JUNE 30, 2022

After two years of virtual engagements, in-person events like our CISO Forum and Cisco Live as well as the industry’s RSA Conference underscore the power of face-to-face interactions. As long as cyber criminals continue seeking to breach our privacy and data, these rules help hold us accountable. . Within the past year, the U.S.

Digital transformation 145

Digital transformation Data privacy Identity Theft Data breaches 145

Security Boulevard

MAY 2, 2025

Specifically, CISA and USCG assessors had the most success gaining initial access, attaining network permanence, evading defenses and moving laterally by using valid accounts, phishing schemes and default credentials all simple attack methods.

Cybersecurity 52

Cybersecurity Software Cyber Risk Risk 52

Security Boulevard

DECEMBER 27, 2024

In addition, this data will be distributed across a complex multi-cloud landscape of locations, accounts and applications. 2 - CISOs will turn to multi-cloud security platforms When it comes to the cloud, enterprises are increasingly wary of putting all their eggs in one basket.

Cybersecurity 59

Cybersecurity CISO CSO Data breaches 59

SecureWorld News

MAY 29, 2024

The risk is too great, and key business partnerships are required," said Amy Bogac , former CISO at The Clorox Company. "If Safety is always the number one priority in manufacturing organizations," said Tammy Klotz , CISO at Trinseo. It warns that by 2030, damages from cyberattacks on manufacturing could total $1.5

Manufacturing 109

Manufacturing CISO Cyber threats Risk 109

SecureWorld News

JUNE 24, 2024

Additionally, there sectoral privacy regulations in the United States, such as the Health Insurance Portability and Accountability Act (HIPAA), and state level regulations like the California Consumer Privacy Act (CCPA). The potential loss of reputation from a privacy breach is a clarion call for business executives and CISOs.

IoT 109

IoT InfoSec Artificial Intelligence Risk 109

eSecurity Planet

SEPTEMBER 1, 2021

SAP National Security Services (NS2) CISO Ted Wagner told eSecurityPlanet that network slicing “adds complexity, which may lend itself to insecure implementation. To be successful, an attacker must gain access to the 5G Service Based Architecture. 5G Systems Architecture. Policy and Standards.

Risk 137

Risk Cybersecurity IoT Wireless 137

NetSpi Executives

DECEMBER 3, 2024

An opportunity to rethink resilience, innovation, and accountability in cybersecurity. ” Nabil Hannan Field CISO Landscape shift toward CISO accountability “I anticipate that in 2025, we will see a shift in the CISO accountability landscape and how these leaders are held responsible when data breaches and cyberattacks occur.

Cybersecurity 59

Cybersecurity CISO Social Engineering Accountability 59

Security Boulevard

MARCH 24, 2022

CEO Todd McKinnon tweeted, “In late January 2022, Okta detected an attempt to compromise the account of a third-party customer support engineer working for one of our subprocessors. At ShiftLeft we elected to use an agent-based architecture that does not require us to upload all your source code into our systems.

Risk 122

Risk Software Engineering Passwords 122

SecureWorld News

MAY 31, 2024

Cloud Solution Architect: While not purely cybersecurity, this role is heavily focused on cloud security in addition to architecture. Now, CISO is a run of the mill job fraught with stress and responsibility and likely to burn and churn or give you an ulcer."

Artificial Intelligence 109

Artificial Intelligence Cybersecurity Engineering Technology 109

Security Boulevard

SEPTEMBER 9, 2022

But hiring a full-time chief information security officer (CISO) is not always possible for organizations – nor is it always needed. Read on to learn why you might want to consider a virtual CISO (vCISO), and the benefits that come with that decision. As we mentioned, hiring a full-time CISO is not always possible – or necessary.

Information Security 59

Information Security CISO Risk Cybersecurity 59

SC Magazine

JUNE 2, 2021

Most CISOs understand that zero trust doesn’t function as a single off-the-shelf solution they can implement easily. companies need to strike a balance between fixing the access for remote and unmanaged endpoints while preparing the existing digital infrastructure to adopt zero trust architecture. . High friction and high cost .

Architecture 85

Architecture Artificial Intelligence Big data Authentication 85

SC Magazine

JUNE 4, 2021

Implement reference architectures based on the security patterns. CISOs need to lead from the front and take an active role in the evangelization and implementation of cloud security controls under the auspices of a secure enterprise cloud operating model. Design core cloud security patterns that comply with the policy and standards.

Penetration Testing 78

Penetration Testing Technology DNS CISO 78

Security Boulevard

MAY 31, 2022

I especially enjoyed my conversation with Ryan Melle, SVP and CISO at Berkshire Bank. According to Ryan, “We considered other solutions, but they didn’t provide the range of capabilities we needed – we found the Salt architecture to be unique. He’s a pragmatist, and he gets things done quickly.

Banking 52

Banking Digital transformation Architecture Big data 52

SecureWorld News

NOVEMBER 23, 2021

And Apple's Head of Security Engineering and Architecture was extremely blunt when he announced the lawsuit on Twitter. State-sponsored actors like the NSO Group spend millions of dollars on sophisticated surveillance technologies without effective accountability. Related with Rebecca Rakoski: Suing the CISO Podcast ].

Spyware 96

Spyware Surveillance Engineering Software 96

SecureWorld News

MAY 25, 2023

The threat actor attempts to leverage any privileges afforded by the Fortinet device, extracts credentials to an Active Directory account used by the device, and then attempts to authenticate to other devices on the network with those credentials," the announcement said. Here is a CNBC report on the warning from Microsoft.

Firewall 98

Firewall Cyber threats Telecommunications Internet 98

McAfee

NOVEMBER 10, 2021

Under the guidance of Dan Meacham, VP of Global Security and Corporate Operations and CSO/CISO, the multi-billion dollar organization transitioned from on-premises data centers to the cloud in 2012. Its cloud-native, open architecture was exactly the right fit for Legendary Entertainment’s environment. Unacceptable levels of risk.

Data breaches 93

Data breaches Risk CSO Accountability 93

Security Boulevard

OCTOBER 18, 2022

If you talk to most CISOs, they readily acknowledge this is occurring, and current solutions, such as cloud access security brokers (CASBs) , provide data but do not provide clearly prioritized, actionable remediation steps to mitigate SaaS security risk comprehensively. Without the first two pillars, this one is near impossible.

Risk 52

Risk CISO Architecture Marketing 52

Security Boulevard

MARCH 24, 2022

According to a blog penned by the Okta CISO, here’s what happened: On January 20 2022, a third-party customer support engineer working for Okta had their account compromised by Lapsus$. Review cloud admin/super admin account audit logs. Review all executive accounts including MFA method changes. MFA Bypass Attempt.

Accountability 59

Accountability Authentication Passwords Social Engineering 59