CSO Magazine

MARCH 24, 2023

"Basically, every organization that uses this tool is at risk of losing their AI models, having an internal server compromised, and having their AWS account compromised," Dan McInerney, a senior security engineer with cybersecurity startup Protect AI, told CSO. It's pretty brutal."

CSO 111

CSO Authentication Engineering Internet 111

CSO Magazine

JULY 26, 2022

Helsinki-based cybersecurity vendor WithSecure (formerly F-Secure Business) says it has discovered an operation, dubbed “DUCKTAIL,” that uses social media-based spear phishing attacks to gain access to Facebook Business accounts. Previous attacks targeting Facebook did not target Facebook Business accounts in particular.

Accountability 80

Accountability Malware Media Phishing 80

CSO Magazine

MAY 3, 2022

Effective partnerships between CISOs and their cybersecurity vendors are integral to security success. A well-oiled relationship built on trust, communication and mutual understanding can reap significant benefits for a business’s cybersecurity posture. To read this article in full, please click here

CISO 128

CISO CSO Cybersecurity Accountability 128

CSO Magazine

APRIL 13, 2022

Penetration testing has shown cybersecurity manager David Murphy just how problematic people can be. Learn 8 pitfalls that undermine security program success and 12 tips for effectively presenting cybersecurity to the board. Sign up for CSO newsletters. ]. Sign up for CSO newsletters. ].

Penetration Testing 95

Penetration Testing CSO Phishing Passwords 95

CyberSecurity Insiders

MARCH 30, 2023

Seasoned CISOs/CSOs understand the importance of effectively communicating cyber risk and the need for investment in cybersecurity defense to the board of directors. To ensure cybersecurity becomes a strategic part of the corporate culture, it is crucial for CISOs to present the topic in a clear, concise, and compelling manner.

Cybersecurity 119

Cybersecurity Cyber Risk CISO Risk 119

SecureWorld News

JANUARY 26, 2022

million could be stolen from company accounts, according to the Financial Times. Businesses of all shapes and sizes need to do more to foster an open culture where employees feel able to raise concerns about cybersecurity issues. They also mentioned the company could face regulatory action if the vulnerabilities were not addressed.

Cybersecurity 77

Cybersecurity CSO Cyber Attacks Government 77

Security Through Education

OCTOBER 27, 2021

That is why, for this October’s Cybersecurity Awareness Month , we encourage you to Do Your Part #BeCyberSmart! Cybersecurity First at Work. Owning your role in cybersecurity can seem cumbersome when approached by someone outside the security industry. Cybersecurity First at Home. Don’t make passwords easy to guess.

Cybersecurity 137

Cybersecurity Social Engineering Firewall Engineering 137

CSO Magazine

AUGUST 30, 2021

Enterprise-class password managers have become one of the easiest and most cost-effective ways to help employees lock down their online accounts. Learn 12 tips for effectively presenting cybersecurity to the board and 6 steps for building a robust incident response plan. Sign up for CSO newsletters. ].

Password Management 145

Password Management Passwords CSO Accountability 145

CSO Magazine

JUNE 8, 2021

In December 2020, the US Government Accounting Office (GAO) made 145 recommendations to 23 federal agencies relating to supply chain risks. In May 2021, the GAO’s director of information technology and cybersecurity, Vijay A. Get the latest from CSO by signing up for our newsletters. ].

Government 121

Government CSO Risk Accountability 121

CSO Magazine

MARCH 3, 2023

Undoubtedly, our industry needs to create more initiatives to attract a more diverse group of professionals—including women—to STEM-focused careers like cybersecurity. While women make up nearly 50% of the world’s population, they only account for an estimated 24% of the cybersecurity workforce.

Cybersecurity 105

Cybersecurity Accountability 105

CSO Magazine

JANUARY 31, 2023

Guardz, a Tel Aviv-based startup promising a broad range of out-of-the-box cybersecurity solutions for small and medium-size businesses (SMBs), has announced both a successful $10 million round of seed funding and the broad availability of its flagship product. To read this article in full, please click here

Small Business 99

Small Business Cybersecurity Threat Detection Accountability 99

CSO Magazine

MAY 19, 2022

Users of Strapi, a popular headless content management system written entirely in JavaScript and focused on API development, should update their installations as soon as possible to fix two vulnerabilities that could lead to administrative accounts being compromised. To read this article in full, please click here

Accountability 65

Accountability Phishing Passwords Cybersecurity 65

CSO Magazine

SEPTEMBER 16, 2022

Ride-hailing giant Uber has confirmed that it is responding to a cybersecurity incident as reports emerge that the firm has suffered a significant network data breach forcing it to shut down several internal communications and engineering systems. Attacker announces Uber breach through compromised Slack account.

Data breaches 103

Data breaches Cybersecurity Accountability Engineering 103

CSO Magazine

JUNE 21, 2021

Learn 12 tips for effectively presenting cybersecurity to the board and 6 steps for building a robust incident response plan. Sign up for CSO newsletters. ].

CISO 116

CISO Risk CSO Accountability 116

CSO Magazine

OCTOBER 18, 2022

Millennials and Gen Z employees in the US are much less likely to prioritize or adhere to cybersecurity protocols than their older Gen X and Baby Boomer counterparts, according to a recent survey by EY Consulting. To read this article in full, please click here

Cybersecurity 128

Cybersecurity Passwords Accountability 128

CSO Magazine

MAY 28, 2021

These efforts recently escalated with an attack launched from a hijacked email marketing account belonging to USAID and targeted around 3,000 people across over 150 organizations in 24 countries. Learn 12 tips for effectively presenting cybersecurity to the board and 6 steps for building a robust incident response plan.

CSO 105

CSO Government Marketing Hacking 105

The Security Ledger

SEPTEMBER 25, 2018

SAP CSO Justin Somaini. October is Cybersecurity awareness month. For consumers, that means boning up on account security – maybe getting a password manager. Somaini has the distinction of being the first CSO at Yahoo and also at Symantec.

CSO 40

CSO Hacking Security Awareness Password Management 40

CSO Magazine

NOVEMBER 30, 2022

Amazon Web Services (AWS) has launched a new cybersecurity service, Amazon Security Lake, which automatically centralizes security data from cloud and on-premises sources into a purpose-built data lake in a customer’s AWS account, the company said in a statement. To read this article in full, please click here

Cybersecurity 84

Cybersecurity Accountability Risk 84

CSO Magazine

JULY 12, 2022

military, has in previous years been a vehicle through which a wide swath of cybersecurity legislation has passed, given the struggles that standalone cybersecurity bills experienced. The NDAA, enacted every year to fund the U.S.

Cybersecurity 98

Cybersecurity Accountability 98

CSO Magazine

FEBRUARY 15, 2023

Given the prevalence of open source code in modern software — Oligo contends that it accounts for something like 80% or 90% — there is a need for software composition analysis solutions that can check the code for potential vulnerabilities. The current generation of solutions, however, is “noisy,” according to Oligo.

Cybersecurity 125

Cybersecurity Software Accountability Technology 125

SecureWorld News

DECEMBER 11, 2023

December 15, 2023, marks a significant shift in the cybersecurity landscape for publicly traded companies. Securities and Exchange Commission (SEC) has implemented new cyber incident disclosure rules, requiring companies to be more transparent and timely in their communication of cybersecurity breaches and vulnerabilities.

CISO 88

CISO Risk Cybersecurity CSO 88

CSO Magazine

JULY 12, 2022

Private risk consultancy firm Concentric has announced the launch of Eclipse, a new “turnkey solution” designed to provide enhanced cybersecurity and digital privacy to users. The release comes as cybercrime continues to plague organizations across the globe and data becomes a key commodity of value to malicious cyber actors.

Data privacy 75

Data privacy Cybersecurity Cybercrime Accountability 75

McAfee

NOVEMBER 12, 2020

Cybersecurity can be one of the most nuanced and important areas of focus for a board, but not all board members are well versed in why and what they need to care about related to cybersecurity. Cybersecurity is a board level topic for three main reasons: Cybersecurity breaches are a serious matter for any company.

Cybersecurity 61

Cybersecurity Government Risk Penetration Testing 61

Malwarebytes

APRIL 28, 2022

This happened because they provided information in response to emergency data requests from legitimate law enforcement accounts that hackers had compromised. Third, victims can’t protect themselves from such attacks unless they completely delete their accounts. This tactic has become prevalent in recent months.

CSO 99

CSO Accountability Authentication Cybersecurity 99

SecureWorld News

JUNE 26, 2023

While these Wells Notices are official investigations, they are a sign of a potential intent to investigate the CISO and CFO. Barton Kalsu and CISO Tim Brown have both been with Austin, Texas-based SolarWinds since before the breach that impacted at least nine federal agencies and approximately 100 organizations.

CISO 88

CISO CSO Data privacy Cyber Risk 88

CyberSecurity Insiders

JULY 13, 2021

Meaning, they were caught tracking the location of users, their names, their whereabouts, private messages, viewing deleted photos from their accounts, and what not! The post Facebook is firing three engineers per month for accessing user data appeared first on Cybersecurity Insiders.

Engineering 145

Engineering CSO Advertising Media 145

SecureWorld News

MARCH 10, 2021

He also says that it is very important to note that this issue was not the result of compromised account passwords, SSH keys, or personal access tokens (PATs). For the very small population of accounts that we know to be affected by this issue, we've reached out with additional information and guidance.".

Authentication 78

Authentication CSO Accountability Engineering 78

CyberSecurity Insiders

NOVEMBER 1, 2021

October is coming to a close and so is Cybersecurity Awareness Month. As a result, the Biden Administration has made cybersecurity a top priority. Just this May, President Biden signed a sweeping executive order (EO) outlining several cybersecurity measures and requirements intended to harden the U.S. How can that be?

Cybersecurity 52

Cybersecurity Backups Ransomware Passwords 52

SecureWorld News

AUGUST 12, 2020

Your questions about deception technology in cybersecurity, answered. In a recent conversation with Michael Meyer, Chief Risk Officer (CRO) and Chief Security Officer (CSO) at MRS BPO, SecureWorld covered the wide world of deception technology and cybersecurity.

Technology 52

Technology Cybersecurity CSO IoT 52

CyberSecurity Insiders

MAY 16, 2022

By Amanda Fennell, CSO and CIO, Relativity. Security programs must shoulder accountability for setting employees in different roles up for success. Effective learning management systems are available that take into account the human attention span. But tools and processes alone are two variables in an incomplete equation.

CSO 131

CSO Passwords Password Management Accountability 131

eSecurity Planet

JULY 27, 2023

Securities and Exchange Commission this week announced new rules mandating the disclosure of cybersecurity incidents as well as ongoing risk management, strategy, and governance. “Currently, many public companies provide cybersecurity disclosure to investors,” Gensler said.

Data privacy 98

Data privacy Risk Government Cyber threats 98

Security Boulevard

OCTOBER 16, 2022

Former Uber CSO Joe Sullivan was found guilty of obstructing a federal investigation in connection with the attempted cover-up of a 2016 hack at Uber, NIST and Microsoft say that mandatory password expiration is no longer needed but many organizations are still doing it, and how fake executive profiles are becoming a huge problem for […].

Passwords 52

Passwords CSO Hacking Accountability 52

CSO Magazine

MAY 17, 2023

Financially motivated threat actor UNC3944 is using phishing and SIM swapping attacks to take over Microsoft Azure admin accounts and gain access to virtual machines (VM), according to cybersecurity firm Mandiant. UNC3944 has been active since May 2022. To read this article in full, please click here

Accountability 100

Accountability Phishing Software Cybersecurity 100

SecureWorld News

MAY 21, 2024

Organizations have long struggled with whether and when to designate a Chief Privacy Officer to their ranks, where that role should sit (in compliance, legal, or other department), and who the CPO or privacy official should report to and be accountable for," said Myriah Jaworski Esq., RELATED: Uber CSO Found Guilty: The Sky Is Not Falling.

Data privacy 97

Data privacy CISO Small Business CSO 97

CSO Magazine

APRIL 5, 2023

To some, recent AI developments are a laughing matter.

Artificial Intelligence 112

Artificial Intelligence Media Cybersecurity Accountability 112

eSecurity Planet

JANUARY 29, 2024

“The most significant risk for enterprises isn’t the speed at which they are applying critical patches; it comes from not applying the patches on every asset,” noted Brian Contos, CSO of Sevco Security. As of January 24th, Shadowserver researchers still detected 5,300 older and internet-exposed GitLab accounts.

Software 111

Software Authentication CSO Accountability 111

CSO Magazine

JUNE 8, 2023

According to Google Cybersecurity Action Team (GCAT) September 2022 Threat Horizons Report , threat actors frequently targeted weak and default passwords to access Google Cloud accounts. Once inside the compromised cloud accounts, they performed cryptomining 65% of the time. To read this article in full, please click here

Accountability 83

Accountability Passwords Cybersecurity 83