Architecture, CISO, Passwords and Technology

CISO workshop slides

Notice Bored

AUGUST 5, 2022

For me, continuous improvement implies three things that don't exactly sing out from the example metrics: Clarity on the meaning of 'improve' in the present context, implying the need for management to understand what are the key parameters, as well as being able to measure and control/drive them in a positive direction.

CISO

CISO Risk Artificial Intelligence Marketing

What’s It Like for a New CISO?

Lenny Zeltser

FEBRUARY 13, 2020

As of this writing, I’ve spent six months in the role of Chief Information Security Officer (CISO) at Axonius , a rapidly growing technology company. Our IT infrastructure is consistent zero-trust architecture principles , so it made sense to treat identity as the focal point of many security decisions.

CISO

CISO Information Security Architecture Technology

ConnectWise Quietly Patches Flaw That Helps Phishers

Krebs on Security

DECEMBER 1, 2022

ConnectWise’s warnings come amid breach reports from another major provider of remote support technologies: GoTo disclosed on Nov. The third-party cloud storage service is currently shared by both GoTo and its affiliate, the password manager service LastPass. ET: Included statement from ConnectWise CISO.

Phishing

Phishing Architecture Passwords Accountability

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

WEF Outlines Path to Cyber Resilience for Manufacturing Sector

SecureWorld News

MAY 29, 2024

The risk is too great, and key business partnerships are required," said Amy Bogac , former CISO at The Clorox Company. "If Safety is always the number one priority in manufacturing organizations," said Tammy Klotz , CISO at Trinseo. It warns that by 2030, damages from cyberattacks on manufacturing could total $1.5

Manufacturing

Manufacturing CISO Artificial Intelligence Cyber threats

A Question of Identity: The Evolution of Identity & Access Management

SecureWorld News

FEBRUARY 9, 2024

People, process & technology framework A successful IAM program requires all three dimensions—people, process, and technology—working in concert to enhance the user experience, fuel efficiency gains, and minimize enterprise risk. In this case, CISOs must manage the risks due to the technology debt.

IoT

IoT VPN Architecture Risk

5 Major Cybersecurity Trends to Know for 2024

eSecurity Planet

DECEMBER 19, 2023

Government actions will increase: Expect more government regulations, state-sponsored cyberattacks, and increased documentation required to protect CISOs. AI Use Danger As with any emerging technology, many organizations should expect errors and growing pains as teams learn the nuances of applying the technology.

Cybersecurity

Cybersecurity CISO Government Technology

IoT Devices a Huge Risk to Enterprises

eSecurity Planet

JULY 22, 2021

It also feeds into the larger argument for adopting a zero-trust architecture , a methodology that essentially assumes that no user or devices trying to connect to the network can be trusted until they’re authenticated and verified. There also is the zero-trust architecture, according to the ThreatLabz report.

IoT

IoT Risk Architecture Manufacturing

Quantum Computing: A Looming Threat to Organizations and Nation States

SecureWorld News

SEPTEMBER 7, 2023

As for the panel presentation at SecureWorld Denver , it features Edgar Acosta, Experienced Cybersecurity Professional (former CISO at DCP Midstream ); Craig Hurter, Sr. Director of Information Security, State of Colorado Governor's Office of Information Technology; and Toby Zimmerer, Sr. Demand and Delivery Director, Optiv.

Encryption

Encryption Technology Risk Architecture

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

Cisco Security

AUGUST 26, 2021

With the addition of Kenna Security into our program we now have over 250 technology partners and over 400 integrations for our mutual customers to utilize. An integration with Cigent Technology is now available for Secure Endpoint customers to integrate with. Kenna has a healthy 3rd Party ecosystem of technology partners.

Technology

Technology Firewall VPN Authentication

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

eSecurity Planet

MAY 2, 2024

Compromised Credentials Compromised identities from phishing, info stealers, keyloggers, and bad password habits provide the entry point for most ransomware attacks and data breaches. 583% increase in Kerberoasting [password hash cracking] attacks. 64% of managers and higher admit to poor password practices.

Cybersecurity

Cybersecurity DDOS Penetration Testing Passwords

Okta’s Breach Highlights Risk of Putting Crown Jewels in the Cloud

Security Boulevard

MARCH 24, 2022

Speculation continued to run wild on Twitter that the breach may have affected other companies, leading them to instruct employees to reset their passwords and identity information. At ShiftLeft we elected to use an agent-based architecture that does not require us to upload all your source code into our systems.

Risk

Risk Software Engineering Passwords

Grip Security Blog 2022-10-18 17:55:04

Security Boulevard

OCTOBER 18, 2022

If you talk to most CISOs, they readily acknowledge this is occurring, and current solutions, such as cloud access security brokers (CASBs) , provide data but do not provide clearly prioritized, actionable remediation steps to mitigate SaaS security risk comprehensively. Without the first two pillars, this one is near impossible.

Risk

Risk CISO Architecture Marketing

To Achieve Zero Trust Security, Trust The Human Element

Thales Cloud Protection & Licensing

MAY 6, 2021

As World Password Day comes around again this May 6 th , how much has changed in the year since we last marked the occasion? As such, this year’s World Password Day is in fact a timely reminder for businesses to drop passwords forever, and instead rollout access management solutions such as passwordless authentication.

Social Engineering

Social Engineering Authentication Passwords Technology

“Left of Boom” Cybersecurity: Proactive Cybersecurity in a Time of Increasing Threats and Attacks

Cisco Security

OCTOBER 18, 2021

The primary job of the Chief Information Security Officer (CISO) is to exercise continuous diligence in reducing risk, within the risk appetite and risk tolerance of the organization, so that the likelihood of a boom is low, and the corresponding magnitude of harm is limited. Some “Left of Boom” Processes. Frameworks.

Cybersecurity

Cybersecurity CISO Insurance Risk

Pro-Russian LockBit 3.0 Claims Responsibility for Attack on Japan Port

SecureWorld News

JULY 6, 2023

John Bambenek, Principal Threat Hunter at Netenrich, said: "Part of the reason technology is so cheap is because technology companies outsource the risks of using their products to their customers. Additionally, international cooperation to fight against such cybercrimes is of utmost importance. It's on them to use it safely.

Ransomware

Ransomware Cybercrime Password Management Cybersecurity

Zero Trust Is a Journey and Businesses Have Many Rivers to Cross

Thales Cloud Protection & Licensing

MARCH 31, 2021

Digital transformation, proliferation of location agnostic technologies and immense data generation have created uncontrolled remote environments and a fragmented enterprise ecosystem, rendering legacy security policies and practices based on trust obsolete. However, Zero Trust is not another technology, rather it is a journey.

Digital transformation

Digital transformation VPN Technology Architecture

A roadmap for developing a secure enterprise cloud operating model

SC Magazine

JUNE 4, 2021

Just in the last two years, many such simple and avoidable mistakes in securing the application and data hosted in the public cloud have led to massive data and network breaches at large financial and technology firms such as Accenture, Booz Allen Hamilton, Capital One, Facebook, MGM, Microsoft, and Verizon.

Penetration Testing

Penetration Testing DNS Technology CISO

My 2020 Predictions Revisited: What Worked, What Didn't

Duo's Security Blog

JANUARY 8, 2021

Cyber Crime in 2020 I predicted, with money still being the top motivating factor for crime, criminals would blend techniques and technologies into new unforeseen attacks. User and entity behavior analytics (UEBA) made significant strides as one way of determining trust in a zero-trust architecture. Well, it was. But then it wasn’t.

Digital transformation

Digital transformation Phishing Authentication DDOS

ROUNDTABLE: Why T-Mobile’s latest huge data breach could fuel attacks directed at mobile devices

The Last Watchdog

AUGUST 19, 2021

Chris Clements, VP of Solutions Architecture, Cerberus Sentinel. Clearly, there was a failure somewhere, either human error or faulty technology or both. Look for unusual activity on your phone and requests for password resets you’re not expecting. For T-Mobile, this is the sixth major breach since 2018.

Mobile

Mobile Data breaches Authentication Accountability

On first-ever Identity Management Day, experts detail steps to a better IAM program

SC Magazine

APRIL 14, 2021

We had some legacy architecture that that was failing. Greg McCarthy, CISO of Boston. It’s really making sure you learn the business process – and that’s the starting point before you even before you even think about implementing technology to drive that business process and make it more efficient,” said McCarthy.

Passwords

Passwords Architecture Password Management Government

Here’s how security pros can lock down their remote networks

SC Magazine

FEBRUARY 19, 2021

Understanding the company’s network topology, architecture and even how it’s mapped in its physical space can help build an effective security strategy tailored to the organization’s infrastructure and assets. For example, some devices may not support the deployment of security clients, so securing them becomes a matter of network policies.

IoT

IoT Data breaches CISO Passwords

Cybersecurity Culture: How Princeton University's Security Team Created It

SecureWorld News

MAY 19, 2020

Sherry brought to Princeton his 25 years of technology experience, 12 of which was in higher education as the former CISO at Brown University. Sherry explained that he (the CISO) would have no operational responsibilities in the beginning to focus solely on the execution of the mission.

Cybersecurity

Cybersecurity CISO Risk Education

What’s New in the Federal Zero Trust Strategy?

Duo's Security Blog

JANUARY 28, 2022

Imagine a shift away from logging into a “network” to having security seamlessly built into the network, and multi-factor authentication and authorization continuously performed at the application level on the fly — without users typing passwords. What’s Next?

Authentication

Authentication Government DNS Encryption

The Hacker Mind Podcast: Digital Forensics

ForAllSecure

DECEMBER 2, 2021

To be good at digital forensics, to be a digital Sherlock Holmes, you need to understand systems architecture. Vamosi: So you’re CISO at a major corporation and all of sudden there’s been a ransomware attack in your network, and it’s spreading throughout your infrastructure.

Penetration Testing

Penetration Testing Encryption Ransomware Passwords

Decipher Security Podcast With ForAllSecure CEO David Brumley

ForAllSecure

APRIL 30, 2020

Did someone just forgot to change the default password? There's a lot an IT person can do to prevent being hacked: they can make sure they use strong passwords, or they can make sure that they have proper network architecture. Not because of the technology limitations. Then there's network security.

Software

Software IoT Manufacturing Hacking

Decipher Security Podcast With ForAllSecure CEO David Brumley

ForAllSecure

APRIL 30, 2020

Did someone just forgot to change the default password? There's a lot an IT person can do to prevent being hacked: they can make sure they use strong passwords, or they can make sure that they have proper network architecture. Not because of the technology limitations. Then there's network security.

Software

Software IoT Manufacturing Hacking

DECIPHER SECURITY PODCAST WITH FORALLSECURE CEO DAVID BRUMLEY

ForAllSecure

APRIL 30, 2020

Did someone just forgot to change the default password? There's a lot an IT person can do to prevent being hacked: they can make sure they use strong passwords, or they can make sure that they have proper network architecture. Not because of the technology limitations. Then there's network security.

Software

Software IoT Manufacturing Hacking

Cyber Security Informer

CISO workshop slides

What’s It Like for a New CISO?

Webinars

Trending Sources

ConnectWise Quietly Patches Flaw That Helps Phishers

Webinars

WEF Outlines Path to Cyber Resilience for Manufacturing Sector

A Question of Identity: The Evolution of Identity & Access Management

5 Major Cybersecurity Trends to Know for 2024

IoT Devices a Huge Risk to Enterprises

Quantum Computing: A Looming Threat to Organizations and Nation States

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

Okta’s Breach Highlights Risk of Putting Crown Jewels in the Cloud

Grip Security Blog 2022-10-18 17:55:04

To Achieve Zero Trust Security, Trust The Human Element

“Left of Boom” Cybersecurity: Proactive Cybersecurity in a Time of Increasing Threats and Attacks

Pro-Russian LockBit 3.0 Claims Responsibility for Attack on Japan Port

Zero Trust Is a Journey and Businesses Have Many Rivers to Cross

A roadmap for developing a secure enterprise cloud operating model

My 2020 Predictions Revisited: What Worked, What Didn't

ROUNDTABLE: Why T-Mobile’s latest huge data breach could fuel attacks directed at mobile devices

On first-ever Identity Management Day, experts detail steps to a better IAM program

Here’s how security pros can lock down their remote networks

Cybersecurity Culture: How Princeton University's Security Team Created It

What’s New in the Federal Zero Trust Strategy?

The Hacker Mind Podcast: Digital Forensics

Decipher Security Podcast With ForAllSecure CEO David Brumley

Decipher Security Podcast With ForAllSecure CEO David Brumley

DECIPHER SECURITY PODCAST WITH FORALLSECURE CEO DAVID BRUMLEY

Stay Connected