SC Magazine

MAY 19, 2021

With its tailored controls, micro-perimeters and trust-nothing approach to access, Zero Trust gives CISOs confidence that their security program can secure their remote workforce and meet regulatory compliance requirements. Thanks to a rapid shift to remote work, Zero Trust is finally garnering the attention it deserves. What is Zero Trust?

CISO 134

CISO CSO Architecture IoT 134

Security Boulevard

SEPTEMBER 19, 2022

A critical part of achieving balanced security is for the organization to execute an architecture optimization. By breaking out the various architecture domains of the organization relating to risk and cybersecurity, including: SecOps Processes aligning to current adaptive control capabilities.

Cybersecurity 98

Cybersecurity Architecture Risk Insurance 98

The Last Watchdog

JULY 30, 2018

The painful impact of cyber attacks on businesses is worsening despite advances in technology aimed at protecting enterprises from malicious network traffic, insider threats, malware, denial of service attacks and phishing campaigns. This has left many CISOs questioning if today’s incumbent cybersecurity solutions are enough.

CISO 140

CISO Cyber Attacks Data collection Cybersecurity 140

CyberSecurity Insiders

JANUARY 17, 2022

By Tyler Farrar, CISO, Exabeam. Seeing the opportunity presented by the near overnight closure of office spaces, for example, the volume of targeted phishing attacks skyrocketed. It makes sense that security budgets should follow to help protect these increasingly diverse and flexible architectures. Leaving The Legacy.

Threat Detection 142

Threat Detection CISO Digital transformation Technology 142

Duo's Security Blog

JANUARY 8, 2021

With the world’s attention shifting, phishing emails preying on people reading the latest headlines led to nearly 200% increase in overall phishing attacks in 2020. User and entity behavior analytics (UEBA) made significant strides as one way of determining trust in a zero-trust architecture. Well, it was. But then it wasn’t.

Digital transformation 52

Digital transformation Phishing Authentication DDOS 52

The Last Watchdog

AUGUST 19, 2021

Chris Clements, VP of Solutions Architecture, Cerberus Sentinel. Could be phished credentials. Sascha Fahrbach , cybersecurity evangelist, Fudo Security : Our personal data has immense value to cyber criminals; it is very likely that hackers will now weaponize this data to create advanced phishing attacks. Could be a bad actor.

Mobile 306

Mobile Data breaches Authentication Accountability 306

SecureWorld News

MAY 19, 2020

Sherry brought to Princeton his 25 years of technology experience, 12 of which was in higher education as the former CISO at Brown University. Sherry explained that he (the CISO) would have no operational responsibilities in the beginning to focus solely on the execution of the mission.

Cybersecurity 53

Cybersecurity CISO Risk Education 53

SC Magazine

FEBRUARY 2, 2021

Mike Hamilton, president and chief information security officer at CI Security and former CISO of Seattle, told SC Media that the disparity in dates might simply be a matter of semantics. Our latest release of FTA has addressed all known vulnerabilities at this time,” said Frank Balonis, Accellion’s CISO, in a statement.

Government 96

Government CISO Media Encryption 96

eSecurity Planet

DECEMBER 19, 2023

Government actions will increase: Expect more government regulations, state-sponsored cyberattacks, and increased documentation required to protect CISOs. Christine Bejerasco, CISO of WithSecure , expands that “in the physical dimension, poisoning the well could impact communities in the area.

Cybersecurity 139

Cybersecurity CISO Government Technology 139

CyberSecurity Insiders

DECEMBER 18, 2022

A look ahead to 2023 we can expect to see changes in MFA, continued Hactivism from non-state actors, CISOs lean in on more proactive security and crypto-jackers will get more savvy. 5 – Recession requires CISOs to get frank with the board about proactive security. By Marcus Fowler, CEO of Darktrace Federal.

Cybersecurity 125

Cybersecurity CISO Insurance Ransomware 125

SC Magazine

JULY 1, 2021

The CIOs and CISOs suggested that while real-time patch status may be known for certain devices, it does not exist for many.”. The cause is often system vulnerabilities or insiders, such as clicking on a malicious link in a phishing email or the exploit of a bad application.

Security Awareness 68

Security Awareness IoT Risk Healthcare 68

The Falcon's View

AUGUST 6, 2018

However, listing out specific technologies can become cumbersome, plus it doesn't necessarily lend itself well to thinking about security architecture and strategy. Applications. - However, what this means within the context of optimal security can vary substantially, not the least being due to staffing challenges.

InfoSec 40

InfoSec Risk Architecture Security Awareness 40

SecureWorld News

OCTOBER 12, 2022

It was apropos that Ray Yepes, newly appointed CISO for the State of Colorado, opened the 2022 SecureWorld Denver conference on October 6th. Ray Yepes, CISO for the State of Colorado, presents the opening keynote. Down the hall, Brenden Smith, CISO at FirstBank, presented "Revisiting Deception Systems: Enterprise Use Cases."

CISO 77

CISO Healthcare Government Cybersecurity 77

IT Security Guru

APRIL 12, 2022

CISOs and security professionals work to limit this burgeoning threat landscape, however, it’s a work in progress. . OAuth enables consent phishing in O365. You can’t get around it, COVID-19 accelerated the already exploding SaaS market and caused industries not planning on making a switch to embrace SaaS.

CISO 102

CISO Passwords Marketing System Administration 102

The Last Watchdog

JULY 8, 2021

Here’s what they had to say, edited for clarity and length: Vikram Asnani, senior director – solution architecture, CyberGRX. Chris Clements, VP of solutions architecture, Cerberus Sentinel. Gary Phipps, VP of solution architecture, CyberGRX. Bill Lawrence, CISO, SecurityGate.io. Saumitra Das, CTO, Blue Hexagon.

Ransomware 257

Ransomware Hacking Software Architecture 257

Security Boulevard

FEBRUARY 7, 2024

But in the wake of the attack, manychief information security officers (CISOs) realized that PDNS was the answer to early detection and resiliency against similar attacks simply because log4j was surprisingly easy to detect at a DNS level. Consider: The log4j attack was difficult to detect and stop based on traditional log-file analysis.

DNS 69

DNS Architecture Marketing Cyber threats 69

The Falcon's View

JANUARY 3, 2019

Those "better decisions" might equate to not falling for (spear)phishing attacks, choosing hardened environments over default installs, or following reasonable secure coding practices in the development process (to name a few). Consider, if you will, that fundamentally we in infosec want people to make better decisions.

InfoSec 40

InfoSec Engineering Digital transformation CISO 40

Duo's Security Blog

JANUARY 28, 2022

This, in combination with network encryption, will lay a strong foundation against phishing and other common attack vectors. Piloting a new architecture using a low-risk system is a prudent way to implement a new strategy, but it suggests the agency strategies may take some time to deploy. What’s in the Strategy? What’s Next?

Authentication 52

Authentication Government DNS Encryption 52

Security Boulevard

JANUARY 2, 2024

This adoption brings us to the flip side of the generative AI coin: attackers are leveraging AI tools to elevate and automate phishing campaigns, craft extremely evasive malware, and reduce the development time of threats across the board. Let’s explore five predictions that should be top of mind for security leaders and organizations.

CISO 104

CISO Social Engineering Architecture Ransomware 104

ForAllSecure

DECEMBER 2, 2021

To be good at digital forensics, to be a digital Sherlock Holmes, you need to understand systems architecture. Vamosi: So you’re CISO at a major corporation and all of sudden there’s been a ransomware attack in your network, and it’s spreading throughout your infrastructure. Is it a phishing campaign?

Penetration Testing 52

Penetration Testing Encryption Ransomware Passwords 52

ForAllSecure

APRIL 30, 2020

You need user education; you need to make sure that you recognize phishing and all that sort of stuff. There's a lot an IT person can do to prevent being hacked: they can make sure they use strong passwords, or they can make sure that they have proper network architecture. There's the people who are doing social engineering attacks.

Software 52

Software IoT Manufacturing Hacking 52

ForAllSecure

APRIL 30, 2020

You need user education; you need to make sure that you recognize phishing and all that sort of stuff. There's a lot an IT person can do to prevent being hacked: they can make sure they use strong passwords, or they can make sure that they have proper network architecture. There's the people who are doing social engineering attacks.

Software 52

Software IoT Manufacturing Hacking 52

ForAllSecure

APRIL 30, 2020

You need user education; you need to make sure that you recognize phishing and all that sort of stuff. There's a lot an IT person can do to prevent being hacked: they can make sure they use strong passwords, or they can make sure that they have proper network architecture. There's the people who are doing social engineering attacks.

Software 52

Software IoT Manufacturing Hacking 52

Jane Frankland

DECEMBER 7, 2023

Phishing attacks , still the most common form of attack ( with 9 out of 10 data breach attempts originating from them ) will become next level. AI and automation will play a vital role in managing the complexity of zero trust architectures, enabling real-time incident response through AI-powered analytics and machine learning.

Cybersecurity 130

Cybersecurity Cyber threats Insurance Artificial Intelligence 130

Cisco Security

AUGUST 26, 2021

Cyber Observer’s partnership with Cisco enables CISOs to manage and monitor their cybersecurity eco-system posture. Playbooks allow you to respond to events within your environment such as notifications from a SIEM, suspected phishing emails, or alerts from asset monitoring. More details on the integration available here.

Technology 119

Technology Firewall VPN Authentication 119

eSecurity Planet

MAY 2, 2024

Compromised Credentials Compromised identities from phishing, info stealers, keyloggers, and bad password habits provide the entry point for most ransomware attacks and data breaches. Infrastructure Protection Defense against DDoS and DNS attacks starts with effective network security architecture.

Cybersecurity 94

Cybersecurity DDOS Penetration Testing Passwords 94

SC Magazine

MARCH 29, 2021

Traditionally that has meant phishing lures, credential theft and other low-effort pathways, but some observers point to episodes like the recent weaponization of the Microsoft Exchange vulnerabilities by multiple ransomware groups and worry that attacks at the application software level could become a more attractive option in the near future.

Software 120

Software Hacking Government Cyber Insurance 120

ForAllSecure

JULY 19, 2022

And how we do that is through using our security operations platform, gray matter is built on an open XDR architecture and we provide this as a service across their telemetry or whether it's on you know, on their network and their cloud or at the endpoint, or across all that telemetry. Every quarter we run our phishing tests, right?

Cybercrime 52

Cybercrime Government Ransomware Risk 52