Blog and CSO - Cyber Security Informer

Zero Trust Expert Den Jones Joins Banyan Security as CSO

Security Boulevard

DECEMBER 7, 2021

A Q&A with Den Jones, Banyan Security CSO Why join a startup now? The post Zero Trust Expert Den Jones Joins Banyan Security as CSO first appeared on Banyan Security. The post Zero Trust Expert Den Jones Joins Banyan Security as CSO first appeared on Banyan Security.

CSO

CSO Risk

Uber’s ex-CSO avoids prison after data breach cover up

Graham Cluley

MAY 7, 2023

Read more in my article on the Hot for Security blog. After covering up a data breach that impacted the personal records of 57 million Uber passengers and drivers, the company's former Chief Security Officer has been found guilty and sentenced by a US federal judge.

Data breaches

Data breaches CSO

New DDoS extortion attacks detected as Fancy Lazarus group returns

CSO Magazine

JUNE 11, 2021

Sign up for CSO newsletters. ]. In each case the threat actor demanded bitcoin payment or else a small-scale denial-of-service attack would be launched with a more substantial attack mere days later,” Proofpoint researchers explained in a blog post. To read this article in full, please click here

DDOS

DDOS Energy and Utilities CSO Insurance

What Is SIEM: How It Works and What Are Its Benefits

Heimadal Security

JULY 1, 2021

Definition As CSO notes, “security information and event management (SIEM) software give enterprise security professionals both insight into and a […]. The post What Is SIEM: How It Works and What Are Its Benefits appeared first on Heimdal Security Blog. Read on to find out the answers to your questions! What is SIEM?

CSO

CSO Software

Being a CSO in a Security Start-up

Security Boulevard

DECEMBER 22, 2022

As CSOs, we have to protect the business and reduce risk, however in a series B startup that makes security-based products and services, I know my role is different. The post Being a CSO in a Security Start-up first appeared on Banyan Security. The post Being a CSO in a Security Start-up appeared first on Security Boulevard.

CSO

CSO Software Risk

How to build a public profile as a cybersecurity pro

CSO Magazine

NOVEMBER 29, 2022

CSO spoke to Forrester analyst Jinan Budge and cybersecurity professionals Katie Moussouris, Troy Hunt, Rachel Tobac, and Christina Morillo about their journeys and their tips for those who want to build their public profile. Professionals can use many channels to share their knowledge: blogs, video content, tweets, etc.

Cybersecurity

Cybersecurity CSO Media

The Enemy of My Enemy is My Friend: The Unification of the CSO and CISO

Security Boulevard

FEBRUARY 7, 2023

Don’t be surprised by what can be accomplished when a CSO & CISO join forces to fight Insider threats Whether you are fighting anonymous digital adversaries or those that operate in the flesh, it’s fair to say that in our security landscape, insider threats rank high on the list of public enemies.

CSO

CSO CISO

Cybersecurity Snapshot: CSA Outlines Data Security Challenges and Best Practices, While ISACA Offers Tips To Retain IT Pros

Security Boulevard

MARCH 7, 2025

For more information about data security , check out these Tenable resources: The value of data security integrated into a unified cloud security strategy (infographic) Harden Your Cloud Security Posture by Protecting Your Cloud Data and AI Resources (blog) Know Your Exposure: Is Your Cloud Data Secure in the Age of AI? (on-demand

Cybersecurity

Cybersecurity Scams CSO Risk

CSO’s Perspective: The Okta Breach and What It Means to the Broader Community

Security Boulevard

NOVEMBER 9, 2023

Den Jones shares his perspective as a CSO on the recent Okta breach, and what that means for the broader security community. The post CSO’s Perspective: The Okta Breach and What It Means to the Broader Community first appeared on Banyan Security.

CSO

GitHub Discovers Authentication Issue

SecureWorld News

MARCH 10, 2021

GitHub CSO Mike Hanley takes security seriously. Mike Hanley was hired as GitHub's new CSO in February 2021. In a blog post last month, he wrote that he is devoted to the security of the platform as well as helping developers through security investments in building secure software.

Authentication

Authentication CSO Accountability Account Security

Cybersecurity Snapshot: U.S. Gov’t Urges Adoption of Memory-Safe Languages and Warns About Iran Cyber Threat

Security Boulevard

JUNE 27, 2025

Tenable CSO Bob Huber called the DHS bulletin “a stark reminder of the volatile environment that organizations and their cyber leaders operate in ” in a blog post this week. They’re easy to use, hard to compromise, and eliminate password fatigue,” the blog reads. Passkeys are rolling out fast.

Cyber threats

Cyber threats Cybersecurity Computers and Electronics Password Management

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

The Last Watchdog

MAY 5, 2022

About the essayist: Den Jones, CSO at Banyan Security , which supplies s imple, least-privilege, multi-cloud application access technologies. Food for thought, eh!

Ransomware

Ransomware Risk Internet Internet

A Clear and Present Need: Bolster Your Identity Security with Threat Detection and Response

Duo's Security Blog

NOVEMBER 20, 2023

“It took nearly 11 months (328 days) to identity and contain data breaches resulting from stolen or compromised credentials.” – IBM’s Cost of Data Breach Report 2023 I recently came across a 2012 article from CSO Online , and realized that it has been more than 11 years since the phrase “Identity is the new perimeter” was coined!

Threat Detection

Threat Detection Authentication Accountability Data breaches

Cybersecurity Predictions: What to Expect in 2022

Security Boulevard

FEBRUARY 3, 2022

Cunningham, Nuspire CSO, who offered their cybersecurity predictions. With the roller coaster ride that was cybersecurity in 2021, we’re all curious to see what 2022 has in store for our industry. To help shed some light on what to expect, we recently hosted a webinar featuring Lewie Dunsworth, Nuspire CEO, and J.R.

Cybersecurity

Cybersecurity CSO

Student’s Negligence Opened Door for Ryuk into Biomolecular Facility

Security Boulevard

MAY 17, 2021

History of Ryuk Ransomware As per an article by CSO Online, Ryuk came up to the scene back in 2018. […]. The post Student’s Negligence Opened Door for Ryuk into Biomolecular Facility appeared first on Kratikal Blogs. The post Student’s Negligence Opened Door for Ryuk into Biomolecular Facility appeared first on Security Boulevard.

CSO

CSO Ransomware Software Cyber Attacks

Meta outlines US involvement in social media disinformation in new report

Security Boulevard

DECEMBER 5, 2022

CIB groups, the company said in a 2018 official blog post , are targeted for removal not because of the content that they share, but because of their deceptive nature. Leer más CSO Online. To read this article in full, please click here. read this article in full, please click here.

Media

Media CSO Accountability

Judge Delays Enforcement of California Consumer Privacy Act to 2024

SecureWorld News

JULY 17, 2023

In a blog post on JD Supra , Fisher Phillips breaks down "how we got here," including: In 2020, the California voters passed the CPRA by ballot initiative. More from the JD Supra blog post: "Businesses should take a look at how they are prioritizing various components of CPRA compliance.

CSO

Cloud computing concentration and systemic risk

Security Boulevard

MAY 21, 2022

I came across an interesting blog post over at Finextra which got me thinking about a topic that has been in the back of my. The post Cloud computing concentration and systemic risk appeared first on Security Boulevard.

Risk

Risk CSO

Cybersecurity Snapshot: Experts Issue Best Practices for Migrating to Post-Quantum Cryptography and for Improving Orgs’ Cyber Culture

Security Boulevard

JUNE 6, 2025

“The principles describe cultural conditions that are essential underpinnings for an organisation to be cyber secure and offer an approach to developing that culture,” reads an NCSC blog. critical infrastructure must be ready for cyber war In addition to preventing and mitigating standalone cyber threats and attacks, U.S.

CISO

CISO Cybersecurity Cyber threats Government

Cybersecurity and AI/ML Biases

Security Boulevard

AUGUST 16, 2021

Cyberattackers and cyberdefenders appear to be utilizing AI (artificial intelligence) and ML (machine learning) to a rapidly increasing degree, if you are to believe the press, vendors’ claims and blogs. A recent article, […]. The post Cybersecurity and AI/ML Biases appeared first on Security Boulevard.

Artificial Intelligence

Artificial Intelligence Cybersecurity CSO CISO

5 things CISOs want to hear about SASE at the RSA Conference

CSO Magazine

MAY 17, 2021

I’ve been blogging about what should be the “big 3” topics at this week's (virtual) RSA conference. I started with a blog about XDR followed by another about Zero Trust. My final blog of this series looks at what CISOs want to hear about SASE at RSA. To read this article in full, please click here (Insider Story)

CISO

Cybersecurity Snapshot: CISA’s Best Cyber Advice on Securing Cloud, OT, Apps and More

Security Boulevard

MAY 2, 2025

The scope of the BOD 25-01 includes all production or operational cloud tenants (operating in or as a federal information system) utilizing Microsoft 365, Tenable Staff Research Engineer Mark Beblow explained in a recent blog about this directive. Tenable was one of the 68 original signatories of the pledge.

Cybersecurity

Cybersecurity Software Cyber Risk Risk

“How will the Uber Breach Verdict Affect the CISO Role in the Future?”

Security Boulevard

NOVEMBER 10, 2022

A Uber breach verdict was handed down that could prove highly impactful to CISOs and CSOs in the near and distant future. appeared first on Radware Blog. The post “How will the Uber Breach Verdict Affect the CISO Role in the Future?” The post “How will the Uber Breach Verdict Affect the CISO Role in the Future?”

CISO

CISO CSO Data breaches

Over 60,000 Android apps infected with adware-pushing malware

CSO Magazine

JUNE 7, 2023

“However, the threat actors involved can easily switch tactics to redirect users to other types of malware, such as banking trojans to steal credentials and financial information or ransomware ,” Bitdefender said in a blog. To read this article in full, please click here

Adware

Adware Malware Banking Mobile

Black Hat 2021: Better Than Ever (As Always)

Duo's Security Blog

JULY 13, 2021

Joan has spent more than a decade covering security for a variety of publications, and served as editor-in-chief for CSO online, so she’s no stranger to these subjects and won’t hesitate to press for forthright answers from the panelists: Ash Devata, General Manager of Cisco Zero Trust Andy Ellis, founder and CEO of Duha , Operating Partner at YL Ventures (..)

CISO

CISO CSO Authentication Passwords

10 industry-defining security incidents from the last decade

CSO Magazine

JULY 19, 2022

To take stock of the past 10 years, cybersecurity vendor Trustwave has published the Decade Retrospective: The State of Vulnerabilitie s blog post featuring a list of what it considers to be the 10 most prominent and notable network security issues and breaches of the last 10 years. “It

Network Security

Network Security Cybersecurity

Cybersecurity Snapshot: CISA Calls for Stamping Out Buffer Overflow Vulnerabilities, as Europol Tells Banks To Prep For Quantum Threat

Security Boulevard

FEBRUARY 14, 2025

Watch the on-demand webinar , in which Phillip Hayes, Tenables Director of Information Security, and Michael Garman, Tenables Senior Manager of Technology Engineering, discuss a variety of cloud security best practices.

Banking

Banking Cybercrime Cybersecurity Ransomware

M&A Trending In Cybersecurity Industry Vertical For 2022

CyberSecurity Insiders

JANUARY 28, 2022

This blog was written by an independent guest blogger. According to CSO, 2021 shaped up to be an active year for mergers and acquisitions in the cybersecurity industry. Top cybersecurity M&A deals for 2021 | CSO Online. Requires strong due diligence. In fact, the volume of U.S.

Cybersecurity

Cybersecurity CSO Digital transformation Penetration Testing

Security Roundup April 2025

BH Consulting

APRIL 30, 2025

CSO Online marked the progress as 66 per cent done. The company says 99.2 per cent development pipelines are fully inventoried with enforced security measures. The initiative also emphasises a security-first culture, with security now included as part of performance reviews.

Data breaches

Data breaches Scams Cybercrime CSO

Krebs on Ransomware

Security Boulevard

JUNE 21, 2021

Chris was the former head of DHS’s CISA (Cybersecurity & Infrastructure Security Agency), and Brian is a journalist and much-admired author (by me and many others) of the outstanding blog KrebsonSecurity. I described Chris Krebs’s position on addressing ransomware […]. The post Krebs on Ransomware appeared first on Security Boulevard.

Ransomware

Ransomware Cybersecurity CSO Insurance

9 tips for an effective ransomware negotiation

CSO Magazine

NOVEMBER 24, 2021

Concepts were presented by Pepijn Hack and Zong-Yu Wu at Black Hat Europe 2021 and expanded upon in a detailed NCC Group blog posting shortly after. Cybersecurity and threat analysts from Fox-IT (part of NCC Group) have shone a light on the mechanics of ransomware negotiations to help organizations improve the outcome of an attack.

Ransomware

Ransomware Hacking Cybersecurity

Cybersecurity Snapshot: What Looms on Cyberland’s Horizon? Here’s What Tenable Experts Predict for 2025

Security Boulevard

DECEMBER 27, 2024

For more information about data and AI security posture management ( DSPM and AI-SPM ), check out these Tenable resources: Data and AI Security Posture Management (video) Harden Your Cloud Security Posture by Protecting Your Cloud Data and AI Resources (blog) Know Your Exposure: Is Your Cloud Data Secure in the Age of AI? (on-demand

Cybersecurity

Cybersecurity CISO CSO Data breaches

5 things CISOs want to hear about zero trust at the RSA Conference

CSO Magazine

MAY 3, 2021

In my last blog, I described 8 things security executives want to hear about XDR. Usually there’s one topic at RSA that everyone is talking about, but this year there will likely be 3: secure access service edge ( SASE ), eXtended Detection and Response (XDR), and zero trust. This one focuses on zero trust (ZT).

CISO

Hackers exploit WordPress vulnerability within hours of PoC exploit release

CSO Magazine

MAY 15, 2023

Threat actors have started exploiting a recently disclosed vulnerability in WordPress, within 24 hours of the proof-of-concept (PoC) exploit being published by the company, according to a blog by Akamai. To read this article in full, please click here

New Windows browser security options and guidance: What you need to know

CSO Magazine

OCTOBER 20, 2021

Case in point: Google acknowledged the twelfth and thirteenth Chrome zero-day attacks in a recent blog post. While we tend to hold back in business patching to ensure there are no side effects, it can be dangerous to tak that approach with browser patching. To read this article in full, please click here

Attackers use public cloud providers to spread RATs

CSO Magazine

JANUARY 21, 2022

The offensive is the latest example of threat actors abusing cloud services like Microsoft Azure and Amazon Web Services for malicious purposes, security researchers Chetan Raghuprasad and Vanja Svajcer wrote in the Talos blog.

DNS

DNS Malware

Microsoft tells Exchange admins to revert previously recommended antivirus exclusions

CSO Magazine

FEBRUARY 24, 2023

Times have changed, and so has the cybersecurity landscape," the Exchange Server team said in a blog post. The rules are no longer needed for server stability and their presence could prevent the detection of backdoors deployed by attackers.

Antivirus

Antivirus Cybersecurity

Microsoft reports jump in business email compromise activity

CSO Magazine

MAY 22, 2023

“BEC attacks stand apart in the cybercrime industry for their emphasis on social engineering and the art of deception,” said Vasu Jakkal, corporate vice president of security, in a blog post. Successful BEC attacks cost organizations hundreds of millions of dollars annually.” To read this article in full, please click here

Social Engineering

Social Engineering Cybercrime Engineering Cybersecurity

China's Personal Information Protection Law (PIPL) presents challenges for CISOs

CSO Magazine

DECEMBER 2, 2021

LinkedIn said in a recent blog post that it anticipates shuttering LinkedIn in China by year’s end. LinkedIn recently announced it is closing its flagship social network in China citing a “challenging operating environment and greater compliance requirements.” To read this article in full, please click here

CISO

Study Reveals CISOs’ Top Cybersecurity Concerns and Purchasing Priorities

Security Boulevard

SEPTEMBER 6, 2022

Cunningham, CSO, hosted a webinar to review the data in detail and explain its implications. Nuspire recently announced findings from its annual research study revealing CISO challenges, priorities and key trends, as well as the drivers behind their purchasing decisions. Nuspire leadership, including Michelle Bank, CMO and CPO, and J.R.

CISO

CISO CSO Cybersecurity Banking

Meta outlines US involvement in social media disinformation in new report

CSO Magazine

NOVEMBER 23, 2022

CIB groups, the company said in a 2018 official blog post , are targeted for removal not because of the content that they share, but because of their deceptive nature. To read this article in full, please click here

Media

Media Accountability

New Log4Shell-like vulnerability impacts H2 Java SQL database

CSO Magazine

JANUARY 10, 2022

An attacker could trigger RCE if they are able to insert a malicious URL into a JNDI lookup, JFrog researchers explained in a blog post. Like Log4Shell, the flaw ( CVE-2021-42392 ) relates to Java Naming and Directory Interface (JNDI) remote class loading. To read this article in full, please click here

Risk

Espionage campaign loads VPN spyware on Android devices via social media

CSO Magazine

NOVEMBER 3, 2022

“In their attacks, they use cunning and unexpected methods: SandStrike, attacking users via a VPN service, where victims tried to find protection and security, is an excellent example,” Victor Chebyshev, the lead security researcher at Kaspersky’s (Global Research & Analysis Team (GReAT), said in a blog post.

Spyware

Spyware VPN Media Mobile

Transforming to a Predictive Cyber Defense

McAfee

JUNE 21, 2021

In a recent blog, McAfee’s Steve Grobman indicated SolarWinds is the first major supply chain attack which represents a shift in tactics where a nation state has employed a new weapon for cyber-espionage.” A CISO or CSO should be able to look at a single screen and understand in minutes how well protected they are against potential threats.

CISO

CISO CSO Cybersecurity Risk

Zero Trust Expert Den Jones Joins Banyan Security as CSO

Uber’s ex-CSO avoids prison after data breach cover up

Trending Sources

New DDoS extortion attacks detected as Fancy Lazarus group returns

What Is SIEM: How It Works and What Are Its Benefits

Being a CSO in a Security Start-up

How to build a public profile as a cybersecurity pro

The Enemy of My Enemy is My Friend: The Unification of the CSO and CISO

Cybersecurity Snapshot: CSA Outlines Data Security Challenges and Best Practices, While ISACA Offers Tips To Retain IT Pros

CSO’s Perspective: The Okta Breach and What It Means to the Broader Community

GitHub Discovers Authentication Issue

Cybersecurity Snapshot: U.S. Gov’t Urges Adoption of Memory-Safe Languages and Warns About Iran Cyber Threat

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

A Clear and Present Need: Bolster Your Identity Security with Threat Detection and Response

Cybersecurity Predictions: What to Expect in 2022

Student’s Negligence Opened Door for Ryuk into Biomolecular Facility

Meta outlines US involvement in social media disinformation in new report

Judge Delays Enforcement of California Consumer Privacy Act to 2024

Cloud computing concentration and systemic risk

Cybersecurity Snapshot: Experts Issue Best Practices for Migrating to Post-Quantum Cryptography and for Improving Orgs’ Cyber Culture

Cybersecurity and AI/ML Biases

5 things CISOs want to hear about SASE at the RSA Conference

Cybersecurity Snapshot: CISA’s Best Cyber Advice on Securing Cloud, OT, Apps and More

“How will the Uber Breach Verdict Affect the CISO Role in the Future?”

Over 60,000 Android apps infected with adware-pushing malware

Black Hat 2021: Better Than Ever (As Always)

10 industry-defining security incidents from the last decade

Cybersecurity Snapshot: CISA Calls for Stamping Out Buffer Overflow Vulnerabilities, as Europol Tells Banks To Prep For Quantum Threat

M&A Trending In Cybersecurity Industry Vertical For 2022

Security Roundup April 2025

Krebs on Ransomware

9 tips for an effective ransomware negotiation

Cybersecurity Snapshot: What Looms on Cyberland’s Horizon? Here’s What Tenable Experts Predict for 2025

5 things CISOs want to hear about zero trust at the RSA Conference

Hackers exploit WordPress vulnerability within hours of PoC exploit release

New Windows browser security options and guidance: What you need to know

Attackers use public cloud providers to spread RATs

Microsoft tells Exchange admins to revert previously recommended antivirus exclusions

Microsoft reports jump in business email compromise activity

China's Personal Information Protection Law (PIPL) presents challenges for CISOs

Study Reveals CISOs’ Top Cybersecurity Concerns and Purchasing Priorities

Meta outlines US involvement in social media disinformation in new report

New Log4Shell-like vulnerability impacts H2 Java SQL database

Espionage campaign loads VPN spyware on Android devices via social media

Transforming to a Predictive Cyber Defense

Stay Connected