Book and Cyber Risk - Cyber Security Informer

Cybersecurity Governance: The Road Ahead in an Era of Constant Evolution

SecureWorld News

FEBRUARY 17, 2025

Governance converging with risk and business resilience Cybersecurity governance will no longer be a standalone function. As I look to explore this issue a possible book , what are your thoughts on the future of cybersecurity governance? It must evolve as rapidly as the threats it seeks to mitigate. I would welcome your options.

Government

Government Cybersecurity CISO Risk

Cisco Contributes to Cyber Hard Problems Report

Cisco Security

JULY 7, 2025

Last updated in 2005, this latest edition of Cyber Hard Problems: Focused Steps Toward a Resilient Digital Future focuses on the massive evolution that has occurred in cybersecurity, digital systems and society as a whole over the last several years. Read the e-book, see the video, dive into the infographic and more.

Cyber Risk

Cyber Risk Media Risk Cybersecurity

Cybersecurity in Aviation: Rising Threats and Modernization Efforts

SecureWorld News

JUNE 9, 2025

The onboard router that serves crew and passengers has been identified as one of the top cyber vulnerabilities , particularly if administrators neglect routine password changes and firmware updates. It's due to be hosted securely in the cloud under a contract with CGI Federal, Inc., and slated for completion by September 2025.

Cybersecurity

Cybersecurity Social Engineering Computers and Electronics Encryption

Women in Cybersecurity & IWD: Why I’m Done!

Jane Frankland

MARCH 8, 2025

Most decision-makers focus solely on mitigating relentless cyber risks, seeing gender inclusion as secondary or irrelevant to “urgent” challenges. To End Eight years ago, in my book IN Security , I set out to solve the problem of the low numbers of women in cybersecurity.

Cybersecurity

Cybersecurity Penetration Testing Accountability Cyber Risk

NIST Risk Assessment Template: A Step-by-Step Guide to Effective Risk Management

Centraleyes

AUGUST 4, 2025

The Disconnect Between Cyber Risk and Business Strategy If you’re wondering why risk assessments often feel disconnected from business strategy, you’re not alone. What’s the Difference Between Appendix K and the NIST Risk Register? It’s a common point of confusion, especially for teams new to formal risk processes.

Risk

Risk Cyber Risk Accountability Government

A Unified Approach to Exposure Management: Introducing Tenable One Connectors and Customized Risk Dashboards

Security Boulevard

MAY 15, 2025

Since then, weve been hard at work to make this vision a reality for our customers, releasing numerous enhancements to help you unify visibility, insight and action to reduce cyber risk. Book a demo now to discover how Tenable One can enhance your exposure management program.

Risk

Risk CISO Cyber Risk IoT

ICFR Best Practices: How to Design and Maintain Strong Financial Controls

Centraleyes

APRIL 17, 2025

The Government Accountability Office (GAO) applies COSOs framework in its Green Book, guiding U.S. Enhanced Cybersecurity Focus Under SOX Regulatory bodies such as the SEC and the PCAOB have increasingly stressed the importance of addressing cybersecurity risks within the broader framework of internal controls.

Risk

Risk Technology Accountability Cybersecurity

Fire Doesn't Innovate by Kip Boyle (Book Review)

Adam Shostack

JANUARY 2, 2025

An unexpected book review. I hate reviewing books by people I know, because I am a picky reader, and if you can't say anything nice, don't say anything at all. I also tend to hate management books, because they often substitute jargon for crisp thinking. It is not a book for the CSO. Fire" doesn't do that.

CSO

CSO Cyber Risk Backups Risk

“Fire Doesn’t Innovate” by Kip Boyle (Book Review)

Adam Shostack

FEBRUARY 4, 2019

I hate reviewing books by people I know, because I am a picky reader, and if you can’t say anything nice, don’t say anything at all. I also tend to hate management books, because they often substitute jargon for crisp thinking. It is not a book for the CSO. The book is organized into two major parts.

CSO

CSO Cyber Risk Backups Risk

International Association of Chiefs of Police (IACP) Appoints CyberSecurity Expert Witness Joseph Steinberg To Computer Crime & Digital Evidence Committee

Joseph Steinberg

DECEMBER 11, 2023

He has led organizations within the cybersecurity industry for over 25 years, and has written books ranging from the best-selling Cybersecurity for Dummies to the official study guide from which many CISOs study for certification exams in advanced information security management. patent filings.

Cybersecurity

Cybersecurity Artificial Intelligence CISO Technology

How to Use Your Asset Management Software to Reduce Cyber Risks

CyberSecurity Insiders

APRIL 29, 2022

It will report if any modifications, upgrades, or revisions are authorized and booked by using a change management process. . They should also detect and track resources instantaneously, perform constant risk assessment, as well as immediately isolate untrustworthy resources from the entire network.

Cyber Risk

Cyber Risk Software Risk IoT

7 Insights About Managing Cyber Risk You Can’t Afford To Miss

Jane Frankland

AUGUST 18, 2020

It puts you in a better position to ascertain which strategies you’ll use to accept, avoid, transfer and limit risk. Numerous studies have documented how men and women gauge risk differently. It’s something I wrote extensively about in my book, IN Security. Please share with me your insights for managing cyber risk.

Cyber Risk

Cyber Risk Risk Technology Cybersecurity

Securing Success: The Crucial Role of a Cybersecurity Specialist in a Growing Business

Joseph Steinberg

JANUARY 18, 2024

Likewise, information systems have allowed businesses to experience tremendous growth – today’s businesses face threats that, only a few decades ago, were the subject of solely science fiction books and movies. When it comes to cybersecurity the same is true – you need a cyber security if you want to competently address cyber risk.

Cybersecurity

Cybersecurity Computers and Electronics Cyber Risk Risk

AUTHOR Q&A: China’s spy balloons reflect a cyber warfare strategy America must counter

The Last Watchdog

FEBRUARY 21, 2023

Related: Preparing for ‘quantum’ hacks That being so, a new book, Fixing American Cybersecurity , could be a long overdue stake in the ground. Part one of the book catalogues how cyber criminals and US adversaries have taken full advantage of systemic flaws in how we’ve come to defend business and government networks.

Marketing

Marketing Cyber Risk Cybersecurity Government

Episode 241: If Its Smart, Its Vulnerable a Conversation with Mikko Hyppönen

The Security Ledger

AUGUST 18, 2022

We speak with Mikko Hyppönen on the sidelines of the DEF CON Conference in Las Vegas to talk about his new book, “If its Smart it Vulnerable.". We speak with Mikko Hyppönen on the sidelines of the DEF CON Conference in Las Vegas to talk about his new book, “If its Smart it Vulnerable." Click the icon below to listen.

Cyber Risk

Cyber Risk Risk Data privacy Internet

Australia entities suffer Cyber Attacks and QUAD update

CyberSecurity Insiders

FEBRUARY 3, 2023

Crypto Locker Virus is suspected to be behind the incident and almost all booking systems were hit by a ransom demanding malware. Therefore, the collaboration is said to use artificial intelligence to better detect network intrusions in an automated way that will improve cyber risk management of critical infra such as power utilities.

Cyber Attacks

Cyber Attacks Identity Theft Artificial Intelligence Cyber Risk

4 Critical Capabilities Your Cyber Risk Management Tools Should Have

Centraleyes

JANUARY 7, 2024

However, that doesn’t mean there aren’t plenty of ways to minimize these risks. It’s important your cybersecurity teams have a cyber risk management program in place for this purpose. While you can hire the services of third-party consultants, you may lose a certain level of control over your organizational risks.

Cyber Risk

Cyber Risk Risk Penetration Testing Cybersecurity

Third Party Cyber Risk is growing. Most Companies aren’t prepared.

The Security Ledger

SEPTEMBER 10, 2019

Third party cyber risk is a growing concern for organizations, as breaches and hacks tied to third party providers and applications multiply. How do you know if your third party cyber risk management program is up to the task? Our new e-book, sponsored by CyberGRX, will help you figure it out!

Cyber Risk

Cyber Risk Risk Firmware Data breaches

How security pros, the insurance industry, and regulators can combat ransomware

SC Magazine

APRIL 19, 2021

Insurance claims from cyber/ransomware events have consumed up to 40% of the claims of some insurers’ cyber books. Cyber insurance was once seen as a stable sector of commercial insurance, with lower-than-average loss ratios compared to other major commercial coverages.

Insurance

Insurance Cyber Insurance Ransomware InfoSec

COVID-19 Vaccination Management Problems Have Created a Privacy Nightmare For Americans – Even Without Vaccine Passports

Joseph Steinberg

APRIL 20, 2021

In some cases, Voice-over-IP numbers are not acceptable as cellphone numbers either – meaning that registrants must increase their cyber-risk by providing their actual cellphone numbers to a party that has offered no information about how that data will be protected.

Healthcare

Healthcare Insurance Computers and Electronics Data collection

CISA’ Cybersecurity Performance Goals update: Key changes and additions your team should know

Security Boulevard

APRIL 5, 2023

After only five months on the books, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) is revamping its Cybersecurity Performance Goals, a set of recommendations designed to help identify and prioritize measures to address the most common and serious cyber risks faced by organizations today.

Cybersecurity

Cybersecurity Cyber Risk Risk Software

Why is Chinese threat actor APT 41 in a tearing hurry?

Security Boulevard

SEPTEMBER 30, 2024

These legislations mandate cyber risk and gap assessment, deployment of OT Security Operations Center (SOC), better reporting and asset visibility and enhanced monitoring of OT/ICS networks. Learn more about an IEC 62443-base cyber threat and risk assessment for your infrastructure. Penalties are in order as well.

Cyber Risk

Cyber Risk Surveillance Risk Cyber threats

Securing Success: The Crucial Role of a Cybersecurity Specialist in a Growing Business

Joseph Steinberg

JANUARY 19, 2024

Likewise, information systems have allowed businesses to experience tremendous growth – today’s businesses face threats that, only a few decades ago, were the subject of solely science fiction books and movies. When it comes to cybersecurity the same is true – you need a cyber security if you want to competently address cyber risk.

Cybersecurity

Cybersecurity Computers and Electronics Cyber Risk Risk

NIST Framework Version 2.0 a Smart Evolution from 1.1

SecureWorld News

AUGUST 14, 2023

Shortly after it was originally published in 2014, I started using the CSF with our customers to help them find and mitigate their top five cyber risks. And, at my company, Cyber Risk Opportunities, we have used CSF v1 and v1.1 This is exactly how our Cyber Risk Management Action Plan (CR-MAP) works.

Cyber Risk

Cyber Risk Risk Cybersecurity Government

3 Truths about the State of CRQ

Security Boulevard

AUGUST 30, 2022

On my flight to Las Vegas, I read the book “Connecting the Dots.” Blackhat is great each year, but this year was a special one because I got to meet and chat with many security leaders in person after a long time. The post 3 Truths about the State of CRQ appeared first on Security Boulevard.

Cyber Risk

Cyber Risk Risk Cybersecurity

Cybersecurity Is Not A One-Stop-Shop

Security Boulevard

MAY 6, 2021

For instance, research by the National Cyber Security Centre shows that there has been a rise in COVID-19 related cyber attacks over the past year, with more than one in four UK hacks being related to the pandemic. This trend is not likely to ease up any time soon either.

Cybersecurity

Cybersecurity DNS Education Security Awareness

Protecting your Customers and Brand in 2022: Are you doing enough?

Jane Frankland

APRIL 28, 2022

It’s a roller coaster of a time to lead, as CIOs, CISOs and CTOs are having to deal with more users, data, devices, technologies, connectivity, mobility, regulations, risks, and threats than they care to. Cyber risks top worldwide business concerns in 2022. Women can enable this.

CISO

CISO Technology Mobile Risk

Episode 209: Fortinet’s Renee Tarun on Scaling InfoSec To Meet Tomorrow’s Challenges

The Security Ledger

APRIL 2, 2021

. » Related Stories Episode 207: Sara Tatsis of Blackberry on finding and Keeping Women in Cyber Encore Edition: Veracode CEO Sam King on Infosec’s Leaky Talent Pipeline Episode 205 – Google’s Camille Stewart: InfoSec’s Lack of Diversity is a Cyber Risk.

InfoSec

InfoSec CISO Information Security Cyber Risk

Tom McArdle Joins At-Bay as National Broker Executive

CyberSecurity Insiders

NOVEMBER 3, 2021

He previously served as Senior Vice President at AXIS, contributing to building out the management liability and professional liability book of business. I’m thrilled to join the incredibly talented team at At-Bay, and look forward to helping grow relationships with our wholesale partners,” said McArdle.

Insurance

Insurance Cyber Risk Marketing Technology

The Challenges in Building Digital Trust

SecureWorld News

DECEMBER 11, 2023

According to Cliff Stoll, author of the book The Cuckoo's Egg , the community was small, and the level of trust was very high. I consider digital trust, just like cyber risk management, to be a team sport. What are the origins of the need for a trust framework?

Technology

Technology Cybercrime Government Artificial Intelligence

NIS2 Framework: Your Key To Achieving Cybersecurity Excellence

Centraleyes

JANUARY 21, 2024

Conduct assessments to improve visibility into control effectiveness and cyber maturity levels within your organization. Identify areas with insufficient visibility and potential cyber risks. Evaluate control effectiveness and cyber maturity levels. Book a demo today!

Cybersecurity

Cybersecurity Energy and Utilities Cyber threats Risk

Spotlight Podcast: Synopsys’ Dan Lyon on the Challenge of Securing Connected Medical Devices

The Security Ledger

AUGUST 17, 2018

Dan and I discuss some of the flaws in the approach that medical device makers take to security, and how manufacturers can take a page out of their own book: applying the same standards to cyber security as they do to – say- device safety. .

Manufacturing

Manufacturing Cyber Risk Internet Internet

The Evolving Legislative and Compliance Landscape: A Roadmap for Business Leaders

Thales Cloud Protection & Licensing

APRIL 29, 2024

Very Large Online Platforms (VLOPs), such as Facebook, Booking, and LinkedIn, and search engines like Google Search, will face stricter requirements for transparency, risk assessment, and content moderation. First, you need to assess your risks and gaps to comply with the various regulatory frameworks.

Risk

Risk Manufacturing Cyber threats Digital transformation

The Evolving Legislative and Compliance Landscape: A Roadmap for Business Leaders

Security Boulevard

APRIL 29, 2024

Very Large Online Platforms (VLOPs), such as Facebook, Booking, and LinkedIn, and search engines like Google Search, will face stricter requirements for transparency, risk assessment, and content moderation. First, you need to assess your risks and gaps to comply with the various regulatory frameworks.

Risk

Risk Manufacturing Cyber threats Digital transformation

Why are “Secure” Companies Still Being Hacked?

Security Boulevard

MAY 17, 2023

DEMETRIUS MALBROUGH: Yeah, it seems like everyone is focusing and really getting laser focused and honed in on security and dealing with cyber risks and cybersecurity overall. But apart from philosophy, books and technical stuff, what I really like to read is I'm a manga geek. So it's growing. So it's good. All right, nice.

Hacking

Hacking Insurance Small Business Cybersecurity

10 Best Attack Surface Management Tools

Security Boulevard

SEPTEMBER 18, 2024

Users can handle risks across their entire attack surface. Brinqa creates a unified inventory of your attack surface by connecting all asset types, business context, threat intelligence, and security controls into a dynamic Cyber Risk Graph. The software should also include robust risk assessment and prioritization capabilities.

Risk

Risk Software Internet Internet

Top Benefits of Effective 3rd Party Vendor Risk Management

Centraleyes

JANUARY 14, 2024

Risks are becoming too numerous and complicated to handle manually anymore in spreadsheets. As a result, we all need a scalable approach to cyber risk management, which is exactly why we created Centraleyes. Centraleyes’s risk management platform revolutionizes Vendor Risk Management.

Risk

Risk Cybersecurity Government Insurance

SHARED INTEL: New book on cyber warfare foreshadows attacks on elections, remote workers

The Last Watchdog

APRIL 27, 2020

It’s difficult to convey the scope and scale of cyber attacks that take place on a daily basis, much less connect the dots between them. Related: The Golden Age of cyber spying A new book by Dr. Chase Cunningham — Cyber Warfare – Truth, Tactics, and Strategies — accomplishes this in a compelling, accessible way.

Passwords

Passwords VPN Cyber Attacks Digital transformation

Black-box vs. Grey-box vs. White-box: Which Penetration Test Is Right for You?

Zigrin Security

AUGUST 9, 2023

The most important thing is taking that crucial first step to assess your cyber risk. Book a chat with a cybersecurity expert [contact-form-7] Is this article helpful to you? Choose white-box. Unsure and want the best of both worlds? grey-box penetration test has you covered. So take a deep breath and dive in!

Penetration Testing

Penetration Testing Cyber Attacks Architecture Risk

Author Q&A: Former privacy officer urges leaders to prioritize security as part of cloud migration

The Last Watchdog

MAY 30, 2023

Riccardi: My book discusses how the perception of cyberattacks shifted from being mere data breaches to having real-world consequences, especially after high-profile cases in 2021, like Colonial Pipeline and Schreiber Foods. Cyber risks from third-party vendors further complicate the situation.

Cloud Migration

Cloud Migration Passwords Cyber threats Cybersecurity

The Aviation and Aerospace Sectors Face Skyrocketing Cyber Threats

Security Affairs

MARCH 18, 2024

The report also highlighted additional security risks stemming from the use of mobile phones and the implementation of bring-your-own-device (BYOD) policies. Resecurity’s recent report sheds light on the alarming increase in malicious cyber activities targeting the aerospace sector, revealing a 68% rise compared to last year.

Cyber threats

Cyber threats Risk Cyber Risk IoT

Security Roundup March 2024

BH Consulting

MARCH 21, 2024

Creeping cyber risk grabbing global headlines Ransomware keeps reminding us of the strong connection between a cybersecurity incident and financial loss. MORE Mark Hillick’s book (DRM-free) on the various paths into security. MORE The UK NCSC has a guide for defenders to protect the network perimeter.

Cyber threats

Cyber threats Ransomware Healthcare Risk

Key Cybersecurity Trends for 2024: My Predictions

Jane Frankland

DECEMBER 7, 2023

The European Cyber Resilience Act (CRA) which is concerned withcybersecurity obligations for a range of digital products sold in Europe will make its way onto the EU’s statute books following formal approval. The Workforce 2024 will see a growing demand for cybersecurity savvy boards.

Cybersecurity

Cybersecurity Cyber threats Insurance IoT

Army Cyber Defense Review: 'The Only Constant Is Change'

SecureWorld News

NOVEMBER 17, 2022

Gerstein, a 1980 West Point graduate, who served as the Department of Homeland Security Undersecretary (acting) and Deputy Undersecretary in the Science and Technology Directorate from 2011-2014, in his "Better Anticipating and Managing Today's Growing Cyber Risks" article.

Cyber Risk

Cyber Risk Technology Information Security Accountability

Cybersecurity Governance: The Road Ahead in an Era of Constant Evolution

Cisco Contributes to Cyber Hard Problems Report

Trending Sources

Cybersecurity in Aviation: Rising Threats and Modernization Efforts

Women in Cybersecurity & IWD: Why I’m Done!

NIST Risk Assessment Template: A Step-by-Step Guide to Effective Risk Management

A Unified Approach to Exposure Management: Introducing Tenable One Connectors and Customized Risk Dashboards

ICFR Best Practices: How to Design and Maintain Strong Financial Controls

Fire Doesn't Innovate by Kip Boyle (Book Review)

“Fire Doesn’t Innovate” by Kip Boyle (Book Review)

International Association of Chiefs of Police (IACP) Appoints CyberSecurity Expert Witness Joseph Steinberg To Computer Crime & Digital Evidence Committee

How to Use Your Asset Management Software to Reduce Cyber Risks

7 Insights About Managing Cyber Risk You Can’t Afford To Miss

Securing Success: The Crucial Role of a Cybersecurity Specialist in a Growing Business

AUTHOR Q&A: China’s spy balloons reflect a cyber warfare strategy America must counter

Episode 241: If Its Smart, Its Vulnerable a Conversation with Mikko Hyppönen

Australia entities suffer Cyber Attacks and QUAD update

4 Critical Capabilities Your Cyber Risk Management Tools Should Have

Third Party Cyber Risk is growing. Most Companies aren’t prepared.

How security pros, the insurance industry, and regulators can combat ransomware

COVID-19 Vaccination Management Problems Have Created a Privacy Nightmare For Americans – Even Without Vaccine Passports

CISA’ Cybersecurity Performance Goals update: Key changes and additions your team should know

Why is Chinese threat actor APT 41 in a tearing hurry?

Securing Success: The Crucial Role of a Cybersecurity Specialist in a Growing Business

NIST Framework Version 2.0 a Smart Evolution from 1.1

3 Truths about the State of CRQ

Cybersecurity Is Not A One-Stop-Shop

Protecting your Customers and Brand in 2022: Are you doing enough?

Episode 209: Fortinet’s Renee Tarun on Scaling InfoSec To Meet Tomorrow’s Challenges

Tom McArdle Joins At-Bay as National Broker Executive

The Challenges in Building Digital Trust

NIS2 Framework: Your Key To Achieving Cybersecurity Excellence

Spotlight Podcast: Synopsys’ Dan Lyon on the Challenge of Securing Connected Medical Devices

The Evolving Legislative and Compliance Landscape: A Roadmap for Business Leaders

The Evolving Legislative and Compliance Landscape: A Roadmap for Business Leaders

Why are “Secure” Companies Still Being Hacked?

10 Best Attack Surface Management Tools

Top Benefits of Effective 3rd Party Vendor Risk Management

SHARED INTEL: New book on cyber warfare foreshadows attacks on elections, remote workers

Black-box vs. Grey-box vs. White-box: Which Penetration Test Is Right for You?

Author Q&A: Former privacy officer urges leaders to prioritize security as part of cloud migration

The Aviation and Aerospace Sectors Face Skyrocketing Cyber Threats

Security Roundup March 2024

Key Cybersecurity Trends for 2024: My Predictions

Army Cyber Defense Review: 'The Only Constant Is Change'

Stay Connected