CSO Magazine

JANUARY 31, 2022

It’s still early days, but if this year is anything like years past, it’s safe to say CISOs will have a lot to contend with, from a continuing labor shortage to the increasing sophistication of cyberattacks to an ongoing threat from nation-state actors. However, they also have plenty of ideas on how they’ll tackle those challenges.

CISO 98

CISO Software 98

SecureWorld News

SEPTEMBER 30, 2020

It is a common feeling in the cybersecurity community that CISOs do not sleep well at night. CISOs worry about the latest incident, end of life technology in their environment, breaches in the news, insecure users and vendors, penetration testing results, budget and resources, and the latest vulnerability report (to name a few).

CISO 102

CISO Penetration Testing Technology Antivirus 102

CSO Magazine

AUGUST 25, 2022

From the CISO perspective, a recent industry report from Coalfire on Software Supply Chain Risk hit the nail on the head: “Managing risk within software supply chains and product development lifecycles has become as important as protecting traditional, physical inventories and equipment supply lines.”

Software 111

Software CISO Risk Technology 111

CSO Magazine

MARCH 16, 2021

The attackers compromised their victims by injecting malicious code into the legitimate software updates for a popular network management platform developed by a company called SolarWinds. To read this article in full, please click here (Insider Story)

Software 106

Software CISO 106

SecureWorld News

NOVEMBER 16, 2023

In a move that has raised concerns about the company's cybersecurity posture, Amy Bogac, Clorox's CISO, has stepped down from her position. For CISOs, the 'C' in the title designates a considerable degree of responsibility for material business value.

CISO 112

CISO Cybersecurity CSO Risk 112

SecureWorld News

OCTOBER 2, 2024

CISOs report a growing focus on managing AI-generated vulnerabilities and addressing insider threats amplified by the misuse of advanced AI tools. CISOs are working on improving collaboration with federal partners to share intelligence and best practices for AI threat management. Promote the CISO's role in digital transformation.

Cyber threats 116

Cyber threats CISO Digital transformation Artificial Intelligence 116

CSO Magazine

NOVEMBER 4, 2021

Late last year, a group believed to be Russia’s Cozy Bear (APT29) successfully compromised SolarWinds’ Orion update software , turning it into a delivery vehicle for malware. Nearly 100 customers of the popular network monitoring tool were affected, including government entities and cybersecurity company FireEye.

CISO 117

CISO Government Malware Software 117

SC Magazine

MAY 6, 2021

SolarWinds this week announced that its vice president of security Tim Brown has taken on the additional title of CISO, as part of the company’s ongoing efforts to institute a secure-by-design posture. (“ SolarWinds letters” by sfoskett at is licensed under CC BY-NC-SA 2.0 ). Hard to say. Only my paycheck.”.

CISO 70

CISO Media CSO Information Security 70

CyberSecurity Insiders

MARCH 16, 2022

The research was compiled by Cider Security along with experts from Netflix, Atlassian, Mozilla, Lemonade Insurance, Rapid7, Databricks, and the former CISOs of Twitter and LivePerson. CI/CD environments, processes, and systems are the beating heart of any modern software organization. You can access the full research report here. .

Risk 109

Risk CISO Insurance Engineering 109

Duo's Security Blog

JULY 13, 2021

Bridge the Gap with Cisco: Best Practices for Balancing Productivity and Security Stolen credentials and unpatched software are common attack vectors used by cybercriminals in many types of attacks, including ransomware. Wendy will give the CISO perspective on how to build a sustainable, ongoing program using evidence-based practices.

CISO 105

CISO CSO Authentication Passwords 105

CyberSecurity Insiders

NOVEMBER 16, 2021

While in past years, InfoSec was previously the focus and CISOs were the norm – we’re moving to a new cybersecurity world order that expands the role of the CISO to a CSO (Chief Security Officer). The transition from hybrid to a software-defined world. Ransomware becomes the most feared adversary.

Cybersecurity 125

Cybersecurity Energy and Utilities Manufacturing Healthcare 125

CSO Magazine

APRIL 6, 2023

When I asked CISOs about their cyber threat intelligence (CTI) programs about five years ago, I got two distinct responses. For these organizations, threat intelligence programs were nothing more than blocking indicators of compromise (IoCs) with firewalls, endpoint security software, email gateways, or web proxies.

Cyber threats 109

Cyber threats CISO Firewall Software 109

Security Boulevard

OCTOBER 18, 2024

Plus, a PwC study says increased collaboration between CISOs and fellow CxOs boosts cyber resilience. Less than 50% of respondents say their organizations’ CISOs are involved “to a large extent” with strategic planning, reporting to the board and overseeing tech deployments.

Cybersecurity 69

Cybersecurity CISO CSO Risk 69

Security Boulevard

MAY 2, 2025

Check out best practices, recommendations and insights on protecting your cloud environments, OT systems, software development processes and more. Maintain a comprehensive asset inventory, and keep software updated and patched. SBOMs purpose is to provide granular visibility into all software components in your environment.

Cybersecurity 52

Cybersecurity Software Cyber Risk Risk 52

Security Boulevard

MAY 30, 2025

Plus, learn how CISOs and their teams add significant value to orgs major initiatives. CISOs who are involved early in cross-function decision-making generate more value than those who were consulted late or not at all, the report reads. Check out ETSIs new global standard for securing AI systems and models. Check out what they said.

CISO 64

CISO Cybersecurity Artificial Intelligence CSO 64

CyberSecurity Insiders

MARCH 30, 2023

Seasoned CISOs/CSOs understand the importance of effectively communicating cyber risk and the need for investment in cybersecurity defense to the board of directors. To ensure cybersecurity becomes a strategic part of the corporate culture, it is crucial for CISOs to present the topic in a clear, concise, and compelling manner.

Cybersecurity 119

Cybersecurity Cyber Risk CISO Risk 119

CSO Magazine

JUNE 6, 2023

Despite years of modernization initiatives, CISOs are still contending with an old-school problem: shadow IT, technology that operates within an enterprise but is not officially sanctioned — or on the radar of — the IT department.

Risk 105

Risk CISO Technology Malware 105

CSO Magazine

APRIL 26, 2022

The Cloud Security Alliance (CSA) recently published the Software-Defined Perimeter (SDP) 2.0 in zero-trust environments that CISOs and other security leaders need to know. in zero-trust environments that CISOs and other security leaders need to know. specification , which is created by their SDP and zero-trust working groups.

CISO 86

CISO Architecture Software 86

CSO Magazine

FEBRUARY 9, 2023

Security engineering teams are typically made up of software and infrastructure engineers, architects, and product managers. As security engineering teams continue to grow in prominence, CISOs need to be intentional with their structure and development. This presents a challenge to security leaders.

Engineering 88

Engineering CISO Software Risk 88

CSO Magazine

JULY 11, 2022

Hanson, the CISO and CIO of Code42, a cybersecurity software company, sees value in that outreach. When that happens, an analyst reaches out to the colleague to determine whether he or she violated any security rules and to confirm he or she understands the company’s cybersecurity best practices.

Risk 85

Risk CISO Security Awareness Software 85

Security Boulevard

DECEMBER 27, 2024

2 - CISOs will turn to multi-cloud security platforms When it comes to the cloud, enterprises are increasingly wary of putting all their eggs in one basket. In 2025, CISOs will be challenged to strike a balance between driving forward technological adoption and ensuring the security and resilience of these tools.

Cybersecurity 59

Cybersecurity CISO CSO Data breaches 59

Architect Security

JUNE 8, 2020

I contributed to this article by David Spark of CISO/Security Vendor Relationship Series. These are some of the best API security tips right now: 25 API Security Tips You’re Probably Not Considering.

CSO 40

CSO CISO Media Software 40

CyberSecurity Insiders

JUNE 3, 2021

The SolarWinds software that is used by thousands of federal government agencies and corporations in the US and aboard was hacked. But we can still make it hard for the hackers to get into the cores of software and hardware as SolarWinds did. Their software development process was also weak. Indications are that they did.

Cybersecurity 136

Cybersecurity Social Engineering Energy and Utilities Phishing 136

SecureWorld News

JUNE 2, 2022

He is active in CIO Roundtables, CISO Chicago, the Chicago Life Sciences Consortium, and the Technology Leaders' Association. Fun fact: my six years as CSO of Trexin is my first official full-time security role! Glenn's certifications and memberships include IEEE, (ISC)2 (CISSP), ISACA (CISA), and ITIL (SM).

Cybersecurity 98

Cybersecurity CSO Telecommunications Technology 98

eSecurity Planet

APRIL 27, 2023

The software supply chain issues identified … in OpenAI’s breach are not surprising, as most organizations are struggling with these challenges, albeit perhaps less publicly,” said Peter Morgan, who is the co-founder and CSO of Phylum.io, a cybersecurity firm that focuses on the supply chain. “The

Engineering 116

Engineering Risk CSO Software 116

SecureWorld News

OCTOBER 12, 2022

It was apropos that Ray Yepes, newly appointed CISO for the State of Colorado, opened the 2022 SecureWorld Denver conference on October 6th. Ray Yepes, CISO for the State of Colorado, presents the opening keynote. Down the hall, Brenden Smith, CISO at FirstBank, presented "Revisiting Deception Systems: Enterprise Use Cases."

CISO 98

CISO Healthcare Government Cybersecurity 98

SC Magazine

MARCH 10, 2021

.” “It would be possible, on detailed examination of video, to compromise elements of operational security,” agreed Mike Hamilton, co-founder and chief information security officer of CI Security and former Seattle CISO. Individual workers’ patterns and habits could be studied as well, to their detriment.

Surveillance 129

Surveillance IoT Accountability Hacking 129

The Last Watchdog

APRIL 11, 2024

Most businesses have a mix of software from multiple vendors and in-house software. Simbian helps every member of the security team from the CISO to the frontline practitioner solve their unique security needs in real-time. Each business and each member of a security team have unique, ever-changing security needs.

CSO 100

CSO Marketing Risk CISO 100

SecureWorld News

JUNE 4, 2020

A scan shows a total of five servers in China and 68 in the United States that apparently run the same Zoom server software as the Beijing server.". These quick actions earned praise from many CISOs around the world, who got what he was saying and were impressed with what he was doing.

Encryption 94

Encryption CSO InfoSec Cybersecurity 94

SC Magazine

MAY 1, 2021

With a career spanning two decades as a technology provider to businesses and government agencies, Levine brings a strategic and pragmatic approach to building secure software and cloud services without disrupting product velocity. Todd Bell serves as the chief information security officer and executive director at Valleywise Health.

Computers and Electronics 126

Computers and Electronics Technology Information Security Education 126

CyberSecurity Insiders

AUGUST 24, 2021

CISO Panel on Addressing Insider Risk. This year again, the event expects to draw security professionals from across the globe world, including: C-suite executives focused on information security, security, risk and compliance (CISO, CSO, CRO, CCO). © 2021 Code42 Software, Inc. Incident responders and security analysts.

Risk 45

Risk CISO CSO Education 45

SC Magazine

APRIL 16, 2021

They just haven’t been educated, so we really want to help educate people that are giving, that they may have talents or tools or resources or software or funding that really could help this larger ecosystem.”. But it really does. The letter also introduced the hashtags #CyberPhilanthropy and #ExpandCyberFunding.

Education 87

Education Media Cybercrime Internet 87

Security Boulevard

NOVEMBER 8, 2024

Meanwhile, cybercriminals have amplified their use of malware for fake software-update attacks. CISA is warning about a spear-phishing campaign that spreads malicious RDP files. Plus, OWASP is offering guidance about deepfakes and AI security. And get the latest on CISA’s international plan, Interpol’s cyber crackdown and ransomware trends.

Phishing 49

Phishing Cybersecurity Ransomware Cybercrime 49

ForAllSecure

SEPTEMBER 29, 2021

In August 2021, Dr James Ransome -- Veteran CISO, CSO, CPSO and Author -- hosted a fireside chat at FuzzCon 2021. Fagbemi of Resilient Software Security, and Jeff Costlow of Extrahop Networks to discuss the ins and outs of a successful security testing program. Contrary to popular belief the bottleneck is not finding new issues.

CSO 52

CSO Risk CISO Architecture 52

SC Magazine

MAY 3, 2021

said Dan Meacham, vice president of global security and corporate operations and CSO/CISO at film production company Legendary Entertainment. Too many vendors think their software product will address all issues. After all, “if it’s not easy to do business with you, then why am I doing business with you?”

Software 59

Software Engineering Media CISO 59

McAfee

NOVEMBER 12, 2020

It is not only the CISO, CSO or CIO’s responsibility to care and do the right thing. Your company should keep up to date with the latest patches/updates for all hardware and software systems as well as utilize and enable the latest features in their security software. Everyone is responsible and accountable.

Cybersecurity 61

Cybersecurity Government Risk Penetration Testing 61

SC Magazine

JUNE 11, 2021

For instance, Winick cited a 2017 New York Post article that suggested credit rating company Equifax had blamed its software vendor for a major breach, “thus violating another crisis communications commandment of ‘Be accountable.’”

Data breaches 101

Data breaches Media Identity Theft CSO 101