CISO, Cyber Risk, Government and Risk - Cyber Security Informer

Best Practices Q&A: Guidance about what directors need to hear from CISOs — from a board member

The Last Watchdog

APRIL 8, 2024

CISOs can sometimes be their own worst enemy, especially when it comes to communicating with the board of directors. Related: The ‘cyber’ case for D&O insurance Vanessa Pegueros knows this all too well. She serves on the board of several technology companies and also happens to be steeped in cyber risk governance.

CISO

CISO Risk Cybersecurity Insurance

What is Cyber Risk?

Security Boulevard

APRIL 8, 2021

The post What is Cyber Risk? The post What is Cyber Risk? The discouraging numbers continue to grow as the latest high-profile breaches make headlines. Another corporate giant crumbles with. appeared first on Hyperproof. appeared first on Security Boulevard.

Cyber Risk

Cyber Risk Risk CISO Government

Understanding Cyber Risk and the C-Suite

CyberSecurity Insiders

MAY 17, 2023

As a result, cybersecurity has become a top priority for organisations of all sizes, and the C-suite, including CEOs, CFOs, CIOs, and CISOs, plays a critical role in managing and mitigating cyber risk. Email remains the primary communication tool for businesses, but it also poses significant security risks.

Cyber Risk

Cyber Risk Risk Education Technology

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

What are the Implications of the SEC Regulating Your Cyber Risk Reporting?

Security Boulevard

APRIL 1, 2022

Last month, the Securities and Exchange Commission proposed rules and amendments to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies (The SEC has opened a comment period until May 9th, 2022 before it moves towards a final decision).

Cyber Risk

Cyber Risk Risk Government Cybersecurity

Annual Reports: How They Warn of Cyber Risk

SecureWorld News

OCTOBER 20, 2021

Cyberrisk is business risk. But how should we communicate this risk to the business, to clients, or to investors? Accenture annual report: risks we face from cyberattacks. However, we were most interested in seeing how Accenture articulated a particular business risk: the risk from a cyberattack.

Cyber Risk

Cyber Risk Risk Insurance Cyber Insurance

Understanding SEC Cyber Disclosure Rules and CISO Liability

Centraleyes

NOVEMBER 8, 2023

The SEC’s proposed cybersecurity disclosure rule , known as the Proposed Rule for Public Companies (PRPC), has ushered in a wave of concerns and challenges, particularly for CISOs. This tight timeline raises questions about the rules’ practicality and potential impact on CISOs’ liability.

CISO

CISO Cyber Risk Risk Cybersecurity

How to Integrate Cyber Risk Management with ERM – RiskLens Presents to PRMIA

Security Boulevard

JUNE 28, 2022

RiskLens CEO Nick Sanna and Risk Transformation Adviser Rob Eslinger appeared at the recent event of the Professional Risk Managers’ International Association, “Cyber Risk in a Turbulent World,” and encouraged risk managers to rise up against the status quo of cyber risk management.

Cyber Risk

Cyber Risk Risk CISO Government

Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk

The Security Ledger

MAY 16, 2024

In this Spotlight Podcast, host Paul Roberts talks with Chris Walcutt, the CSO of DirectDefense about the rising cyber threats facing operational technology (OT) and how organizations that manage OT - including critical infrastructure owners can best manage increased cyber risks to OT environments. Read the whole entry. »

CSO

CSO Risk Energy and Utilities Social Engineering

SEC Moves up Start Date of Reporting Material Cybersecurity Incidents

SecureWorld News

JULY 27, 2023

According to a press release yesterday from the United States Securities and Exchange Commission (SEC), the agency has "adopted rules requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy, and governance.

Cybersecurity

Cybersecurity CISO Cyber Risk Risk

International Association of Chiefs of Police (IACP) Appoints CyberSecurity Expert Witness Joseph Steinberg To Computer Crime & Digital Evidence Committee

Joseph Steinberg

DECEMBER 11, 2023

For more information please visit [link] About Joseph Steinberg Joseph Steinberg serves as a cybersecurity-focused expert witness, board member, and advisor to businesses and governments around the world. Analysts have calculated that he is among the top three cybersecurity influencers worldwide. patent filings.

Cybersecurity

Cybersecurity Artificial Intelligence CISO Technology

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 3)

The Last Watchdog

DECEMBER 14, 2023

Last Watchdog posed two questions: •What should be my biggest takeaway from 2023, with respect to mitigating cyber risks at my organization? Rebecca Krauthamer , Co-founder and CPO, QuSecure Krauthamer As new standards for quantum-resilient cryptography come into effect, many government agencies will move toward quantum-readiness.

Cybersecurity

Cybersecurity Marketing Encryption CISO

December 15 Marks Deadline for SEC's New Cyber Disclosure Rules

SecureWorld News

DECEMBER 11, 2023

Public companies will also have to share details about their "cybersecurity risk management, strategy, and governance" on an annual basis. Risk Management and Strategy Disclosure: Companies must disclose their cybersecurity risk management policies, governance procedures, and incident response plans in their annual reports.

CISO

CISO Risk Cybersecurity CSO

SEC to Put More Onus on Corporate Boards for Cybersecurity

SecureWorld News

JANUARY 24, 2023

Adding to the growing importance of the CISO role, required disclosures will also include how often and by which processes board members are informed of and discuss cyber risk. The new rules indeed show the increasing importance of the CISO's role, particularly as it pertains to communication with the board.

Cybersecurity

Cybersecurity Cyber Risk CISO Risk

Why an HR-IT Partnership is Critical for Managing Cybersecurity Risk

Security Boulevard

FEBRUARY 6, 2024

The post Why an HR-IT Partnership is Critical for Managing Cybersecurity Risk appeared first on Security Boulevard. By aligning priorities into a shared game plan, HR and IT can finally set their organizations up to defend against modern cyberthreats.

Risk

Risk Cybersecurity Social Engineering Cyber Risk

Cyber Insurance Costs Soaring: Is Your Organization Covered Enough?

SecureWorld News

JANUARY 11, 2024

Expanding coverage : Cyber insurance policies are evolving to cover a wider range of risks, including business interruption, regulatory fines, and crisis management. Data limitations : Accurately assessing cyber risk remains a challenge due to limited data. This broader scope naturally translates to higher premiums.

Cyber Insurance

Cyber Insurance Insurance Cyber Risk Data breaches

Building a Vulnerability Management Program from First Principles

Security Boulevard

APRIL 12, 2023

In today’s fast-paced and ever-evolving cybersecurity landscape, CISOs and security leaders are grappling with the challenges of tight budgets, increased government scrutiny and looming fines, and a relentless barrage of cyber threats.

Cyber Risk

Cyber Risk CISO Cyber threats Government

Peer Report Explores Concerns, Challenges Facing Cybersecurity Leaders

SecureWorld News

AUGUST 23, 2023

This morning, Critical Start released its first ever Cyber Risk Landscape Peer Report , which explores some of the major concerns and challenges currently confronting cybersecurity leaders as they manage risk within their organizations. Here are some comments on the cyber risk landscape from cybersecurity vendor experts.

Cybersecurity

Cybersecurity Cyber Risk Risk Cyber Insurance

Form risk operations centers to manage cyber as a business function

SC Magazine

MARCH 2, 2021

Visa has been a leader in establishing a risk operations center. We see a rapid shift in large enterprises towards thinking and communicating their posture in terms of risk. We see a new, dedicated function arising, the risk operations center (ROC). Executives are very good at making decisions based upon risk.

Risk

Risk CISO Cyber Risk Technology

The Cyber Insurance Landscape Has Grown More Complicated

SecureWorld News

APRIL 17, 2023

Risk management: Cyber insurance policies often require a risk assessment, which can help an organization identify and address vulnerabilities and improve its cybersecurity posture. Having cyber insurance can help ensure compliance with these requirements. Is it required? legal advice, forensic investigators, etc.)

Cyber Insurance

Cyber Insurance Insurance Risk CISO

Has ESG Become aWake-Up Call for Cybersecurity?

Security Boulevard

AUGUST 22, 2022

Cyber insurance has become more critical to organizations to help offset the risk to the company. Highly experienced cybersecurity experts, experienced personnel with a cyber risk management background, and professional engineers who understand physical infrastructure are in huge demand.

Cybersecurity

Cybersecurity Cyber Insurance Insurance CISO

Episode 228: CISA’s Eric Goldstein on being Everyone’s Friend in Cyber

The Security Ledger

OCTOBER 18, 2021

Eric Goldstein, Executive Assistant Director for Cybersecurity for the Cybersecurity and Infrastructure Security Agency (CISA), says the agency is all about helping companies and local government to keep hackers at bay. The post Episode 228: CISA’s Eric Goldstein on being Everyone’s Friend in Cyber. Read the whole entry. »

Government

Government Cyber Risk Cybersecurity CISO

Inside the Complex Universe of Cybersecurity

SecureWorld News

JANUARY 11, 2024

Working as CISO, DeSouza's areas of expertise include strategic planning, risk management, identity management, cloud computing, and privacy. While it fosters innovation, automation, and productivity, it simultaneously introduces significant cybersecurity and privacy risks. Zero Trust has come of age.

Cybersecurity

Cybersecurity CISO Cyber threats Risk

New York Financial Services Firms to Face More Cybersecurity Oversight

SecureWorld News

NOVEMBER 28, 2022

Designate a qualified individual (CISO or equivalent) responsible or overseeing and implementing a cybersecurity program and enforcing its cybersecurity policy. Require the CISO to provide a written report at least annually to the board or equivalent governing body.

Financial Services

Financial Services Cybersecurity CISO InfoSec

Spotlight on Cybersecurity Leaders: Kip Boyle

SecureWorld News

NOVEMBER 2, 2022

He helps senior decision makers overcome cybersecurity sales objections and manages unlimited cyber risks through rigorous prioritization. In the private sector, he was a CISO for an insurance company, credit card processor, bank, credit union, and IT Managed Service Provider.

Cybersecurity

Cybersecurity Cyber Insurance Insurance Cyber Risk

Episode 230: Are Vaccine Passports Cyber Secure?

The Security Ledger

NOVEMBER 11, 2021

In this episode of the podcast (#230) Siddarth Adukia, a regional Director at NCC Group, joins host Paul Roberts to talk about the (cyber) risks and (public health) rewards of vaccine passport systems: how they work, how they can be compromised and what to do about it. The post Episode 230: Are Vaccine Passports Cyber Secure?

Cyber Risk

Cyber Risk CISO Risk Technology

Security Experts Assess 2.0 Draft of NIST Cybersecurity Framework

SecureWorld News

AUGUST 23, 2023

For a solid rundown of what the updates mean, check out this SecureWorld article from Kip Boyle , vCISO, Cyber Risk Opportunities LLC. Michael Gregg, CISO, State of North Dakota: " One of the things that most excites me about the new framework is the addition of the 'govern' function. 19, Detroit on Sept.

Cybersecurity

Cybersecurity CISO Government Risk

US urges mayors to confer with states on cyber posture, but can more be done?

SC Magazine

JULY 9, 2021

Cyber thought leaders were quick to acknowledge the importance of continued cooperation across federal, state and local jurisdictions, though several CISOs suggested that there wasn’t too much new ground covered and recommended ways the federal and state governments and private industry could do even more to assist overwhelmed municipalities.

CISO

CISO Government Cryptocurrency Ransomware

Spotlight Podcast: Public Sector levels up to tackle Cyber Threats

The Security Ledger

APRIL 9, 2020

In this Spotlight edition of the podcast, sponsored* by RSA Security, we go deep on public sector cyber risk with two interviews from the most recent RSA Conference: Kelvin Coleman, the Executive Director of the National Cyber Security Alliance (NCSA) and Sean McHenry, the CISO of the Utah State Board of Education.

Cyber threats

Cyber threats CISO Education Cyber Risk

CyberSaint STRONGER 2022 Conference Call for Speakers is Open!

CyberSecurity Insiders

FEBRUARY 1, 2022

BOSTON–( BUSINESS WIRE )– CyberSaint , the developer of the leading platform delivering cyber risk automation, today announced that the company is seeking speaker submissions for its virtual STRONGER conference, set to occur September 13th-15th 2022. Conference Tracks: Frameworks, Security, & Risk. InfoSec 360.

Digital transformation

Digital transformation InfoSec CISO Education

Protecting your Customers and Brand in 2022: Are you doing enough?

Jane Frankland

APRIL 28, 2022

Nowadays, organisations need digital leaders such as CIOs, CISOs, and CTOs who are strategists, visionaries, and know how to manage, effectively. Additionally, that data stored in the cloud – which includes public clouds, government-owned clouds, private clouds, and cloud storage providers – is expected to climb to 100 zettabytes by 2025.

CISO

CISO Mobile Technology Risk

Seven Massachusetts Cities Join Forces to Bolster Cybersecurity Posture

SecureWorld News

MAY 16, 2023

The city has a more established IT setup, including a full-time IT director, which many of the smaller towns lack, according to this Government Technology article. We use this type of model for our 'Whole of State' approach to security in North Dakota," says Michael Gregg, CISO for the State of North Dakota. This is a great approach.

Cybersecurity

Cybersecurity Insurance Cyber Risk CISO

Deciphering the Omnibus for Medical Device Security

NetSpi Executives

OCTOBER 17, 2023

This includes the provision of post-market updates and patches, addressing known unacceptable vulnerabilities on a reasonable schedule and addressing critical vulnerabilities that could pose uncontrolled risks as soon as they are discovered. Additionally, the requirements expand government involvement in this sector.

Healthcare

Healthcare Manufacturing Cyber Risk Cybersecurity

Episode 214: Darkside Down: What The Colonial Attack Means For The Future of Ransomware

The Security Ledger

MAY 15, 2021

Intel 471 CISO Brandon Hoffman joins us to to discuss Darkside, the ransomware group that attacked the Colonial Pipeline, why the crew may have bitten off more than it can chew and what the attack says about the state of America's Critical Infrastructure. government into an unanticipated crisis. government. government.

Ransomware

Ransomware CISO Government Cyber Risk

Highlights and Insights from SecureWorld Boston 2023

SecureWorld News

MARCH 28, 2023

Those who had the opportunity to attend this year's conference heard some amazing keynote sessions, starting with the opener on Day 1 of the event by Andrew Smeation, CISO for Afiniti. Keen awareness of business risk 2. Our second keynote of Day 1 was given by the eccentric Chris Roberts, CISO of Boom Supersonic.

Technology

Technology Cyber Risk CISO Cybersecurity

Cybersecurity Is the Most Prevalent ESG Issue We're Not Talking About

SecureWorld News

AUGUST 14, 2022

While the focus on Environmental Social and Governance (ESG) issues has gained traction in recent years, both within boardrooms and investment spaces, the focus on carbon credits and workforce diversity has diverted the existential crisis that companies face from cybersecurity. Register here to watch the session on-demand.

Cybersecurity

Cybersecurity Data breaches Cyber Risk Accountability

SPOTLIGHT: Women in Cybersecurity

McAfee

NOVEMBER 3, 2020

Forrester also predicts that the number of women CISOs at Fortune 500 companies will rise to 20 percent in 2019 , compared with 13 percent in 2017. Her work centered on helping aerospace manufacturers manage the convergence of cyber risk across their increasingly complex business ecosystem, including IT, OT and connected products.

Cybersecurity

Cybersecurity Architecture Cloud Migration Retail

Cyber Security Awareness and Risk Management

Spinone

DECEMBER 26, 2018

In this article we will learn how to address and effectively respond to major enterprise cybersecurity threats and provide tips to mitigate IT security risk. Be On Your Guard with the Most Treacherous Insider Roles A paramount priority when addressing the threat is to distinguish the fundamental insider risks.

Security Awareness

Security Awareness Risk Cyber threats Cyber Risk

Two Tools from RiskLens for Defensive Cyber Insurance Shopping

Security Boulevard

JUNE 1, 2022

cyber insurance carriers in 2021 rose 92% year-over-year, largely in response to a surge in ransomware. Cyber risk insurers are also declining coverage to companies with substandard cybersecurity controls, as well as changing the fine print for sublimits to reduce coverage for types of losses one by one.

Cyber Insurance

Cyber Insurance Insurance Cyber Risk Risk

Security Outlook 2023: Cyber Warfare Expands Threats

eSecurity Planet

JANUARY 5, 2023

After a year that saw massive ransomware attacks and open cyber warfare, the biggest question in cybersecurity for 2023 will likely be how much of those attack techniques get commoditized and weaponized. “All of this means cyber risk continues to escalate and that CISOs need to be just as nimble and methodical as the adversary.”.

Ransomware

Ransomware CISO Software Cybercrime

Research details how cybersecurity’s reputation rose in the pandemic’s first months

SC Magazine

APRIL 15, 2021

The overall implication will be that cybersecurity is valued at a higher level and has a better voice within the overall organization,” said one CISO. Among other things, governments and universities lagged, while financial services excelled. The full report can be found here. The pandemic’s broad impact across the U.S.

Financial Services

Financial Services Cyber Risk Healthcare Cybersecurity

New York Takes Bold Stance Against Hospital Cyber Attacks

SecureWorld News

DECEMBER 6, 2023

The proposed regulations, designed specifically for hospitals, establish a robust framework for cybersecurity risk management and incident response. Governor Hochul recently announced New York's first-ever statewide cybersecurity strategy aimed at protecting the State's digital infrastructure from today's cyber threats.

Cyber Attacks

Cyber Attacks Healthcare Computers and Electronics Financial Services

Cybersecurity in 2022, Predictions for digital ecosystem facing more challenges and sophisticated threats

CyberSecurity Insiders

DECEMBER 7, 2021

Including the continued challenges of protecting critical infrastructure, the supply chain, and the ever-present task of finding qualified cybersecurity workers to fill scores of vacant roles in corporations and government that I forecasted still issues for the coming year. With that comes cyber-risk. Strategic, and Tactical.

Cybersecurity

Cybersecurity IoT Artificial Intelligence Cyber threats

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

SecureWorld News

JULY 31, 2023

Sam Masiello , CISO, The Anschutz Corporation: "I would expect that many CISOs today are feeling as if their job just got harder and now has a brighter spotlight shining specifically on them. Many CISOs are already burnt out, and there is shortage of qualified CISOs globally. CISOs are expected to be a unicorn already.

CISO

CISO InfoSec Risk Cybersecurity

Safety first: Will insurance companies stall or accelerate cybersecurity progress?

SC Magazine

FEBRUARY 8, 2021

In one notable example, insurers refused to pay Mondelez International’s claim after the NotPetya attack was labeled an act of the Russian government, claiming the attack fell under the policy’s “hostile or warlike action in time of peace or war” exemption. And in a few high-profile cases, insurance companies have bailed.

Insurance

Insurance Cyber Insurance Cybersecurity Government

Best Practices Q&A: Guidance about what directors need to hear from CISOs — from a board member

What is Cyber Risk?

Webinars

Trending Sources

Understanding Cyber Risk and the C-Suite

Webinars

What are the Implications of the SEC Regulating Your Cyber Risk Reporting?

Annual Reports: How They Warn of Cyber Risk

Understanding SEC Cyber Disclosure Rules and CISO Liability

How to Integrate Cyber Risk Management with ERM – RiskLens Presents to PRMIA

Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk

SEC Moves up Start Date of Reporting Material Cybersecurity Incidents

International Association of Chiefs of Police (IACP) Appoints CyberSecurity Expert Witness Joseph Steinberg To Computer Crime & Digital Evidence Committee

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 3)

December 15 Marks Deadline for SEC's New Cyber Disclosure Rules

SEC to Put More Onus on Corporate Boards for Cybersecurity

Why an HR-IT Partnership is Critical for Managing Cybersecurity Risk

Cyber Insurance Costs Soaring: Is Your Organization Covered Enough?

Building a Vulnerability Management Program from First Principles

Peer Report Explores Concerns, Challenges Facing Cybersecurity Leaders

Form risk operations centers to manage cyber as a business function

The Cyber Insurance Landscape Has Grown More Complicated

Has ESG Become aWake-Up Call for Cybersecurity?

Episode 228: CISA’s Eric Goldstein on being Everyone’s Friend in Cyber

Inside the Complex Universe of Cybersecurity

New York Financial Services Firms to Face More Cybersecurity Oversight

Spotlight on Cybersecurity Leaders: Kip Boyle

Episode 230: Are Vaccine Passports Cyber Secure?

Security Experts Assess 2.0 Draft of NIST Cybersecurity Framework

US urges mayors to confer with states on cyber posture, but can more be done?

Spotlight Podcast: Public Sector levels up to tackle Cyber Threats

CyberSaint STRONGER 2022 Conference Call for Speakers is Open!

Protecting your Customers and Brand in 2022: Are you doing enough?

Seven Massachusetts Cities Join Forces to Bolster Cybersecurity Posture

Deciphering the Omnibus for Medical Device Security

Episode 214: Darkside Down: What The Colonial Attack Means For The Future of Ransomware

Highlights and Insights from SecureWorld Boston 2023

Cybersecurity Is the Most Prevalent ESG Issue We're Not Talking About

SPOTLIGHT: Women in Cybersecurity

Cyber Security Awareness and Risk Management

Two Tools from RiskLens for Defensive Cyber Insurance Shopping

Security Outlook 2023: Cyber Warfare Expands Threats

Research details how cybersecurity’s reputation rose in the pandemic’s first months

New York Takes Bold Stance Against Hospital Cyber Attacks

Cybersecurity in 2022, Predictions for digital ecosystem facing more challenges and sophisticated threats

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

Safety first: Will insurance companies stall or accelerate cybersecurity progress?

Stay Connected