CISO, Cybersecurity, Government and Risk

From Compliance to Resilience: Cyber Governance as the Cornerstone of CISO Strategy

SecureWorld News

MAY 2, 2024

The role of a Chief Information Security Officer (CISO) is undeniably complex, yet incredibly rewarding. However, the challenges faced by CISOs are mounting, exacerbated by the evolving threat landscape and regulatory environment. These incidents underscore the critical importance of effective governance in cybersecurity programs.

CISO

CISO Government CSO Artificial Intelligence

Best Practices Q&A: Guidance about what directors need to hear from CISOs — from a board member

The Last Watchdog

APRIL 8, 2024

CISOs can sometimes be their own worst enemy, especially when it comes to communicating with the board of directors. She serves on the board of several technology companies and also happens to be steeped in cyber risk governance. LW: Why do so many CISOs still not get it that FUD and doom-and-gloom don’t work?

CISO

CISO Risk Cybersecurity Insurance

Cybersecurity Infrastructure Investment Crashes and Burns Without Governance

Security Boulevard

MARCH 28, 2024

Just like pilot awareness is crucial during unexpected aviation events, cybersecurity's traditional focus on infrastructure needs to shift to more adept governance. The post Cybersecurity Infrastructure Investment Crashes and Burns Without Governance appeared first on Security Boulevard.

Government

Government Cybersecurity CISO Security Awareness

CISO Liability Risk and Jail Time, (ISC)2 Bylaw Vote and the Value of Cybersecurity Certifications

Security Boulevard

OCTOBER 30, 2022

Rafal Los, host of the popular Down the Security Rabbithole Podcast, joins us to discuss CISO liability risk and the ongoing discussion in the cybersecurity community about CISOs going to jail.

CISO

CISO Risk Cybersecurity Data privacy

Strengthening Cybersecurity in Local Government: How to Protect Networks Amid an Epidemic

Security Boulevard

FEBRUARY 1, 2024

By: Randy Griffith, Senior Security Consultant, Strategy and Risk In the ever-evolving cybersecurity landscape, organizations are constantly striving to enhance their defenses against organized malicious actors.

Government

Government Cybersecurity CISO Cyber Attacks

Four Steps to Cutting Cybersecurity Budgets Without Increasing Risk

Security Boulevard

JULY 12, 2023

Here's how CISOs can look at cybersecurity through a capital efficiency lens without unacceptably growing risk—to the organization and their own jobs. The post Four Steps to Cutting Cybersecurity Budgets Without Increasing Risk appeared first on Security Boulevard.

Risk

Risk Cybersecurity CISO Government

CISO Stories Podcast: No Insider Cybersecurity Risk? Guess Again!

Security Boulevard

JUNE 9, 2021

The post CISO Stories Podcast: No Insider Cybersecurity Risk? What happens when an employee decides to leave the organization and start their own business – but with your Intellectual property or customer lists? . Guess Again! appeared first on Security Boulevard.

CISO

CISO Risk Cybersecurity Security Awareness

2021 Cybersecurity: Mitigating Mobile Security Risks for CISOs

Security Boulevard

MAY 25, 2021

Cybersecurity has always been a significant challenge for businesses, mostly due to the increasing financial and reputational cost of data breaches. The post 2021 Cybersecurity: Mitigating Mobile Security Risks for CISOs appeared first on The State of Security.

CISO

CISO Mobile Risk Cybersecurity

Top skill-building resources and advice for CISOs

CSO Magazine

OCTOBER 17, 2022

The role of the CISO has evolved, and so have the responsibilities. Some believe a CISO must have technical knowledge and experience as a cybersecurity professional, others think leadership skills such as being able to communicate with boards are what matters most. To read this article in full, please click here

CISO

CISO Telecommunications Insurance Government

Developing a Risk Management Approach to Cybersecurity

Security Boulevard

MARCH 30, 2021

By now most CISOs understand that focusing your cybersecurity program on regulatory compliance is no longer sufficient. The post Developing a Risk Management Approach to Cybersecurity appeared first on Hyperproof. The post Developing a Risk Management Approach to Cybersecurity appeared first on Security Boulevard.

Risk

Risk Cybersecurity CISO Government

International Association of Chiefs of Police (IACP) Appoints CyberSecurity Expert Witness Joseph Steinberg To Computer Crime & Digital Evidence Committee

Joseph Steinberg

DECEMBER 11, 2023

Veteran cybersecurity expert witness executive will help strengthen law enforcement capabilities to prevent, investigate, and prosecute information-age crimes. Analysts have calculated that he is among the top three cybersecurity influencers worldwide. patent filings.

Cybersecurity

Cybersecurity Artificial Intelligence CISO Technology

Sisense Hacked: CISA Warns Customers at Risk

Security Boulevard

APRIL 12, 2024

Government says victims include the “critical infrastructure sector.” The post Sisense Hacked: CISA Warns Customers at Risk appeared first on Security Boulevard. A hard-coded credential catastrophe: The analytics firm kept big companies’ secrets in an insecure AWS bucket.

Risk

Risk Hacking Government Digital transformation

How a CISO Values CCSP Training and Certification

CyberSecurity Insiders

AUGUST 11, 2021

Chief Information Security Officer (CISO) Luis Gonsalves, Head of Security for Portugal’s central bank, and founder of the Cloud Security Alliance’s Portugal Chapter, says Certified Cloud Security Professional (CCSP) stands out from other technical certifications. That’s the real differentiator ,” he says. Read the Full Article.

CISO

CISO Data privacy Banking Risk

Why an HR-IT Partnership is Critical for Managing Cybersecurity Risk

Security Boulevard

FEBRUARY 6, 2024

The post Why an HR-IT Partnership is Critical for Managing Cybersecurity Risk appeared first on Security Boulevard. By aligning priorities into a shared game plan, HR and IT can finally set their organizations up to defend against modern cyberthreats.

Risk

Risk Cybersecurity Social Engineering Cyber Risk

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 3)

The Last Watchdog

DECEMBER 14, 2023

Here’s the final installment of leading technologists sharing their observations about cybersecurity developments in the year that’s coming to a close — and the year to come. Last Watchdog posed two questions: •What should be my biggest takeaway from 2023, with respect to mitigating cyber risks at my organization?

Cybersecurity

Cybersecurity Marketing Encryption CISO

What the White House’s Cybersecurity Strategy Means for CISOs

Security Boulevard

MAY 16, 2023

Cybersecurity is a huge concern. The post What the White House’s Cybersecurity Strategy Means for CISOs appeared first on Security Boulevard. The post What the White House’s Cybersecurity Strategy Means for CISOs appeared first on Security Boulevard.

CISO

CISO Cybersecurity Ransomware Risk

Different Types of CISOs, Diverse Missions

Security Boulevard

NOVEMBER 30, 2023

There are a range of distinct roles/missions that hold the CISO title. The post Different Types of CISOs, Diverse Missions appeared first on Security Boulevard. Their ultimate goals are similar, but how they are positioned to do that varies.

CISO

CISO Security Awareness Risk Government

Today’s CISO Insights – How to Tackle the Quantum Threat

CyberSecurity Insiders

MAY 3, 2023

This is why CISOs everywhere should be concerned. Government secrets: Classified information, military secrets, or other sensitive government information that can be used for espionage. CISOs should begin to familiarize themselves with these and evaluate their potential suitability for adoption.

CISO

CISO Identity Theft Encryption Social Engineering

CISO Stories Podcast: Which Approach Wins – Compliance or Risk?

Security Boulevard

NOVEMBER 24, 2021

Cybersecurity programs have evolved from the early days of compliance with regulations. The post CISO Stories Podcast: Which Approach Wins – Compliance or Risk? Is it really security? LBMC’s Mark Burnette joins the podcast as the differences between compliance and true security are discussed - check it out.

CISO

CISO Risk Cybersecurity Government

What the Charges Against the SolarWinds CISO Mean for Security in 2024

Security Boulevard

JANUARY 29, 2024

The indictment of the SolarWinds CISO by the SEC served as a harsh wake-up call to the corporate world. The post What the Charges Against the SolarWinds CISO Mean for Security in 2024 appeared first on Security Boulevard.

CISO

CISO Security Awareness Risk Government

New SEC Cybersecurity Rules and What It Means for Board Oversight

Security Boulevard

AUGUST 17, 2023

The SEC adopted new rules surrounding cybersecurity risk management, strategy, governance, and incident disclosure. As a CISO, this no doubt impacts how your company discloses material cybersecurity incidents through a Form 8-K item and annually cybersecurity risk management and governance through the company’sForm 10-K.

Cybersecurity

Cybersecurity CISO Government Risk

Should the CISO Report to the CIO?

Cisco Security

JULY 1, 2021

The Chief Information Security Officer (CISO) is the organization’s senior executive in charge of the cybersecurity and the information technology risk management posture of the enterprise. federal government in particular, the CISO reports to the Chief Information Officer (CIO).

CISO

CISO Technology Risk Government

Understanding SEC Cyber Disclosure Rules and CISO Liability

Centraleyes

NOVEMBER 8, 2023

The SEC’s proposed cybersecurity disclosure rule , known as the Proposed Rule for Public Companies (PRPC), has ushered in a wave of concerns and challenges, particularly for CISOs. The rule mandates that companies report material cybersecurity incidents within four days.

CISO

CISO Cyber Risk Risk Cybersecurity

Inside the Complex Universe of Cybersecurity

SecureWorld News

JANUARY 11, 2024

Working as CISO, DeSouza's areas of expertise include strategic planning, risk management, identity management, cloud computing, and privacy. What developments in the security landscape have sparked your enthusiasm, and how does it impact the future of cybersecurity? Zero Trust has come of age. With tailwinds such as the U.S.

Cybersecurity

Cybersecurity CISO Cyber threats Risk

Local government cybersecurity: 5 best practices

Malwarebytes

SEPTEMBER 30, 2022

It seems like not a day goes by where we don’t hear about a local government cyberattack. Indeed, from 911 call centers to public schools , cyberattacks on local governments are as common as they are devastating. Just how often do threat actors attack local governments? said daily. said daily. Table of Contents.

Government

Government Cybersecurity Cyber Insurance Insurance

Nine Top of Mind Issues for CISOs Going Into 2023

Cisco Security

JANUARY 10, 2023

As the majority of the global Covid fog finally started lifting in 2022, other events – and their associated risks – started to fill the headspace of C-level execs the world over. In my role, I regularly engage with CISOs in all kinds of sectors, representatives at industry bodies, and experts at analyst houses.

CISO

CISO Insurance Cyber Insurance Phishing

Identity Governance: Right People, Right Access, Right Time

Security Boulevard

MAY 12, 2023

This results in headaches for CIOs and CISOs who want to ensure organizations. The post Identity Governance: Right People, Right Access, Right Time appeared first on Security Boulevard. In doing so, IT teams are facing new challenges to ensure the right level of access to the right people at the right time.

Government

Government Digital transformation CISO Software

SEC Moves up Start Date of Reporting Material Cybersecurity Incidents

SecureWorld News

JULY 27, 2023

According to a press release yesterday from the United States Securities and Exchange Commission (SEC), the agency has "adopted rules requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy, and governance.

Cybersecurity

Cybersecurity CISO Cyber Risk Risk

New York Enhances Cybersecurity Regulations of Financial Services

SecureWorld News

NOVEMBER 14, 2023

On November 1, 2023, the New York Department of Financial Services (NYDFS) took a significant step toward strengthening cybersecurity defenses across the financial sector by finalizing amendments to Part 500 of its cybersecurity regulations.

Financial Services

Financial Services Cybersecurity CISO Risk

Burnout: The Hidden Cost of Working in Cybersecurity & Other High Risk Fields

Jane Frankland

JUNE 20, 2023

Since 2011, I’ve consistently spoken, and written about the dangers of burnout in cybersecurity, and proposed leadership strategies for employee wellbeing. And these changes increase the risk of developing anxiety, depression, and other mental health issues. It poses a threat in numerous ways.

Cybersecurity

Cybersecurity Risk InfoSec CISO

People Skills Outweigh Technical Prowess in the Best Security Leaders

SecureWorld News

OCTOBER 5, 2023

Having helped build out many SecureWorld conferences, I have come to realize—likely to no one's surprise—that the best cybersecurity leaders indeed have some technical prowess, but it is their soft skills that make them exceptional leaders. That's a soft skill that even the most adept CISOs are still trying to master.

CISO

CISO Risk Government Cybersecurity

Three Risk Mitigation Strategies to Address the Latest Data Security Threats

CyberSecurity Insiders

JUNE 7, 2023

By Dannie Combs , Senior Vice President and CISO, Donnelley Financial Solutions (DFIN) As security threats to data continue to ebb and flow (mostly flow!), Here are three risk mitigation imperatives that can help organizations get a better handle on these latest risks and threats.

Risk

Risk Artificial Intelligence Technology Digital transformation

Has ESG Become aWake-Up Call for Cybersecurity?

Security Boulevard

AUGUST 22, 2022

Has ESG Become aWake-Up Call for Cybersecurity? Cyber insurance has become more critical to organizations to help offset the risk to the company. Highly experienced cybersecurity experts, experienced personnel with a cyber risk management background, and professional engineers who understand physical infrastructure are in huge demand.

Cybersecurity

Cybersecurity Cyber Insurance Insurance CISO

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

The Last Watchdog

APRIL 13, 2022

These Russian cyber actors are government organizations and include other parties who take their orders from the Russian military or intelligence organizations – while not technically under government control. Cybersecurity and Infrastructure Security Agency (CISA) has started a campaign to increase awareness of these risks to U.S.

Cybersecurity

Cybersecurity Cybercrime Education Passwords

Why the modern CISO should plan for greater Cybersecurity Regulations in the Biden Era

SC Magazine

MARCH 25, 2021

Just a few months past the initial SolarWinds discovery, it is clear that standardized cybersecurity regulation is needed to outline best practices for companies to follow. Part of this preparedness means understanding how potential legislation could reshape cybersecurity efforts. In March 2021, President Biden signed the $1.9

CISO

CISO Cybersecurity CSO Government

Former Uber CISO Conviction Affirmed by Trial Court

Security Boulevard

JANUARY 19, 2023

On January 11, 2023, presiding United States District Judge William Orrick in San Francisco denied the motion of Joe Sullivan, the former CISO of Uber, for a judgment of acquittal. The post Former Uber CISO Conviction Affirmed by Trial Court appeared first on Security Boulevard.

CISO

CISO Data breaches Risk Government

December 15 Marks Deadline for SEC's New Cyber Disclosure Rules

SecureWorld News

DECEMBER 11, 2023

December 15, 2023, marks a significant shift in the cybersecurity landscape for publicly traded companies. Securities and Exchange Commission (SEC) has implemented new cyber incident disclosure rules, requiring companies to be more transparent and timely in their communication of cybersecurity breaches and vulnerabilities.

CISO

CISO Risk Cybersecurity CSO

Is fighting cybercrime a losing battle for today’s CISO?

CyberSecurity Insiders

JANUARY 12, 2022

In this blog, we’ll look at the root causes of concern for today's CISO and share some practical strategies to deter cybercriminals. The CISO role can be an unenviable one. The most obvious cybersecurity strategy is to take a people-centric approach, with a 70-80% focus on staff awareness. over a long holiday weekend.

CISO

CISO Cybercrime Risk Healthcare

Security Experts Assess 2.0 Draft of NIST Cybersecurity Framework

SecureWorld News

AUGUST 23, 2023

National Institute of Standards and Technology (NIST) released the Initial Public Draft of its Cybersecurity Framework (CSF) version 2.0. For a solid rundown of what the updates mean, check out this SecureWorld article from Kip Boyle , vCISO, Cyber Risk Opportunities LLC. On August 8, 2023, the U.S. 19, Detroit on Sept.

Cybersecurity

Cybersecurity CISO Government Risk

Prosecutors Argue for 15 Months in Jail for Uber CISO

Security Boulevard

MAY 3, 2023

In a sentencing memorandum filed with a San Francisco federal court on April 27, 2023, prosecutors argued that Joe Sullivan—the former CISO of Uber and a former federal computer crimes prosecutor himself (with the same office)—should serve 15 months in federal prison for his role in the ride-sharing company’s concealment of a data breach.

CISO

CISO Data breaches Risk Government

CISO workshop slides

Notice Bored

AUGUST 5, 2022

Other slides in the deck appear to equate ' security posture ' to vulnerability management and software/systems patching - a rather narrow/specific technical concern for metrics suggested to senior management, although arguably it is a major factor in cybersecurity - or to security strategy.

CISO

CISO Risk Artificial Intelligence Marketing

SEC to Put More Onus on Corporate Boards for Cybersecurity

SecureWorld News

JANUARY 24, 2023

Securities and Exchange Commission (SEC) sometime this year will require corporate boards to clean up their cybersecurity act and increase transparency by disclosing cybersecurity incidents with full details to the SEC and investors within four business days.

Cybersecurity

Cybersecurity Cyber Risk CISO Risk

Survey Reveals Limits of CISOs’ Management Experience

Security Boulevard

DECEMBER 13, 2022

A global survey from recruitment firm Marlin Hawk that polled 470 CISOs at organizations with more than 10,000 employees found nearly half (45%) have been in their current role for two years or less. The post Survey Reveals Limits of CISOs’ Management Experience appeared first on Security Boulevard.

CISO

CISO Security Awareness Risk Government

Dawn Cappelli: ‘A CISO needs to bring business value to the company’

SC Magazine

JUNE 10, 2021

One of a series of security leadership profiles prepared by Cybersecurity Collaborative in conjunction with SC Media. Cybersecurity Collaborative is a membership community for cybersecurity leaders to work together in a trusted environment. Dawn Cappelli is VP and CISO at Rockwell Automation. Find out more here.

CISO

CISO Risk Manufacturing Cybersecurity

From Compliance to Resilience: Cyber Governance as the Cornerstone of CISO Strategy

Best Practices Q&A: Guidance about what directors need to hear from CISOs — from a board member

Trending Sources

Cybersecurity Infrastructure Investment Crashes and Burns Without Governance

CISO Liability Risk and Jail Time, (ISC)2 Bylaw Vote and the Value of Cybersecurity Certifications

Strengthening Cybersecurity in Local Government: How to Protect Networks Amid an Epidemic

Four Steps to Cutting Cybersecurity Budgets Without Increasing Risk

CISO Stories Podcast: No Insider Cybersecurity Risk? Guess Again!

2021 Cybersecurity: Mitigating Mobile Security Risks for CISOs

Top skill-building resources and advice for CISOs

Developing a Risk Management Approach to Cybersecurity

International Association of Chiefs of Police (IACP) Appoints CyberSecurity Expert Witness Joseph Steinberg To Computer Crime & Digital Evidence Committee

Sisense Hacked: CISA Warns Customers at Risk

How a CISO Values CCSP Training and Certification

Why an HR-IT Partnership is Critical for Managing Cybersecurity Risk

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 3)

What the White House’s Cybersecurity Strategy Means for CISOs

Different Types of CISOs, Diverse Missions

Today’s CISO Insights – How to Tackle the Quantum Threat

CISO Stories Podcast: Which Approach Wins – Compliance or Risk?

What the Charges Against the SolarWinds CISO Mean for Security in 2024

New SEC Cybersecurity Rules and What It Means for Board Oversight

Should the CISO Report to the CIO?

Understanding SEC Cyber Disclosure Rules and CISO Liability

Inside the Complex Universe of Cybersecurity

Local government cybersecurity: 5 best practices

Nine Top of Mind Issues for CISOs Going Into 2023

Identity Governance: Right People, Right Access, Right Time

SEC Moves up Start Date of Reporting Material Cybersecurity Incidents

New York Enhances Cybersecurity Regulations of Financial Services

Burnout: The Hidden Cost of Working in Cybersecurity & Other High Risk Fields

People Skills Outweigh Technical Prowess in the Best Security Leaders

Three Risk Mitigation Strategies to Address the Latest Data Security Threats

Has ESG Become aWake-Up Call for Cybersecurity?

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

Why the modern CISO should plan for greater Cybersecurity Regulations in the Biden Era

Former Uber CISO Conviction Affirmed by Trial Court

December 15 Marks Deadline for SEC's New Cyber Disclosure Rules

Is fighting cybercrime a losing battle for today’s CISO?

Security Experts Assess 2.0 Draft of NIST Cybersecurity Framework

Prosecutors Argue for 15 Months in Jail for Uber CISO

CISO workshop slides

SEC to Put More Onus on Corporate Boards for Cybersecurity

Survey Reveals Limits of CISOs’ Management Experience

Dawn Cappelli: ‘A CISO needs to bring business value to the company’

Stay Connected