CISO, Cybersecurity, Penetration Testing and Risk

Top 9 Trends In Cybersecurity Careers for 2025

eSecurity Planet

OCTOBER 18, 2024

As they do, they create more security vulnerabilities and inherent business, changing the nature of cybersecurity careers. Meanwhile, according to non-profit trade association CompTIA’s Cyberseek tool, nearly half a million cybersecurity jobs were open between May 2023 and April 2024 in the U.S., million workers.

Cybersecurity

Cybersecurity Artificial Intelligence Penetration Testing CISO

Women in Cybersecurity & IWD: Why I’m Done!

Jane Frankland

MARCH 8, 2025

For nearly a decade, we’ve heard the same discussion in cybersecurity circles about the gender diversity problem. As the first women owned penetration testing provider in the UK some 28-years ago, Ive researched, campaigned, written, spoken and stepped up as a visible role model, always presenting the business case.

Cybersecurity

Cybersecurity Penetration Testing Accountability Cyber Risk

News alert: Security Risk Advisors launchs VECTR Enterprise Edition for ‘purple team’ benchmarking

The Last Watchdog

AUGUST 2, 2024

1, 2024, CyberNewsWire — Security Risk Advisors (SRA) announces the launch of VECTR Enterprise Edition , a premium version of its widely-used VECTR platform for purple teams and adversary management program reporting and benchmarking. About VECTR : VECTR™ is developed and maintained by Security Risk Advisors.

Risk

Risk Penetration Testing CISO System Administration

Cybersecurity Insights with Contrast CISO David Lindner | 8/12

Security Boulevard

AUGUST 12, 2022

Penetration testing and vulnerability scanning are two different things. Penetration testing will give you information about exploiting vulnerabilities whereas a vulnerability scan will just provide you with potential avenues for exploitation. Insight #1. Insight #2. ". Security is now a part of the business.

CISO

CISO Penetration Testing Cybersecurity Risk

JPMorgan Chase CISO Warns of SaaS Security Crisis and Supply Chain Risk

Penetration Testing

APRIL 29, 2025

In an open letter, Patrick Opet, Chief Information Security Officer (CISO) at JPMorgan Chase, raises a critical alarm The post JPMorgan Chase CISO Warns of SaaS Security Crisis and Supply Chain Risk appeared first on Daily CyberSecurity.

CISO

CISO Risk Information Security Cybersecurity

GUEST ESSAY: 7 tips for protecting investor data when it comes to alternative asset trading

The Last Watchdog

JULY 11, 2023

Conduct regular penetration testing. Regular and thorough penetration testing is crucial for identifying vulnerabilities within trading systems. Having access to a partner focused in cybersecurity brings fresh perspectives and allows for an unbiased evaluation of the systems in use.

Penetration Testing

Penetration Testing Antivirus Threat Detection Encryption

Let’s Talk Cybersecurity on the Agent of Influence Podcast

NetSpi Executives

MARCH 25, 2025

Become the Influence A NetSPI podcast, Agent of Influence features experts in the cybersecurity field as they engage in conversation with Nabil Hannan, NetSPI Field CISO and podcast host, about the life and challenges as a leader in cybersecurity. Explore our past conversations with cybersecurity industry leaders.

Cybersecurity

Cybersecurity CISO Penetration Testing Financial Services

A CISO's Guide to a Good Night's Sleep

SecureWorld News

SEPTEMBER 30, 2020

It is a common feeling in the cybersecurity community that CISOs do not sleep well at night. CISOs worry about the latest incident, end of life technology in their environment, breaches in the news, insecure users and vendors, penetration testing results, budget and resources, and the latest vulnerability report (to name a few).

CISO

CISO Penetration Testing Technology Antivirus

NYDFS Cybersecurity Regulation: Dates, Facts and Requirements

Centraleyes

MARCH 13, 2025

New York, the city that never sleeps, is also the city that takes cybersecurity very seriously. If you’re part of the financial services ecosystem hereor interact with businesses regulated by the New York State Department of Financial Servicesyouve likely come across the NYDFS Cybersecurity Regulation. Dont fall into this trap.

Cybersecurity

Cybersecurity Financial Services Risk Encryption

NetSPI Lands $410 Million in Funding – And Other Notable Cybersecurity Deals

eSecurity Planet

OCTOBER 17, 2022

NetSPI, a top penetration testing and vulnerability management company, recently announced a $410 million funding round, a huge amount in a year in which $100+ million rounds have become a rarity. According to data from Crunchbase , the total amount of investments in cybersecurity startups came to $2.6

Cybersecurity

Cybersecurity Penetration Testing CISO Marketing

What is the CISO Experience in a Red Team Exercise?

NetSpi Executives

JANUARY 16, 2024

You’re about to have your first Red Team experience, or maybe your first one in the CISO seat of your organization. If your goal is to absolutely find a way from the outside into your organization, you probably should do an External Network Penetration Test instead. How Often Should I Plan for Red Team Testing?

CISO

CISO Penetration Testing Social Engineering Engineering

Cross-post: Office of the CISO 2024 Year in Review: AI Trust and Security

Anton on Security

JANUARY 28, 2025

Mitigating these risks requires robust security protocols including prompt sanitization, data governance policies, access controls, output filtering, data source vetting, and continuous monitoring, coupled with responsible AI practices such as data curation, model stress-testing, and customer safetytools.

CISO

CISO Risk Government Artificial Intelligence

New SEC Cybersecurity Rules Could Affect Private Companies Too

eSecurity Planet

SEPTEMBER 23, 2022

Securities and Exchange Commission (SEC) strongly advised public companies to improve their cybersecurity. However, after minimal corporate adoption of stronger cybersecurity, the SEC has drafted rules to require more formal cybersecurity reporting and disclosure. See the top Governance, Risk & Compliance (GRC) tools.

Cybersecurity

Cybersecurity Risk Passwords Encryption

The Penetration Testing Process

Mitnick Security

JUNE 27, 2023

As a Chief Information Security Officer (CISO), you have the responsibility of not only directing your organization’s security but also conveying your risk status to leadership. According to Cybersecurity Magazine, 60% of small businesses go out of business within six months of falling victim to a data breach or cyber attack.

Penetration Testing

Penetration Testing Small Business CISO Data breaches

IATA Cyber Regulations

Centraleyes

DECEMBER 11, 2024

The International Air Transport Association (IATA) Cyber Security Regulations represent a set of guidelines and standards aimed at enhancing cybersecurity resilience within the aviation industry. Governments and regulatory authorities may also mandate compliance with IATA standards to align with broader cybersecurity strategies.

Risk

Risk Cybersecurity Penetration Testing Digital transformation

Simplifying Compliance in the Complex U.S. FinServ Regulatory Landscape

Thales Cloud Protection & Licensing

JANUARY 16, 2025

Some of the most important are Gramm-Leach-Bliley Act ( GLBA ), the National Association of Insurance Commissioners ( NAIC ) Data Security Model Law, the New York Department of Financial Services ( NYDFS ) Cybersecurity Regulation, and the National Credit Union Administration ( NCUA ) cybersecurity guidance.

Financial Services

Financial Services Encryption Insurance Government

What companies need to know about ‘SecOps’ — the path to making ‘digital transformation’ secure

The Last Watchdog

AUGUST 21, 2018

The security team needs to be at the table, working alongside the developers and the operations teams, providing the risk management view for security. Applications now are more valuable than ever, but they also expose organizations to more risk than ever before,” Cornell says. The tests drive results while resolving security issues.

Digital transformation

Digital transformation Penetration Testing IoT Risk

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

eSecurity Planet

MAY 2, 2024

The 2023 vendor surveys arriving this quarter paint a picture of a cybersecurity landscape under attack, with priority issues affecting deployment, alert response, and exposed vulnerabilities. This article details two major findings from the report: five major cybersecurity threats and prioritization problems.

Cybersecurity

Cybersecurity DDOS Penetration Testing Passwords

Ask These 5 AI Cybersecurity Questions for a More Secure Approach to Adversarial Machine Learning

NetSpi Executives

FEBRUARY 21, 2024

Artificial Intelligence (AI) and Machine Learning (ML) present limitless possibilities for enhancing business processes, but they also expand the potential for malicious actors to exploit security risks. For a comprehensive view of security in ML models, access our white paper, “ The CISO’s Guide to Securing AI/ML Models.”

Artificial Intelligence

Artificial Intelligence Cybersecurity Penetration Testing Architecture

Top VC Firms in Cybersecurity of 2022

eSecurity Planet

APRIL 26, 2022

Achieving funding is no simple task, and cybersecurity entrepreneurs have a difficult path competing in a complex and competitive landscape. Luckily for cybersecurity startups, there’s no shortage of interest in tomorrow’s next big security vendors. Investments in cybersecurity more than doubled from $12 billion to $29.5

Cybersecurity

Cybersecurity Technology Marketing Healthcare

Sunsetting legacy Cybersecurity Process for Better Optimization and Security Modernization

Security Boulevard

SEPTEMBER 19, 2022

Sunsetting legacy Cybersecurity Process for Better Optimization and Security Modernization. The idea of “if it isn’t broken, don’t fix it” should not apply to cybersecurity. Threat modeling (Risk management, vulnerability, and penetration testing). Risk-based budget modeling alignment with cybersecurity.

Cybersecurity

Cybersecurity Architecture Risk Insurance

The Decisions that Dictate the ROIs of Pen Testing

SecureWorld News

APRIL 27, 2023

Penetration testing is a critical cybersecurity and compliance tool today, but it's also highly misunderstood. First, pen tests have materially changed in the last couple of years, and many CIOs and CISOs still think of pen tests the way they used to be. What are the top threats they are fighting?

Penetration Testing

Penetration Testing CISO IoT Risk

How the Great Supply Chain Disruption Affects IT Security

Duo's Security Blog

DECEMBER 2, 2021

For the last few years, one of the main topics in the cybersecurity world has been the dissolving perimeter , which increasingly places resources and assets outside our immediate sphere of control. This risk will ebb and flow as the nature of the supply chain changes. Already CISOs often chat offline.

CISO

CISO Penetration Testing Risk Authentication

NYDOH Cybersecurity Regulations: What Healthcare Providers Need to Know in 2025

Centraleyes

DECEMBER 19, 2024

But New Yorks new cybersecurity regulations take things to the next level. While HIPAA mandates the protection of electronic health information (ePHI) through administrative, physical, and technical safeguards, it doesnt go into the weeds of specific cybersecurity practices. Whats New in the NY Cybersecurity Regulations?

Healthcare

Healthcare Cybersecurity Penetration Testing CISO

Protecting your Customers and Brand in 2022: Are you doing enough?

Jane Frankland

APRIL 28, 2022

Nowadays, organisations need digital leaders such as CIOs, CISOs, and CTOs who are strategists, visionaries, and know how to manage, effectively. The pressure for those in charge is immense as cyber risks have scaled, and can now bring businesses, economies, and communities to a halt. billion) is expected online.

CISO

CISO Mobile Technology Risk

Red Team vs Blue Team vs Purple Team: Differences Explained

eSecurity Planet

FEBRUARY 21, 2023

Red, blue and purple teams simulate cyberattacks and incident responses to test an organization’s cybersecurity readiness. Blue team members might be led by a chief information security officer (CISO) or director of security operations, making this team the largest among the three.

Social Engineering

Social Engineering Penetration Testing Engineering Risk

Testing to Ensure Your Security Posture Never Slouches

McAfee

JUNE 17, 2021

Imagine if you had one place where you found a comprehensive real time security posture that tells you exactly where the looming current cyber risks are and the impact? That well-publicized attack spurred considerable interest in cybersecurity assessments. Risk and Posture. Risk and Posture.

Penetration Testing

Penetration Testing CISO Risk Cyber Insurance

What is Vulnerability Scanning & How Does It Work?

eSecurity Planet

FEBRUARY 8, 2023

Cybersecurity vendors and developers have responded to these growing challenges by evolving vulnerability scanning tools and integrating these solutions as part of an integral, holistic vulnerability management framework. Findings are used to get a clear idea of the risks, factors, and threats levels.

Penetration Testing

Penetration Testing Software IoT Policy Compliance

Six Steps to Protect Your Organization from Ransomware | #RansomwareWeek

CyberSecurity Insiders

JUNE 24, 2021

Conduct risk assessments and penetration tests to determine the organization’s attack surface and what tools, processes and skills are in place to defend against attacks. If an attack occurs, Gartner notes, the press is likely to contact company directors, not the CISO. Initial Assessments. Ransomware Governance.

Ransomware

Ransomware Backups Penetration Testing Education

ROUNDTABLE: Why T-Mobile’s latest huge data breach could fuel attacks directed at mobile devices

The Last Watchdog

AUGUST 19, 2021

Related: Kaseya hack worsens supply chain risk. Last Watchdog convened a roundtable of cybersecurity experts to discuss the ramifications, which seem all too familiar. But if you’re acting as a bank with tens of millions of customers, you need to run cybersecurity like a bank with tens of millions of customers.

Mobile

Mobile Data breaches Authentication Accountability

2025 Cybersecurity Trends That Redefine Resilience, Innovation, and Trust

NetSpi Executives

DECEMBER 3, 2024

The cybersecurity landscape is always changing, and 2025 is a continuation of this evolution. An opportunity to rethink resilience, innovation, and accountability in cybersecurity. An opportunity to rethink resilience, innovation, and accountability in cybersecurity.

Cybersecurity

Cybersecurity CISO Social Engineering Accountability

Cross-post: Office of the CISO 2024 Year in Review: AI Trust and Security

Security Boulevard

JANUARY 28, 2025

Mitigating these risks requires robust security protocols including prompt sanitization, data governance policies, access controls, output filtering, data source vetting, and continuous monitoring, coupled with responsible AI practices such as data curation, model stress-testing, and customer safetytools.

CISO

CISO Risk Government Artificial Intelligence

The secrets to start a cybersecurity career

Responsible Cyber

JULY 14, 2024

Introduction In today’s digital age, cybersecurity is incredibly important. This has created a high demand for cybersecurity professionals who can defend against these attacks, making it an exciting and fulfilling field to work in. The need for cybersecurity professionals is greater than ever before.

Cybersecurity

Cybersecurity Education Penetration Testing Engineering

Attack Surface Management for the Adoption of SaaS

CyberSecurity Insiders

SEPTEMBER 20, 2022

Earlier this year, I had the opportunity to speak before a group of CISOs about the topic of attack surface management (ASM). To make things even harder, there is no generally agreed upon and common SaaS security shared responsibility model and each new deployment, configuration, and integration can change the risk calculus.

Threat Detection

Threat Detection Risk Penetration Testing Internet

Are You Prepared for Cybersecurity in the Boardroom?

McAfee

NOVEMBER 12, 2020

Cybersecurity can be one of the most nuanced and important areas of focus for a board, but not all board members are well versed in why and what they need to care about related to cybersecurity. Cybersecurity is a board level topic for three main reasons: Cybersecurity breaches are a serious matter for any company.

Cybersecurity

Cybersecurity Government Risk Penetration Testing

NYDFS Cybersecurity Regulations: Will You Be Ready?

NopSec

JANUARY 4, 2017

When new cybersecurity regulations from the New York Department of Financial Services (NYDFS) take effect on March 1, 2017, financial institutions will have 180 days to implement them. Area #1: Establishment of a Cybersecurity Program If your organization is wondering what to do first, this is an area to prioritize.

Cybersecurity

Cybersecurity Penetration Testing CISO Cyber Risk

Breach of healthcare debt collection firm exposes 1.9M patients – cyber experts weigh in

CyberSecurity Insiders

JULY 19, 2022

We’ve spoken with several cybersecurity experts to hear their insights about this breach. Neil Jones, director of cybersecurity evangelism, Egnyte. “As ransomware attacks continue to devastate the healthcare industry, leaders must increase their cybersecurity visibility of known and unknown assets.

Healthcare

Healthcare Ransomware Encryption Penetration Testing

Vulnerability Management Policy Template

eSecurity Planet

MAY 12, 2023

This vulnerability management policy defines the requirements for the [eSecurity Planet] IT and security teams to protect company resources from unacceptable risk from unknown and known vulnerabilities. Broader is always better to control risks, but can be more costly.] Vulnerability Management Policy & Procedure A.

Penetration Testing

Penetration Testing Risk Firmware Software

Security Leaders Can Lower Expenses While Reducing Risk

Lenny Zeltser

AUGUST 23, 2023

As companies seek to optimize operations and constrain expenses, cybersecurity leaders worry about funding the projects we consider essential. Fortunately, in such an economic climate, we can achieve an outcome that benefits the organization from cybersecurity as well as financial perspectives. Here’s how.

Risk

Risk Penetration Testing Cybersecurity CISO

Risk-Based Vulnerability Management: Efficient + Effective

NopSec

MAY 11, 2022

We described in the previous blog post the difference between vulnerability management and risk management. A quick reminder: vulnerabilities are the weaknesses an organization has internally while risks are the threats existing externally that potentially could harm the organization. Let’s dig in to see how that works.

Risk

Risk IoT Penetration Testing Software

From Spreadsheets to Solutions: How PlexTrac Enhances Security Workflows

Security Boulevard

MARCH 23, 2025

Discover how PlexTrac addresses these issues by integrating various data sources, providing customized risk scoring, and enhancing remediation workflows. The episode offers an insightful [] The post From Spreadsheets to Solutions: How PlexTrac Enhances Security Workflows appeared first on Shared Security Podcast.

Risk

Risk Penetration Testing Social Engineering Data privacy

AI in Cybersecurity: How to Cut Through the Overhype and Maximize the Potential

CyberSecurity Insiders

DECEMBER 4, 2021

.–( BUSINESS WIRE )–Artificial intelligence (AI), machine learning (ML), and deep learning (DL) are often applied in cybersecurity, but their applications may not always work as intended. On the other hand, there are a few areas where ML is overused.

Cybersecurity

Cybersecurity Education Artificial Intelligence Engineering

NYDFS Cybersecurity Regulations: Key Deadlines

NopSec

AUGUST 21, 2017

The first traditional deadline is coming to a close this month for compliance with the NYDFS Cybersecurity Regulations. Keep in mind that at this point, all documentation and information related to your cybersecurity program must be made available to the superintendent upon request. Appointing a CISO (section 500.4(a))

Cybersecurity

Cybersecurity CISO Risk Penetration Testing

Beyond Compliance: Building a Culture of Continuous Security Improvement

SecureWorld News

SEPTEMBER 5, 2024

When businesses consider compliance as the final objective, they may overlook other important aspects of security, such as real-time threat detection and proactive risk management—this narrow focus can result in vulnerabilities that sophisticated attackers can exploit. Following Zero Trust methods and the principle of least privilege.

Threat Detection

Threat Detection Phishing Penetration Testing Education

Top 9 Trends In Cybersecurity Careers for 2025

Women in Cybersecurity & IWD: Why I’m Done!

Trending Sources

News alert: Security Risk Advisors launchs VECTR Enterprise Edition for ‘purple team’ benchmarking

Cybersecurity Insights with Contrast CISO David Lindner | 8/12

JPMorgan Chase CISO Warns of SaaS Security Crisis and Supply Chain Risk

GUEST ESSAY: 7 tips for protecting investor data when it comes to alternative asset trading

Let’s Talk Cybersecurity on the Agent of Influence Podcast

A CISO's Guide to a Good Night's Sleep

NYDFS Cybersecurity Regulation: Dates, Facts and Requirements

NetSPI Lands $410 Million in Funding – And Other Notable Cybersecurity Deals

What is the CISO Experience in a Red Team Exercise?

Cross-post: Office of the CISO 2024 Year in Review: AI Trust and Security

New SEC Cybersecurity Rules Could Affect Private Companies Too

The Penetration Testing Process

IATA Cyber Regulations

Simplifying Compliance in the Complex U.S. FinServ Regulatory Landscape

What companies need to know about ‘SecOps’ — the path to making ‘digital transformation’ secure

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

Ask These 5 AI Cybersecurity Questions for a More Secure Approach to Adversarial Machine Learning

Top VC Firms in Cybersecurity of 2022

Sunsetting legacy Cybersecurity Process for Better Optimization and Security Modernization

The Decisions that Dictate the ROIs of Pen Testing

How the Great Supply Chain Disruption Affects IT Security

NYDOH Cybersecurity Regulations: What Healthcare Providers Need to Know in 2025

Protecting your Customers and Brand in 2022: Are you doing enough?

Red Team vs Blue Team vs Purple Team: Differences Explained

Testing to Ensure Your Security Posture Never Slouches

What is Vulnerability Scanning & How Does It Work?

Six Steps to Protect Your Organization from Ransomware | #RansomwareWeek

ROUNDTABLE: Why T-Mobile’s latest huge data breach could fuel attacks directed at mobile devices

2025 Cybersecurity Trends That Redefine Resilience, Innovation, and Trust

Cross-post: Office of the CISO 2024 Year in Review: AI Trust and Security

The secrets to start a cybersecurity career

Attack Surface Management for the Adoption of SaaS

Are You Prepared for Cybersecurity in the Boardroom?

NYDFS Cybersecurity Regulations: Will You Be Ready?

Breach of healthcare debt collection firm exposes 1.9M patients – cyber experts weigh in

Vulnerability Management Policy Template

Security Leaders Can Lower Expenses While Reducing Risk

Risk-Based Vulnerability Management: Efficient + Effective

From Spreadsheets to Solutions: How PlexTrac Enhances Security Workflows

AI in Cybersecurity: How to Cut Through the Overhype and Maximize the Potential

NYDFS Cybersecurity Regulations: Key Deadlines

Beyond Compliance: Building a Culture of Continuous Security Improvement

Stay Connected