CISO and Engineering - Cyber Security Informer

Author’s Q&A: It’s high time for CISOs to start leading strategically — or risk being scapegoated

The Last Watchdog

MAY 13, 2025

Related: How real people are really using GenAI Todays Chief Information Security Officers (CISOs) operate in a pressure cooker: responsible for protecting critical assets, expected to show up in the boardroom with fluency, yet rarely granted the authority, resources or organizational alignment to succeed. Its not a people problem.

CISO

CISO Risk Cybersecurity Government

Fake CISO Profiles on LinkedIn Target Fortune 500s

Krebs on Security

SEPTEMBER 30, 2022

Someone has recently created a large number of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. It’s not clear who’s behind this network of fake CISOs or what their intentions may be. Of course, Sites is not the real CISO of Chevron.

CISO

CISO Cybercrime Accountability Information Security

From Pest Control to Cybersecurity: What CISOs Can Learn from Pestie

SecureWorld News

JANUARY 21, 2025

As I was spraying Pestiea DIY pest spray subscription servicearound my home this weekend (sun's out, spray gun's out), I was thinking about the correlation of this home perimeter defense to what CISOs and their teams do to keep their organizations secure. CISO takeaway: Effective cybersecurity isn't a generic solution.

CISO

CISO Cybersecurity Cyber threats Education

Fortinet CISO Details ‘Phish-Free’ Phishing Scheme Using PayPal

Security Boulevard

JANUARY 9, 2025

A bad actor is using a Microsoft 365 test domain and a self-created distribution list to bypass traditional email protections and entice victims to hand over their PayPal account information in what Fortinet's CISO is calling a "phish-free" phishing campaign.

CISO

CISO Phishing Accountability Social Engineering

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Responses edited for clarity and length: Ambuj Kumar , CEO, Simbian Kumar While the SEC has fined the corporations, CISOs are worried that they may be held individually responsible and feel targeted by both attackers and now law enforcement. Some have moved away from the CISO role. Simply put, there would be nothing to hide.

CISO

CISO CSO Risk Cyber threats

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

Well see CISOs increasingly demand answers about why models flag certain malicious activity and how that activity is impactful at enterprise scale. Chearis Karsten Chearis , US Security Sales Engineer Team Lead, XM Cyber Resiliency involves four stages, while compromise has three phases: about to be compromised, compromised, and recovering.

Cyber threats

Cyber threats CISO IoT Phishing

GUEST ESSAY: How AI co-pilots boost the risk of data leakage — making ‘least privilege’ a must

The Last Watchdog

FEBRUARY 25, 2025

Ive spoken with numerous CIOs and CISOs who say these issues are directly impacting rollout plans at major enterprises. He earned an electrical engineering degree from Purdue University. Patchwork fixes fall short This reality is hitting hard. Alkove Microsofts response? About the essayist: Jim Alkove is co-founder and CEO of Oleria.

Risk

Risk CISO Engineering

Top 9 Trends In Cybersecurity Careers for 2025

eSecurity Planet

OCTOBER 18, 2024

It is generalized and entry-level, but it demonstrates a core level of competency that can be a building block of almost any career in cybersecurity, whether in administration, engineering, or development. It’s obviously a step to penetration testing, but it’s also helpful for architect, engineer, and analyst jobs.

Cybersecurity

Cybersecurity Artificial Intelligence Penetration Testing CISO

On the Cybersecurity Jobs Shortage

Schneier on Security

SEPTEMBER 20, 2023

The numbers never made sense to me, and Ben Rothke has dug in and explained the reality : …there is not a shortage of security generalists, middle managers, and people who claim to be competent CISOs. Nor is there a shortage of thought leaders, advisors, or self-proclaimed cyber subject matter experts.

Cybersecurity

Cybersecurity Engineering CISO Architecture

Anton’s Security Blog Quarterly Q1 2025

Anton on Security

APRIL 25, 2025

Detection Engineering is Painfuland It Shouldnt Be (Part1) NEW Antons Alert Fatigue: TheStudy Revisiting the Visibility Triad for 2020 (update for 2025 is comingsoon) Beware: Clown-grade SOCs StillAbound Why is Threat Detection Hard? ( NEWERVERSION ) Debating SIEM in 2023, Part1 Debating SIEM in 2023, Part2 Log Centralization: The End IsNigh?

Threat Detection

Threat Detection CISO Cloud Migration Digital transformation

Social Engineering Attacks Hacking Humans Today

Security Boulevard

MARCH 6, 2021

and podcast series during which cybersecurity experts discuss new zero-hour phishing attacks before a live audience of CISOs, CSOs and cybersecurity professionals. In Episode Two, Zero-Hour Attacks Hacking Humans Today, Patrick is joined by Chris Hadnagy, the Founder and CEO of The Social Engineer and host of the […].

Social Engineering

Social Engineering Engineering Hacking CISO

Cybersecurity Insights with Contrast CISO David Lindner | 04/11/25

Security Boulevard

APRIL 11, 2025

The post Cybersecurity Insights with Contrast CISO David Lindner | 04/11/25 appeared first on Security Boulevard. Smart orgs are already shifting to private-sector threat intel, red-teaming services, and collaborative alliances that move faster and hit harder.

CISO

CISO Cybersecurity Government Social Engineering

CISO Guide to Business Email Compromise

Tech Republic Security

MAY 25, 2023

This type of email attack occurs when a cybercriminal uses social engineering to impersonate a trusted contact—typically an executive, co-worker, vendor, or partner—in an effort to steal money or valuable information. The post CISO Guide to Business Email Compromise appeared first on TechRepublic. billion lost in 2022 alone.

CISO

CISO Social Engineering Engineering Cybersecurity

News alert: Aptori’s AI-driven platform reduces risk, ensures compliance — now on Google Marketplace

The Last Watchdog

MARCH 12, 2025

Acting as a proactive teammate, Aptori’s AI Security Engineer works alongside developers and security teams to identify security weaknesses, assess risk, and implement fixes in real-time. The result is deeper coverage and more precise security insights.

Risk

Risk Engineering Digital transformation Technology

Reaction to Social Engineering Indicative of Cybersecurity Culture

Security Boulevard

JULY 5, 2021

It was a master class in social engineering, one that put an organization’s security posture at risk. Social engineering attacks like phishing take advantage of an employee’s awareness of. The post Reaction to Social Engineering Indicative of Cybersecurity Culture appeared first on Security Boulevard.

Social Engineering

Social Engineering Engineering Cybersecurity Phishing

Today’s CISO Insights – How to Tackle the Quantum Threat

CyberSecurity Insiders

MAY 3, 2023

This is why CISOs everywhere should be concerned. In a typical SNDL attack, the attacker gains access to encrypted data by intercepting network traffic, accessing data stores, or by using techniques such as social engineering or malware to gain access to critical information. You may have staff in your company in the same situation.

CISO

CISO Identity Theft Encryption Social Engineering

GUEST ESSAY: Why CISOs absolutely must take authentication secrets much more seriously

The Last Watchdog

MARCH 1, 2023

This requires going beyond traditional practices and involving developers, security engineers, and operations in detection, remediation, and prevention. To combat these challenges, organizations must have visibility into vulnerabilities at all levels.

Authentication

Authentication CISO Passwords Software

Hello, I am CISO Helen. Nice To Meet You :-)

Duo's Security Blog

FEBRUARY 23, 2021

Hello, I am Helen Patton, and I am the newest Advisory CISO at Duo. While I was a CISO at Ohio State we partnered with Duo to implement MFA across our organization. Talk to a Higher Education CISO (note to security product engineers – if you ever want a testbed for your ideas, partner with a university). We don’t care.

CISO

CISO Education Banking Retail

UnitedHealth Hires Longtime Cybersecurity Executive as CISO

Security Boulevard

OCTOBER 31, 2024

UnitedHealth Group, which is still picking up the pieces after a massive ransomware attack that affected more than 100 million people, hired a new and experienced CISO to replace the previous executive who became a target of lawmakers for having no cybersecurity background.

CISO

CISO Cybersecurity Ransomware Social Engineering

Battling Burnout: A Growing Concern for CISOs and Security Professionals

SecureWorld News

JUNE 20, 2024

As defenders of digital assets, Chief Information Security Officers (CISOs) and cybersecurity professionals face immense pressure, often leading to burnout. Key findings from the report include: 90% of CISOs are concerned about stress, fatigue, or burnout affecting their team's well-being.

CISO

CISO Cybersecurity Technology Digital transformation

Fake LinkedIn CISO Profiles Target Top Companies

SecureWorld News

OCTOBER 3, 2022

Most recently, one of those new schemes involves fake LinkedIn profiles representing Chief Information Security Officers (CISOs) at some of the world's largest corporations. CISO profiles spoofed on LinkedIn. One of the fake profiles that was discovered was for one Victor Sites, claiming to be the CISO at Chevron.

CISO

CISO Engineering Healthcare Cryptocurrency

Secure Communications: Relevant or a Nice to Have?

Jane Frankland

FEBRUARY 7, 2025

But as a CISO or cyber risk owner, it’s not just about locking down sensitive informationits about doing it without slowing down your people. Amid a backdrop of increasingly sophisticated and frequent cyberattacks, APTs are a growing concern for CISOs and cyber risk owners.

Cyber Risk

Cyber Risk CISO Risk Encryption

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

FIPS-203 enables legal PQC deployment, prompting CISOs to overhaul encryption strategies. Organizations face rising risks of AI-driven social engineering and personal device breaches. Quantum computing advances are making traditional encryption obsolete, and adversaries are stockpiling data for future decryption.

Risk

Risk Threat Detection Technology Phishing

News Alert: INE Security enables CISOs to secure board support for cybersecurity training

The Last Watchdog

MAY 28, 2024

Cary, NC, May 28, 2024, CyberNewsWire — If there is a single theme circulating among Chief Information Security Officers (CISOs) right now, it is the question of how to get stakeholders on board with more robust cybersecurity training protocols. But it isn’t a question of ”if” an organization will be targeted, but “when.”

CISO

CISO Cybersecurity Data breaches Cyber threats

This Mental Health Awareness Month, Cyber Resilience Starts Within

SecureWorld News

MAY 6, 2025

CISOs and their teams operate in a high-stakes environment where every misstep can result in breach headlines, financial loss, or reputational damage. And they impact more than the professionals themselves; when CISOs and their teams are stretched thin, the entire organization's security posture is at risk.

CISO

CISO InfoSec Cybersecurity Architecture

Russia's COLDRIVER Targets Western Entities with 'LOSTKEYS' Malware

SecureWorld News

MAY 9, 2025

The method, known as "ClickFix," leverages social engineering to bypass traditional email-based defenses. The LOSTKEYS malware shows how attackers are getting smarter at tricking people and sneaking past basic security tools, especially by using fake websites and social engineering to get users to run harmful scripts," said J.

Malware

Malware Social Engineering Engineering Government

How I pwned an ex-CISO and the Smashing Security Podcast

Javvad Malik

APRIL 9, 2021

Yes, social engineering is a real thing and we need to be wary of it. Social engineered Graham into telling us what time the recording was taking place. FacebookPassword1, TwitterPassword1, then you can easily guess what your other passwords are. It would be a really poor world if we distrusted everyone and everything.

Social Engineering

Social Engineering CISO Engineering Passwords

Cybersecurity Insights with Contrast Security CISO David Lindner | 5/6

Security Boulevard

MAY 5, 2022

"Do a search for the top 200 most common passwords in your favorite search engine. The post Cybersecurity Insights with Contrast Security CISO David Lindner | 5/6 appeared first on Security Boulevard. If any of your passwords are in this list, change them.". . Insight #3. Make it part of your life and routine today.".

CISO

CISO Password Management Cybersecurity Passwords

How to unleash the power of an effective security engineering team

CSO Magazine

FEBRUARY 9, 2023

Security engineering teams, on the other hand, are builders. Security engineering teams are typically made up of software and infrastructure engineers, architects, and product managers. As security engineering teams continue to grow in prominence, CISOs need to be intentional with their structure and development.

Engineering

Engineering CISO Software Risk

MY TAKE: RSAC 2025’s big takeaway — GenAI is growing up fast, but still needs human direction

The Last Watchdog

MAY 5, 2025

He told me he takes his responsibility to vet every GenAI output vigorously especially when deploying it to come up with information relayed back to customers with engineering backgrounds. His bottom line: prompt engineering is now a frontline skill. But like any high-performance engine, it demands an attentive driver.

Engineering

Engineering DDOS Threat Detection Artificial Intelligence

MailChimp Suffers Data Breach in Latest Social Engineering Attack

SecureWorld News

JANUARY 20, 2023

Popular email marketing service MailChimp recently fell victim to another data breach, this time caused by a successful social engineering attack on its employees and contractors. The investigation into the incident is ongoing, and the company has urged its users to contact ciso@mailchimp.com if they have any questions regarding the incident.

Social Engineering

Social Engineering Data breaches Engineering Accountability

Years overdue, the profile of the CISO begins to rise as cyber grabs attention in boardrooms

SC Magazine

FEBRUARY 4, 2021

While technically part of the c-suite, CISOs historically received less attention within a company than your average CEO or chief financial officer. CISOs] are in more conversations, they’re asked for input,” said Leo Taddeo, chief security officer for Cyxtera. Our profile is certainly getting higher. Failure to communicate.

CISO

CISO Digital transformation Insurance Risk

What is the CISO Experience in a Red Team Exercise?

NetSpi Executives

JANUARY 16, 2024

You’re about to have your first Red Team experience, or maybe your first one in the CISO seat of your organization. Besides the debrief meeting and handing you deliverables, what’s next for a CISO after a Red Team exercise? In most cases, there will be significant security engineering and process overhaul project work.

CISO

CISO Penetration Testing Social Engineering Engineering

The Biggest Cybersecurity Risk We're Ignoring—And No, It's Not AI

SecureWorld News

FEBRUARY 28, 2025

This is because the whole paradigm around security training is building technical knowledge; whereas the whole point of successful social engineering is to bypass the logical and rational brain and bait the subconscious and emotions. What if we thought like a psychologist, not just a CISO? So what do we do? The solution? We're excited.

Cybersecurity

Cybersecurity Risk Social Engineering Phishing

DHS Calls for “Excellence in Software” in Log4j Report

Security Boulevard

SEPTEMBER 1, 2022

Interview with Mike Manrod, CISO, and Christian Taillon, IT Security Engineer at Grand Canyon Education. The post DHS Calls for “Excellence in Software” in Log4j Report appeared first on Security Boulevard.

Software

Software CISO Education Engineering

News alert: AcceleTrex unveils referral exchange that turns trusted conversations into scalable growth

The Last Watchdog

APRIL 14, 2025

14, 2025Today, AcceleTrex Corporation officially emerged from stealth, unveiling a first-of-its-kind platform that transforms expert referrals into a powerful growth engine for innovators. – Pam Fusco , CEO/CISO, Cyber Bear Group. Miami, FL, Apr. You have no idea how refreshing it is to meet intelligent people who truly grasp it.

Marketing

Marketing Artificial Intelligence CISO Technology

What CISOs can learn from the US Navy insider who stole nuclear secrets

CSO Magazine

NOVEMBER 23, 2021

Navy engineer, Jonathan Toebbe, who hoped to parley sensitive nuclear submarine secrets into a cool $5 million is now in hiatus as he sits in a West Virginia jail cell awaiting his December trial. The legal entanglement of the entrepreneurial U.S.

CISO

CISO Engineering Information Security

GUEST ESSAY: Cisco-Splunk merger will boost Snowflake – here’s how security teams can benefit.

The Last Watchdog

OCTOBER 23, 2023

Gonzalez Relying on data collection and organization tools like the traditional SIEM to analyze the various log data for threat detection requires constant updating of the analysis methods and, more importantly, puts the onus of observability onto the security engineer.

Architecture

Architecture Threat Detection Engineering Data collection

Top 5 Cyber Predictions for 2024: A CISO Perspective

Security Boulevard

JANUARY 2, 2024

This past year set a profound stage, from the advent of stringent cyber regulations to the convergence of generative AI, social engineering, and ransomware. Last year, we witnessed the fast-evolving nature of social engineering attacks, and this evolution poses greater challenges for detection and defense.

CISO

CISO Social Engineering Architecture Ransomware

Splunk Predictions 2024: Leadership Trends and Emerging Technologies

Tech Republic Security

DECEMBER 6, 2023

From resilience to board priorities, Splunk executives across security, IT and engineering weigh in on what to expect in the era of AI. C-suite transformation: CISOs, CTOs and CIOs will have expanded roles in the. Ready or not, here comes 2024. AI: The hype will pay off, but business impact will take another 12-24 months.

Technology

Technology CISO Engineering

NCSC warns industry, academia of foreign threats to their intellectual property

CSO Magazine

NOVEMBER 25, 2021

CISOs of companies both small and large understand how intellectual property (IP) and company infrastructure may be targeted from one of four vectors: malevolent insiders, unscrupulous competitors, criminals, or nation states.

Social Engineering

Social Engineering CISO Engineering Ransomware

Ghost Ransomware a Persistent Global Threat to Critical Infrastructure

SecureWorld News

FEBRUARY 20, 2025

Cybersecurity awareness and incident response Train employees to recognize phishing attempts and social engineering. This highlights the importance of least-privilege access models and Just-in-Time (JIT) access controls to limit attack surfaces. Enforce DMARC, DKIM, and SPF to prevent spoofing. Develop and test ransomware response plans.

Ransomware

Ransomware IoT Encryption Social Engineering

The Security Startup Ecosystem and the Trends Cisco is Watching

Cisco Security

JULY 21, 2021

Today, the Cisco Investments team released their 2021 CISO Survival Guide to Emerging Trends in the Startup Ecosystem. There is a wealth of insightful information for CISOs in this report. Because Zero Trust and XDR are integrated architectural outcomes, the majority of CISOs are anchoring their SASE strategies here.

CISO

CISO Phishing Architecture Marketing

GUEST ESSAY: 5 steps all SMBs should take to minimize IAM exposures in the current enviroment

The Last Watchdog

FEBRUARY 14, 2022

Which topics should CEOs, CIOs and CISOs have on their radar when it comes to Identity and Access Management ( IAM ) and cyber security risks in 2022? CIOs and CISOs looking to implement a modern approach should combine the Zero Trust strategy with a strong, hybrid IAM solution to sustainably limit access and protect their data and resources.

CISO

CISO Social Engineering Authentication Risk

Author’s Q&A: It’s high time for CISOs to start leading strategically — or risk being scapegoated

Fake CISO Profiles on LinkedIn Target Fortune 500s

Trending Sources

From Pest Control to Cybersecurity: What CISOs Can Learn from Pestie

Fortinet CISO Details ‘Phish-Free’ Phishing Scheme Using PayPal

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

GUEST ESSAY: How AI co-pilots boost the risk of data leakage — making ‘least privilege’ a must

Top 9 Trends In Cybersecurity Careers for 2025

On the Cybersecurity Jobs Shortage

Anton’s Security Blog Quarterly Q1 2025

Social Engineering Attacks Hacking Humans Today

Cybersecurity Insights with Contrast CISO David Lindner | 04/11/25

CISO Guide to Business Email Compromise

News alert: Aptori’s AI-driven platform reduces risk, ensures compliance — now on Google Marketplace

Reaction to Social Engineering Indicative of Cybersecurity Culture

Today’s CISO Insights – How to Tackle the Quantum Threat

GUEST ESSAY: Why CISOs absolutely must take authentication secrets much more seriously

Hello, I am CISO Helen. Nice To Meet You :-)

UnitedHealth Hires Longtime Cybersecurity Executive as CISO

Battling Burnout: A Growing Concern for CISOs and Security Professionals

Fake LinkedIn CISO Profiles Target Top Companies

Secure Communications: Relevant or a Nice to Have?

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

News Alert: INE Security enables CISOs to secure board support for cybersecurity training

This Mental Health Awareness Month, Cyber Resilience Starts Within

Russia's COLDRIVER Targets Western Entities with 'LOSTKEYS' Malware

How I pwned an ex-CISO and the Smashing Security Podcast

Cybersecurity Insights with Contrast Security CISO David Lindner | 5/6

How to unleash the power of an effective security engineering team

MY TAKE: RSAC 2025’s big takeaway — GenAI is growing up fast, but still needs human direction

MailChimp Suffers Data Breach in Latest Social Engineering Attack

Years overdue, the profile of the CISO begins to rise as cyber grabs attention in boardrooms

What is the CISO Experience in a Red Team Exercise?

The Biggest Cybersecurity Risk We're Ignoring—And No, It's Not AI

DHS Calls for “Excellence in Software” in Log4j Report

News alert: AcceleTrex unveils referral exchange that turns trusted conversations into scalable growth

What CISOs can learn from the US Navy insider who stole nuclear secrets

GUEST ESSAY: Cisco-Splunk merger will boost Snowflake – here’s how security teams can benefit.

Top 5 Cyber Predictions for 2024: A CISO Perspective

Splunk Predictions 2024: Leadership Trends and Emerging Technologies

NCSC warns industry, academia of foreign threats to their intellectual property

Ghost Ransomware a Persistent Global Threat to Critical Infrastructure

The Security Startup Ecosystem and the Trends Cisco is Watching

GUEST ESSAY: 5 steps all SMBs should take to minimize IAM exposures in the current enviroment

Stay Connected