CISO, Government and Risk - Cyber Security Informer

The C-Suite Power Shift: Why CIOs, CTOs, and CISOs Must Realign to Survive

Jane Frankland

JUNE 8, 2025

Today, the Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) are rising in prominence—fuelled by the accelerating demands of AI innovation, cybersecurity, and digital transformation. All three roles are now vying for ownership of overlapping domains: infrastructure, innovation, data governance, and cybersecurity.

CISO

CISO Digital transformation Technology Risk

Author’s Q&A: It’s high time for CISOs to start leading strategically — or risk being scapegoated

The Last Watchdog

MAY 13, 2025

Related: How real people are really using GenAI Todays Chief Information Security Officers (CISOs) operate in a pressure cooker: responsible for protecting critical assets, expected to show up in the boardroom with fluency, yet rarely granted the authority, resources or organizational alignment to succeed. Its not a people problem.

CISO

CISO Risk Cybersecurity Government

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Unisys, for instance, was found to have framed cyber risks hypothetically even though its systems had already been breached, exfiltrating gigabytes of data. But the SEC’s latest actions underscore that failing to inform stakeholders about material risks and breaches is not an option.

CISO

CISO CSO Risk Cyber threats

Cybersecurity Governance: The Road Ahead in an Era of Constant Evolution

SecureWorld News

FEBRUARY 17, 2025

Cybersecurity governance has undergone a dramatic transformation over the past few decades. From its early days, where security was an afterthought to business operations, to the present, where it has become a board-level discussion, governance has had to adapt to an ever-evolving digital landscape.

Government

Government Cybersecurity Risk CISO

CISOs in Australia Urged to Take a Closer Look at Data Breach Risks

Tech Republic Security

MAY 24, 2024

A leading cyber lawyer in Australia has warned CISOs and other IT leaders their organisations and careers could be at stake if they do not understand data risk and data governance practices.

CISO

CISO Data breaches Risk Government

RSAC Fireside Chat: Human and machine identity risks are converging — and they’re finally visible

The Last Watchdog

MAY 30, 2025

Eades explained how Anetacs founding team interviewed dozens of CISOs before launching a platform purpose-built to tackle this blind spot. At RSAC 2025, Eades unveiled Human Link Pro , a new product aimed at closing the loop between non-human and human credential risks. On-premise was ugly and hard. The cloud is just a mess.

Risk

Risk Cyber Insurance Accountability Insurance

The Dangers of AI Acceleration: Why a Deregulatory Stance Threatens Humanity

Jane Frankland

MAY 30, 2025

Everyone’s talking about AI aren’t they, and when I gave a keynote on Artificial Intelligence and cybersecurity recently, I relayed how the rise of AI has brought us to a pivotal moment in historya moment brimming with both extraordinary opportunity and unparalleled risk. AI amplifies these risks exponentially.

Risk

Risk Artificial Intelligence Government Technology

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

The Last Watchdog

DECEMBER 18, 2024

This shift is expected to place significant pressure on organizations that haven’t yet developed trusted data to manage risk effectively. To mitigate risks, businesses will invest in modern, privacy-enhancing technologies (PETs), such as trusted execution environments (TEEs) and fully homomorphic encryption (FHE).

Cybersecurity

Cybersecurity CISO Risk Government

Best Practices Q&A: Guidance about what directors need to hear from CISOs — from a board member

The Last Watchdog

APRIL 8, 2024

CISOs can sometimes be their own worst enemy, especially when it comes to communicating with the board of directors. She serves on the board of several technology companies and also happens to be steeped in cyber risk governance. LW: Why do so many CISOs still not get it that FUD and doom-and-gloom don’t work?

CISO

CISO Risk Cybersecurity Insurance

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

Madhu Shashanka , Chief Data Scientist, Concentric AI Generative AI in 2025 will bring transformative opportunities but heightened cybersecurity risks, including data exposure, AI misuse, and novel threats like prompt injection attacks. Enterprises must secure AI agents, adopt proactive data governance, and deploy AI-based security platforms.

Risk

Risk Threat Detection Technology Phishing

SHARED INTEL Q&A: When every IoT Device and AI assistant has an identity — who’s in control?

The Last Watchdog

JUNE 2, 2025

Related: Top 10 Microsoft Copilot risks At the same time, traditional identity and access management (IAM) tools are buckling under the pressure of cloud sprawl, decentralized architectures, and constant change. LW: GenAI tools like Copilot are transforming workflows but also introducing new access-related risks. The result?

IoT

IoT CISO Government Risk

Insurance Firm Introduces Liability Coverage for CISOs

Security Boulevard

NOVEMBER 12, 2024

National insurance firm Crum and Forster is offering a professional liability program for CISOs who are facing growing regulatory pressures and sophisticate cyberattacks but often are not covered by their organizations' D&O policies. The post Insurance Firm Introduces Liability Coverage for CISOs appeared first on Security Boulevard.

Insurance

Insurance CISO Risk Government

From Compliance to Confidence: How AI Is Reshaping Third-Party Risk

SecureWorld News

MAY 13, 2025

As geopolitical instability, supply chain disruption, and cyber threats continue to escalate, third-party risk management (TPRM) is evolving from a compliance function to a strategic business imperative. According to the EY survey , 87% of organizations have experienced a third-party risk incident in the past three years.

Risk

Risk Cyber Risk Artificial Intelligence Technology

MY TAKE: RSAC 2025 – Conversing with vendors hanging out in the Marriott Marquis mezzanine

The Last Watchdog

MAY 1, 2025

Approov: Securing cloud-mobile APIs Ted Miracco, CEO of Approov, painted a vivid picture of modern mobile risk: Your mobile app is under attack the moment it talks to the cloud especially over public Wi-Fi. Theyre totally different tech and governance models. You cant govern what you cant see, Mogull said. Approovs solution?

Mobile

Mobile Government CISO Technology

Should the CISO Report to the CIO?

Cisco Security

JULY 1, 2021

The Chief Information Security Officer (CISO) is the organization’s senior executive in charge of the cybersecurity and the information technology risk management posture of the enterprise. federal government in particular, the CISO reports to the Chief Information Officer (CIO). In many organizations, and in the U.S.

CISO

CISO Technology Risk Government

GUEST ESSAY: 5 tips for ‘de-risking’ work scenarios that require accessing personal data

The Last Watchdog

JANUARY 10, 2022

Related: The dangers of normalizing encryption for government use. It’s possible to de-risk work scenarios involving personal data by carrying out a classic risk assessment of an organization’s internal and external infrastructure. This de-risks personal data that does not fit in a separate security contour. Encryption.

Risk

Risk Encryption Data privacy CISO

From Compliance to Resilience: Cyber Governance as the Cornerstone of CISO Strategy

SecureWorld News

MAY 2, 2024

The role of a Chief Information Security Officer (CISO) is undeniably complex, yet incredibly rewarding. However, the challenges faced by CISOs are mounting, exacerbated by the evolving threat landscape and regulatory environment. These incidents underscore the critical importance of effective governance in cybersecurity programs.

CISO

CISO Government CSO Artificial Intelligence

How a CISO Values CCSP Training and Certification

CyberSecurity Insiders

AUGUST 11, 2021

Chief Information Security Officer (CISO) Luis Gonsalves, Head of Security for Portugal’s central bank, and founder of the Cloud Security Alliance’s Portugal Chapter, says Certified Cloud Security Professional (CCSP) stands out from other technical certifications. That’s the real differentiator ,” he says. Read the Full Article.

CISO

CISO Data privacy Banking Risk

NEW TECH: CASBs continue evolving to help CISOs address multiplying ‘cloud-mobile’ risks

The Last Watchdog

APRIL 29, 2020

Some CISOs, at first, were reserved and said, ‘We’re not moving to the cloud.’ Nasser: It’s one of two things, when the legal department comes in, or the government comes in, and there’s a conversation around regulation and privacy. So if you’re a Microsoft shop, you’re on an Office 365 and a Windows 10 migration path.

Mobile

Mobile CISO Risk Cloud Migration

Meta Scores $168M Legal Victory Over NSO Group for Spyware Abuse

SecureWorld News

MAY 13, 2025

It's a pivotal moment for digital civil liberties, responsible surveillance governance, and the role of private enterprise in defending the cyber ecosystem. Targets included h uman rights defenders, journalists, lawyers, diplomats, and government officials. This is more than a courtroom win.

Spyware

Spyware Surveillance CISO Government

Navigating the SEC’s Cybersecurity Disclosure Rules: One Year On

Security Boulevard

DECEMBER 30, 2024

In this post, we look at the enforcement actions the SEC has taken and what public company CISOs should do to stay in compliance. As part of their fiduciary duties, boards play a key role in the oversight of risks from cybersecurity threats. This pushed C-level executives and boards to adopt measures for compliance and transparency.

Cybersecurity

Cybersecurity Cyber Risk CISO Risk

Federal Contractor Cybersecurity Vulnerability Reduction Act Passes in U.S. House

SecureWorld News

MARCH 6, 2025

government. This means that thousands of government contractors will soon be required to implement structured processes for identifying, reporting, and mitigating vulnerabilities, aligning them with U.S. government and among the many contractors and vendors that support federal agencies."

Cybersecurity

Cybersecurity Government Marketing Cyber threats

Secure Communications: Relevant or a Nice to Have?

Jane Frankland

FEBRUARY 7, 2025

But as a CISO or cyber risk owner, it’s not just about locking down sensitive informationits about doing it without slowing down your people. It encompasses everything from ensuring the confidentiality and integrity of information to reducing risks, maintaining compliance, and building trust with customers.

Cyber Risk

Cyber Risk CISO Risk Encryption

Top skill-building resources and advice for CISOs

CSO Magazine

OCTOBER 17, 2022

The role of the CISO has evolved, and so have the responsibilities. Some believe a CISO must have technical knowledge and experience as a cybersecurity professional, others think leadership skills such as being able to communicate with boards are what matters most. To read this article in full, please click here

CISO

CISO Telecommunications Insurance Government

How boards can manage digital governance in the age of AI

BH Consulting

MARCH 26, 2025

This rapid transformation creates a challenge for boards tasked with balancing emerging risks and strategic opportunities. In a presentation titled Digital governance for boards and senior executives: AI, cybersecurity, and privacy , she called on her extensive experience advising boards on these areas.

Government

Government Artificial Intelligence Risk Digital transformation

Healthcare Cybersecurity Market Soars: Key Trends and Insights

SecureWorld News

MAY 2, 2025

This surge is driven by a convergence of factorsfrom a spike in ransom ware attacks to the digital transformation of healthcarethat CISOs and healthcare executives must understand and act upon. Breaches can disrupt care delivery and put lives at risk, not to mention lead to hefty compliance fines.

Healthcare

Healthcare Marketing Cybersecurity CISO

Nine Top of Mind Issues for CISOs Going Into 2023

Cisco Security

JANUARY 10, 2023

As the majority of the global Covid fog finally started lifting in 2022, other events – and their associated risks – started to fill the headspace of C-level execs the world over. In my role, I regularly engage with CISOs in all kinds of sectors, representatives at industry bodies, and experts at analyst houses.

CISO

CISO Insurance Cyber Insurance Phishing

Ghost Ransomware a Persistent Global Threat to Critical Infrastructure

SecureWorld News

FEBRUARY 20, 2025

The FBI, CISA, and MS-ISAC have issued a joint cybersecurity advisory warning organizations about Ghost (Cring) ransomware, a sophisticated cyber threat that has been compromising critical infrastructure, businesses, and government entities worldwide. Stolen credentials remain the top breach factor, responsible for 24% of incidents in 2024.

Ransomware

Ransomware IoT Encryption Social Engineering

Today’s CISO Insights – How to Tackle the Quantum Threat

CyberSecurity Insiders

MAY 3, 2023

This is why CISOs everywhere should be concerned. Government secrets: Classified information, military secrets, or other sensitive government information that can be used for espionage. CISOs should begin to familiarize themselves with these and evaluate their potential suitability for adoption.

CISO

CISO Identity Theft Encryption Social Engineering

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 20, 2024

CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog North Korea-linked APT37 exploited IE zero-day in a recent attack Omni Family Health data breach impacts 468,344 individuals Iran-linked actors target critical infrastructure organizations macOS HM Surf flaw in TCC allows bypass Safari privacy settings Two Sudanese (..)

Data breaches

Data breaches Cybercrime Cyber Insurance Marketing

Cybersecurity Insights with Contrast CISO David Lindner | 06/06/25

Security Boulevard

JUNE 6, 2025

The post Cybersecurity Insights with Contrast CISO David Lindner | 06/06/25 appeared first on Security Boulevard. The focus should always be on actionable intelligence: understanding the breach, assessing the damage and rapidly restoring operations.

CISO

CISO Cybersecurity Media Risk

SEC Fines Four Companies $7M for Misleading Cybersecurity Disclosures

SecureWorld News

OCTOBER 23, 2024

The SEC charged the companies with "materially misleading disclosures regarding cybersecurity risks and intrusions." which received the largest fine of $4 million, inaccurately described its cybersecurity risks as hypothetical in its SEC filings despite being aware of two significant breaches related to SolarWinds. Unisys Corp.,

Cybersecurity

Cybersecurity Risk Hacking Software

News alert: One Identity wins 2024 Cyber Defense Award: Hot Company – PAM category

The Last Watchdog

DECEMBER 5, 2024

One Identity embodies three major features we judges look for with the potential to become winners: understanding tomorrows threats today, providing a cost-effective solution and innovating in unexpected ways that can help mitigate cyber risk and get one step ahead of the next breach, said Gary S. Ackerman Jr.

InfoSec

InfoSec Cyber Risk CISO Cybersecurity

GUEST ESSAY: Why the arrests of cyber criminals in 2021 will incentize attackers in 2022

The Last Watchdog

DECEMBER 16, 2021

REvil and BlackMatter are not “shutting down” due to external pressure from the government and law enforcement agencies. After all, a malicious actor only needs a few minutes of time with a privileged account to take over the entire directory, and there are volumes of exploitable identity risks at every organization.

CISO

CISO Ransomware Risk Authentication

Cybersecurity Insights with Contrast CISO David Lindner | 03/14/25

Security Boulevard

MARCH 14, 2025

1 We are frogs, falling asleep in security-debt stew Companies are drowning in high-risk software security debt , with critical vulnerabilities festering for an average of 252 days before theyre fixed long enough to turn your tech stack into a hackers swamp. Insight No. The choice is clear: Evolve to ADR or get left behind in the wreckage.

CISO

CISO Cybersecurity Software Risk

Unstructured Data Management: Closing the Gap Between Risk and Response

Thales Cloud Protection & Licensing

JUNE 23, 2025

Unstructured Data Management: Closing the Gap Between Risk and Response madhav Tue, 06/24/2025 - 05:44 The world is producing data at an exponential rate. It often contains the most sensitive information—contracts, financial records, IP, or personal data—yet is the least governed.

Unstructured Data

Unstructured Data Risk Digital transformation Marketing

You've Made the Ascent to CISO. Now What?

SecureWorld News

JANUARY 3, 2025

And now, you finally got that call, to be a CISO at an organization. Can you balance the needs of the business, versus the risks they face? Before diving into security strategies, CISOs need to invest time in understanding the organization's culture, strategic roadmaps, operational dynamics, industry, and so forth.

CISO

CISO Risk Technology Cybersecurity

First American Financial Pays Farcical $500K Fine

Krebs on Security

JUNE 18, 2021

Under First American’s documented vulnerability remediation policies, the data leak was classified as a security weakness with a “level 3” severity, which placed it in the “medium risk” category and required remediation within 45 days. “The [employee] did not request a waiver or risk acceptance from the CISO.”

Insurance

Insurance Risk Financial Services CISO

99% of Organizations Expose Sensitive Data to AI Tools, Report Shows

SecureWorld News

MAY 23, 2025

According to the State of Data Security Report: Quantifying AI's Impact on Data Risk , 99% of organizations analyzed had sensitive data exposed to AI tools due to misconfigurations, permissive access controls, and a lack of visibility across cloud environments. What's next for CISOs? AI is not inherently the enemy," said Carignan. "

Artificial Intelligence

Artificial Intelligence CISO Mobile Risk

Introducing our new CISO Advisor, Pam Lindemeon

Cisco Security

AUGUST 3, 2021

I’m delighted to announce the latest member of our growing CISO Advisor team, Pam Lindemeon. Pam is an exceptional leader; dedicated to advancing women in the IT industry, and I’m so glad she’s now joined Cisco to work closely with our community of CISOs and offer advice and guidance based on her incredible experience. Pam Lindemeon.

CISO

CISO Technology Information Security Cybersecurity

Different Types of CISOs, Diverse Missions

Security Boulevard

NOVEMBER 30, 2023

There are a range of distinct roles/missions that hold the CISO title. The post Different Types of CISOs, Diverse Missions appeared first on Security Boulevard. Their ultimate goals are similar, but how they are positioned to do that varies.

CISO

CISO Security Awareness Risk Government

Israel–Iran Conflict Escalates in Cyberspace: Banks and Crypto Hit, Internet Cut

SecureWorld News

JUNE 19, 2025

Iran responds with nationwide internet throttling As cyberattacks intensified, the Iranian government took the drastic step of cutting internet access across the country, beginning June 18th and extending into June 19th. It's a call to action for every CISO watching the horizon. This is not just a Middle East issue.

Internet

Internet Internet Banking Media

Federal Judge Dismisses Most of SEC Claims Against SolarWinds, CISO

SecureWorld News

JULY 30, 2024

and its Chief CISO, Timothy G. government agencies and Fortune 500 companies. The SEC accused SolarWinds of failing to adequately disclose cybersecurity risks and vulnerabilities, which allegedly misled investors about the company's security posture and internal controls.

CISO

CISO Risk Cybersecurity Accountability

What the Charges Against the SolarWinds CISO Mean for Security in 2024

Security Boulevard

JANUARY 29, 2024

The indictment of the SolarWinds CISO by the SEC served as a harsh wake-up call to the corporate world. The post What the Charges Against the SolarWinds CISO Mean for Security in 2024 appeared first on Security Boulevard.

CISO

CISO Security Awareness Risk Government

The C-Suite Power Shift: Why CIOs, CTOs, and CISOs Must Realign to Survive

Author’s Q&A: It’s high time for CISOs to start leading strategically — or risk being scapegoated

Trending Sources

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

Cybersecurity Governance: The Road Ahead in an Era of Constant Evolution

CISOs in Australia Urged to Take a Closer Look at Data Breach Risks

RSAC Fireside Chat: Human and machine identity risks are converging — and they’re finally visible

The Dangers of AI Acceleration: Why a Deregulatory Stance Threatens Humanity

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

Best Practices Q&A: Guidance about what directors need to hear from CISOs — from a board member

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

SHARED INTEL Q&A: When every IoT Device and AI assistant has an identity — who’s in control?

Insurance Firm Introduces Liability Coverage for CISOs

From Compliance to Confidence: How AI Is Reshaping Third-Party Risk

MY TAKE: RSAC 2025 – Conversing with vendors hanging out in the Marriott Marquis mezzanine

Should the CISO Report to the CIO?

GUEST ESSAY: 5 tips for ‘de-risking’ work scenarios that require accessing personal data

From Compliance to Resilience: Cyber Governance as the Cornerstone of CISO Strategy

How a CISO Values CCSP Training and Certification

NEW TECH: CASBs continue evolving to help CISOs address multiplying ‘cloud-mobile’ risks

Meta Scores $168M Legal Victory Over NSO Group for Spyware Abuse

Navigating the SEC’s Cybersecurity Disclosure Rules: One Year On

Federal Contractor Cybersecurity Vulnerability Reduction Act Passes in U.S. House

Secure Communications: Relevant or a Nice to Have?

Top skill-building resources and advice for CISOs

How boards can manage digital governance in the age of AI

Healthcare Cybersecurity Market Soars: Key Trends and Insights

Nine Top of Mind Issues for CISOs Going Into 2023

Ghost Ransomware a Persistent Global Threat to Critical Infrastructure

Today’s CISO Insights – How to Tackle the Quantum Threat

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Cybersecurity Insights with Contrast CISO David Lindner | 06/06/25

SEC Fines Four Companies $7M for Misleading Cybersecurity Disclosures

News alert: One Identity wins 2024 Cyber Defense Award: Hot Company – PAM category

GUEST ESSAY: Why the arrests of cyber criminals in 2021 will incentize attackers in 2022

Cybersecurity Insights with Contrast CISO David Lindner | 03/14/25

Unstructured Data Management: Closing the Gap Between Risk and Response

You've Made the Ascent to CISO. Now What?

First American Financial Pays Farcical $500K Fine

99% of Organizations Expose Sensitive Data to AI Tools, Report Shows

Introducing our new CISO Advisor, Pam Lindemeon

Different Types of CISOs, Diverse Missions

Israel–Iran Conflict Escalates in Cyberspace: Banks and Crypto Hit, Internet Cut

Federal Judge Dismisses Most of SEC Claims Against SolarWinds, CISO

What the Charges Against the SolarWinds CISO Mean for Security in 2024

Stay Connected