CISO, Government and Risk - Cyber Security Informer

From Compliance to Resilience: Cyber Governance as the Cornerstone of CISO Strategy

SecureWorld News

MAY 2, 2024

The role of a Chief Information Security Officer (CISO) is undeniably complex, yet incredibly rewarding. However, the challenges faced by CISOs are mounting, exacerbated by the evolving threat landscape and regulatory environment. These incidents underscore the critical importance of effective governance in cybersecurity programs.

CISO

CISO Government CSO Artificial Intelligence

Best Practices Q&A: Guidance about what directors need to hear from CISOs — from a board member

The Last Watchdog

APRIL 8, 2024

CISOs can sometimes be their own worst enemy, especially when it comes to communicating with the board of directors. She serves on the board of several technology companies and also happens to be steeped in cyber risk governance. LW: Why do so many CISOs still not get it that FUD and doom-and-gloom don’t work?

CISO

CISO Risk Cybersecurity Insurance

Enterprise Risk Management Solutions: Giving Equal Weight to Governance, Risk, and Compliance

Security Boulevard

FEBRUARY 20, 2024

In enterprise risk management (ERM), the “R” in Governance, Risk, and Compliance often commands the spotlight. Let’s shed light on how enterprise risk management solutions can be your guiding light in achieving resilience and lasting success in. However, organizations must assign equal importance to all three components.

Risk

Risk Government CISO

Sisense Hacked: CISA Warns Customers at Risk

Security Boulevard

APRIL 12, 2024

Government says victims include the “critical infrastructure sector.” The post Sisense Hacked: CISA Warns Customers at Risk appeared first on Security Boulevard. A hard-coded credential catastrophe: The analytics firm kept big companies’ secrets in an insecure AWS bucket.

Risk

Risk Hacking Government Digital transformation

CISO Liability Risk and Jail Time, (ISC)2 Bylaw Vote and the Value of Cybersecurity Certifications

Security Boulevard

OCTOBER 30, 2022

Rafal Los, host of the popular Down the Security Rabbithole Podcast, joins us to discuss CISO liability risk and the ongoing discussion in the cybersecurity community about CISOs going to jail.

CISO

CISO Risk Cybersecurity Data privacy

Different Types of CISOs, Diverse Missions

Security Boulevard

NOVEMBER 30, 2023

There are a range of distinct roles/missions that hold the CISO title. The post Different Types of CISOs, Diverse Missions appeared first on Security Boulevard. Their ultimate goals are similar, but how they are positioned to do that varies.

CISO

CISO Security Awareness Risk Government

Top skill-building resources and advice for CISOs

CSO Magazine

OCTOBER 17, 2022

The role of the CISO has evolved, and so have the responsibilities. Some believe a CISO must have technical knowledge and experience as a cybersecurity professional, others think leadership skills such as being able to communicate with boards are what matters most. To read this article in full, please click here

CISO

CISO Telecommunications Insurance Government

What the Charges Against the SolarWinds CISO Mean for Security in 2024

Security Boulevard

JANUARY 29, 2024

The indictment of the SolarWinds CISO by the SEC served as a harsh wake-up call to the corporate world. The post What the Charges Against the SolarWinds CISO Mean for Security in 2024 appeared first on Security Boulevard.

CISO

CISO Security Awareness Risk Government

How a CISO Values CCSP Training and Certification

CyberSecurity Insiders

AUGUST 11, 2021

Chief Information Security Officer (CISO) Luis Gonsalves, Head of Security for Portugal’s central bank, and founder of the Cloud Security Alliance’s Portugal Chapter, says Certified Cloud Security Professional (CCSP) stands out from other technical certifications. That’s the real differentiator ,” he says. Read the Full Article.

CISO

CISO Data privacy Banking Risk

Today’s CISO Insights – How to Tackle the Quantum Threat

CyberSecurity Insiders

MAY 3, 2023

This is why CISOs everywhere should be concerned. Government secrets: Classified information, military secrets, or other sensitive government information that can be used for espionage. CISOs should begin to familiarize themselves with these and evaluate their potential suitability for adoption.

CISO

CISO Identity Theft Encryption Social Engineering

CISO Stories Podcast: Which Approach Wins – Compliance or Risk?

Security Boulevard

NOVEMBER 24, 2021

The post CISO Stories Podcast: Which Approach Wins – Compliance or Risk? Is it really security? LBMC’s Mark Burnette joins the podcast as the differences between compliance and true security are discussed - check it out. appeared first on Security Boulevard.

CISO

CISO Risk Cybersecurity Government

Strengthening Cybersecurity in Local Government: How to Protect Networks Amid an Epidemic

Security Boulevard

FEBRUARY 1, 2024

By: Randy Griffith, Senior Security Consultant, Strategy and Risk In the ever-evolving cybersecurity landscape, organizations are constantly striving to enhance their defenses against organized malicious actors.

Government

Government Cybersecurity CISO Cyber Attacks

Cybersecurity Infrastructure Investment Crashes and Burns Without Governance

Security Boulevard

MARCH 28, 2024

Just like pilot awareness is crucial during unexpected aviation events, cybersecurity's traditional focus on infrastructure needs to shift to more adept governance. The post Cybersecurity Infrastructure Investment Crashes and Burns Without Governance appeared first on Security Boulevard.

Government

Government Cybersecurity CISO Security Awareness

CISO Stories Podcast: No Insider Cybersecurity Risk? Guess Again!

Security Boulevard

JUNE 9, 2021

The post CISO Stories Podcast: No Insider Cybersecurity Risk? What happens when an employee decides to leave the organization and start their own business – but with your Intellectual property or customer lists? . Guess Again! appeared first on Security Boulevard.

CISO

CISO Risk Cybersecurity Security Awareness

2021 Cybersecurity: Mitigating Mobile Security Risks for CISOs

Security Boulevard

MAY 25, 2021

The post 2021 Cybersecurity: Mitigating Mobile Security Risks for CISOs appeared first on The State of Security. The post 2021 Cybersecurity: Mitigating Mobile Security Risks for CISOs appeared first on Security Boulevard.

CISO

CISO Mobile Risk Cybersecurity

Should the CISO Report to the CIO?

Cisco Security

JULY 1, 2021

The Chief Information Security Officer (CISO) is the organization’s senior executive in charge of the cybersecurity and the information technology risk management posture of the enterprise. federal government in particular, the CISO reports to the Chief Information Officer (CIO). In many organizations, and in the U.S.

CISO

CISO Technology Risk Government

Nine Top of Mind Issues for CISOs Going Into 2023

Cisco Security

JANUARY 10, 2023

As the majority of the global Covid fog finally started lifting in 2022, other events – and their associated risks – started to fill the headspace of C-level execs the world over. In my role, I regularly engage with CISOs in all kinds of sectors, representatives at industry bodies, and experts at analyst houses.

CISO

CISO Insurance Cyber Insurance Phishing

Identity Governance: Right People, Right Access, Right Time

Security Boulevard

MAY 12, 2023

This results in headaches for CIOs and CISOs who want to ensure organizations. The post Identity Governance: Right People, Right Access, Right Time appeared first on Security Boulevard. In doing so, IT teams are facing new challenges to ensure the right level of access to the right people at the right time.

Government

Government Digital transformation CISO Software

Four Steps to Cutting Cybersecurity Budgets Without Increasing Risk

Security Boulevard

JULY 12, 2023

Here's how CISOs can look at cybersecurity through a capital efficiency lens without unacceptably growing risk—to the organization and their own jobs. The post Four Steps to Cutting Cybersecurity Budgets Without Increasing Risk appeared first on Security Boulevard.

Risk

Risk Cybersecurity CISO Government

2024 IT Risk and Compliance Benchmark Report Findings: Why Unifying Risk and Compliance Work Is No Longer Optional

Security Boulevard

MARCH 26, 2024

What we found was this: in the rapidly evolving landscape of governance, risk, and compliance (GRC), siloed approaches are becoming increasingly obsolete. The post 2024 IT Risk and Compliance Benchmark Report Findings: Why Unifying Risk and Compliance Work Is No Longer Optional appeared first on Hyperproof.

Risk

Risk Government CISO

Understanding SEC Cyber Disclosure Rules and CISO Liability

Centraleyes

NOVEMBER 8, 2023

The SEC’s proposed cybersecurity disclosure rule , known as the Proposed Rule for Public Companies (PRPC), has ushered in a wave of concerns and challenges, particularly for CISOs. This tight timeline raises questions about the rules’ practicality and potential impact on CISOs’ liability.

CISO

CISO Cyber Risk Risk Cybersecurity

Former Uber CISO Conviction Affirmed by Trial Court

Security Boulevard

JANUARY 19, 2023

On January 11, 2023, presiding United States District Judge William Orrick in San Francisco denied the motion of Joe Sullivan, the former CISO of Uber, for a judgment of acquittal. The post Former Uber CISO Conviction Affirmed by Trial Court appeared first on Security Boulevard.

CISO

CISO Data breaches Risk Government

Prosecutors Argue for 15 Months in Jail for Uber CISO

Security Boulevard

MAY 3, 2023

In a sentencing memorandum filed with a San Francisco federal court on April 27, 2023, prosecutors argued that Joe Sullivan—the former CISO of Uber and a former federal computer crimes prosecutor himself (with the same office)—should serve 15 months in federal prison for his role in the ride-sharing company’s concealment of a data breach.

CISO

CISO Data breaches Risk Government

Survey Reveals Limits of CISOs’ Management Experience

Security Boulevard

DECEMBER 13, 2022

A global survey from recruitment firm Marlin Hawk that polled 470 CISOs at organizations with more than 10,000 employees found nearly half (45%) have been in their current role for two years or less. The post Survey Reveals Limits of CISOs’ Management Experience appeared first on Security Boulevard.

CISO

CISO Security Awareness Risk Government

Developing a Risk Management Approach to Cybersecurity

Security Boulevard

MARCH 30, 2021

By now most CISOs understand that focusing your cybersecurity program on regulatory compliance is no longer sufficient. The post Developing a Risk Management Approach to Cybersecurity appeared first on Hyperproof. The post Developing a Risk Management Approach to Cybersecurity appeared first on Security Boulevard.

Risk

Risk Cybersecurity CISO Government

CISO workshop slides

Notice Bored

AUGUST 5, 2022

Generally, though, the risk management and security arrangements quietly support and enable the business from the inside, as it were, rather than being exposed externally - unless they fail anyway! A glossy, nicely-constructed and detailed PowerPoint slide deck by Microsoft Security caught my beady this morning.

CISO

CISO Risk Artificial Intelligence Marketing

Enhancing Data Governance and Analytics with Alteryx: Incisive Software Joins Partner Program

Security Boulevard

JULY 13, 2023

In a move that further strengthens its commitment to empowering organizations with innovative risk and analytics management solutions, Incisive Software is excited to announce its partnership with Alteryx, a leading provider of data analytics platforms.

Government

Government Software Risk CISO

Is fighting cybercrime a losing battle for today’s CISO?

CyberSecurity Insiders

JANUARY 12, 2022

In this blog, we’ll look at the root causes of concern for today's CISO and share some practical strategies to deter cybercriminals. The CISO role can be an unenviable one. Is the cyber deck stacked against today's CISO? If you own the risks, who owns the elimination? ' is usually swift.

CISO

CISO Cybercrime Risk Healthcare

People Skills Outweigh Technical Prowess in the Best Security Leaders

SecureWorld News

OCTOBER 5, 2023

Michael Gregg, the CISO for the State of North Dakota, speaks across the country, including keynoting at SecureWorld Detroit on Sep. His common sense approach to cybersecurity has made North Dakota a leader among state and local governments with unique challenges as public entities. 19 and at SecureWorld Dallas on Oct.

CISO

CISO Risk Government Cybersecurity

Three Risk Mitigation Strategies to Address the Latest Data Security Threats

CyberSecurity Insiders

JUNE 7, 2023

By Dannie Combs , Senior Vice President and CISO, Donnelley Financial Solutions (DFIN) As security threats to data continue to ebb and flow (mostly flow!), Here are three risk mitigation imperatives that can help organizations get a better handle on these latest risks and threats.

Risk

Risk Artificial Intelligence Technology Digital transformation

NEW TECH: CASBs continue evolving to help CISOs address multiplying ‘cloud-mobile’ risks

The Last Watchdog

APRIL 29, 2020

Some CISOs, at first, were reserved and said, ‘We’re not moving to the cloud.’ Nasser: It’s one of two things, when the legal department comes in, or the government comes in, and there’s a conversation around regulation and privacy. So if you’re a Microsoft shop, you’re on an Office 365 and a Windows 10 migration path.

Mobile

Mobile CISO Risk Cloud Migration

What the White House’s Cybersecurity Strategy Means for CISOs

Security Boulevard

MAY 16, 2023

The post What the White House’s Cybersecurity Strategy Means for CISOs appeared first on Security Boulevard. And lately, these types of attacks have started impacting businesses that affect the entire population. For example, the Colonial Pipeline ransomware attack in 2021 led to.

CISO

CISO Cybersecurity Ransomware Risk

MOVEit Attack Strikes US and State Governments

Security Boulevard

JUNE 16, 2023

agencies and a spate of state government organizations and educational institutions. The post MOVEit Attack Strikes US and State Governments appeared first on Security Boulevard. A global attack campaign fueled by a vulnerability in MOVEit Transfer, a popular file transfer application, has now struck the U.S.

Government

Government Education CISO Risk

Introducing our new Senior CISO Advisor, Bruce Brody

Cisco Security

JUNE 16, 2021

I’m delighted to announce the latest member of my CISO Advisors team, Bruce Brody. He was the first executive-level CISO at the Departments of Veterans Affairs and Energy, and has had more recent success as CISO at Cubic Corporation and DRS Technologies. Eventually, I became a CISO four times over. Bruce Brody.

CISO

CISO Security Awareness Risk Cybersecurity

Dawn Cappelli: ‘A CISO needs to bring business value to the company’

SC Magazine

JUNE 10, 2021

Dawn Cappelli is VP and CISO at Rockwell Automation. Cappelli started at Rockwell as director of insider risk. Instead, an effective CISO works with the teams across the company and is viewed as a business partner. A CISO needs to bring business value to the company. CISOs usually “grow up” in IT security.

CISO

CISO Risk Manufacturing Cybersecurity

Introducing our new CISO Advisor, Pam Lindemeon

Cisco Security

AUGUST 3, 2021

I’m delighted to announce the latest member of our growing CISO Advisor team, Pam Lindemeon. Pam is an exceptional leader; dedicated to advancing women in the IT industry, and I’m so glad she’s now joined Cisco to work closely with our community of CISOs and offer advice and guidance based on her incredible experience. Pam Lindemeon.

CISO

CISO Technology Information Security Cybersecurity

How CISOs Can Impact Security for All

Cisco Security

APRIL 26, 2021

Insights from our new Advisory CISO, Helen Patton. If there’s anyone who’s been put through their paces in the security industry, it’s Helen Patton , our new Advisory Chief Information Security Officer (CISO). Helen has come to Cisco from The Ohio State University, where she served as CISO for approximately eight years.

CISO

CISO Education Technology Media

The Changing Profile of the CISO: New Roles, New Demands, New Skills

Security Boulevard

DECEMBER 22, 2021

CISOs are now central to their organization when it comes to risk, compliance and governance. The post The Changing Profile of the CISO: New Roles, New Demands, New Skills appeared first on The State of Security. Over the last two decades, it has evolved beyond technical IT security. In the past, the […]… Read More.

CISO

CISO Government Risk

Artificial Intelligence: The Key to Self-Driving Identity Governance

Security Boulevard

MAY 19, 2021

When it comes to identity governance, the future is here. Hyper-automation and self-driving governance promise to make as dramatic an impact as that of agile development. Faster regulatory compliance, lower costs, and substantially reduced risk. . Leveraging ML, it can automate approvals of low-risk, high-confidence users.

Artificial Intelligence

Artificial Intelligence Government Risk CISO

AI: Risk or Opportunity?

Duo's Security Blog

JULY 11, 2023

Certainly, from the security and resilience perspective, we need to think about the impact of these solutions and how we can provide a useful framework for security, privacy and governance in relation to AI-driven apps. Put simply, how do we make sure we’re managing the potential risks while capitalizing on any opportunities?

Risk

Risk CISO Government Technology

A Guide to Articulating Risk: Speaking the Language of the Stakeholder

Security Boulevard

JUNE 29, 2023

The role of the modern CISO today is just as much about managing technical solutions as it is about communicating risk to key decision-making stakeholders. The post A Guide to Articulating Risk: Speaking the Language of the Stakeholder appeared first on Security Boulevard.

Risk

Risk CISO Social Engineering Security Awareness

Why an HR-IT Partnership is Critical for Managing Cybersecurity Risk

Security Boulevard

FEBRUARY 6, 2024

The post Why an HR-IT Partnership is Critical for Managing Cybersecurity Risk appeared first on Security Boulevard. By aligning priorities into a shared game plan, HR and IT can finally set their organizations up to defend against modern cyberthreats.

Risk

Risk Cybersecurity Social Engineering Cyber Risk

December 15 Marks Deadline for SEC's New Cyber Disclosure Rules

SecureWorld News

DECEMBER 11, 2023

Public companies will also have to share details about their "cybersecurity risk management, strategy, and governance" on an annual basis. Risk Management and Strategy Disclosure: Companies must disclose their cybersecurity risk management policies, governance procedures, and incident response plans in their annual reports.

CISO

CISO Risk Cybersecurity CSO

BSides Sofia 2023 – Peter Kirkov, e-Government – Keynote

Security Boulevard

JULY 15, 2023

Permalink The post BSides Sofia 2023 – Peter Kirkov, e-Government – Keynote appeared first on Security Boulevard. Our thanks to BSides Sofia for publishing their presenter’s tremendous BSides Sofia 2023 content on the organizations’ YouTube channel.

Government

Government Architecture CISO Education

From Compliance to Resilience: Cyber Governance as the Cornerstone of CISO Strategy

Best Practices Q&A: Guidance about what directors need to hear from CISOs — from a board member

Trending Sources

Enterprise Risk Management Solutions: Giving Equal Weight to Governance, Risk, and Compliance

Sisense Hacked: CISA Warns Customers at Risk

CISO Liability Risk and Jail Time, (ISC)2 Bylaw Vote and the Value of Cybersecurity Certifications

Different Types of CISOs, Diverse Missions

Top skill-building resources and advice for CISOs

What the Charges Against the SolarWinds CISO Mean for Security in 2024

How a CISO Values CCSP Training and Certification

Today’s CISO Insights – How to Tackle the Quantum Threat

CISO Stories Podcast: Which Approach Wins – Compliance or Risk?

Strengthening Cybersecurity in Local Government: How to Protect Networks Amid an Epidemic

Cybersecurity Infrastructure Investment Crashes and Burns Without Governance

CISO Stories Podcast: No Insider Cybersecurity Risk? Guess Again!

2021 Cybersecurity: Mitigating Mobile Security Risks for CISOs

Should the CISO Report to the CIO?

Nine Top of Mind Issues for CISOs Going Into 2023

Identity Governance: Right People, Right Access, Right Time

Four Steps to Cutting Cybersecurity Budgets Without Increasing Risk

2024 IT Risk and Compliance Benchmark Report Findings: Why Unifying Risk and Compliance Work Is No Longer Optional

Understanding SEC Cyber Disclosure Rules and CISO Liability

Former Uber CISO Conviction Affirmed by Trial Court

Prosecutors Argue for 15 Months in Jail for Uber CISO

Survey Reveals Limits of CISOs’ Management Experience

Developing a Risk Management Approach to Cybersecurity

CISO workshop slides

Enhancing Data Governance and Analytics with Alteryx: Incisive Software Joins Partner Program

Is fighting cybercrime a losing battle for today’s CISO?

People Skills Outweigh Technical Prowess in the Best Security Leaders

Three Risk Mitigation Strategies to Address the Latest Data Security Threats

NEW TECH: CASBs continue evolving to help CISOs address multiplying ‘cloud-mobile’ risks

What the White House’s Cybersecurity Strategy Means for CISOs

MOVEit Attack Strikes US and State Governments

Introducing our new Senior CISO Advisor, Bruce Brody

Dawn Cappelli: ‘A CISO needs to bring business value to the company’

Introducing our new CISO Advisor, Pam Lindemeon

How CISOs Can Impact Security for All

The Changing Profile of the CISO: New Roles, New Demands, New Skills

Artificial Intelligence: The Key to Self-Driving Identity Governance

AI: Risk or Opportunity?

A Guide to Articulating Risk: Speaking the Language of the Stakeholder

Why an HR-IT Partnership is Critical for Managing Cybersecurity Risk

December 15 Marks Deadline for SEC's New Cyber Disclosure Rules

BSides Sofia 2023 – Peter Kirkov, e-Government – Keynote

Stay Connected