CISO and Hacking - Cyber Security Informer

Former Uber CISO Faces Prison Time For Mishandling Cyberattack: Justice, Scapegoating, or Both?

Joseph Steinberg

OCTOBER 6, 2022

While there are State laws requiring the disclosure of various data breaches, there is no specific, clear, federal counterpart that details what, when, and how a CISO must handle such matters. There is a reason that the rate of turnover in such roles is so high – CISOs burn out quickly. CyberSecurity #News Click To Tweet.

CISO

CISO Artificial Intelligence Data breaches Cybersecurity

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Security and Exchange Commission (SEC) recently laid down the hammer charging and fining four prominent cybersecurity vendors for making misleading claims in connection with the SolarWinds hack. This enforcement has already had an impact on the sensitivity of CISOs managing their individual obligations.

CISO

CISO CSO Risk Cyber threats

Black Hat insights: JupiterOne’s whodunnit puts CISOs on the trail of solving a devastating breach

The Last Watchdog

AUGUST 6, 2023

Related: A call to regulate facial recognition That said, a few dozen CISOs attending Black Hat USA 2023 will get to experience, hands-on, what it must have been like to be in the crucible of milestone hacks like Capital One, SolarWinds and Colonial Pipeline. San Diego or New York City , feel free to skip ahead.

CISO

CISO Data breaches Technology Hacking

Why Predator is the ultimate CISO movie

Javvad Malik

OCTOBER 29, 2020

There’s often a lot of debate as to what the best security or hacking movie is. The movie starts on the outskirts of a jungle and the CISO (Arnie) with his team land in their helicopters. This is a perfect metaphor for how a CISO operates in day to day situations. This shows how quickly a CISO can get burnt out on the job.

CISO

CISO InfoSec Banking Ransomware

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

Meanwhile, while business logic hacks, supply chain holes, and cyber extortion continue to loom large. Attackers arent hacking in theyre logging in. Well see CISOs increasingly demand answers about why models flag certain malicious activity and how that activity is impactful at enterprise scale. The drivers are intensifying.

Cyber threats

Cyber threats CISO IoT Phishing

CISO Stories Podcast: Hacking Your Way Into Cybersecurity

Security Boulevard

AUGUST 11, 2021

The post CISO Stories Podcast: Hacking Your Way Into Cybersecurity appeared first on Security Boulevard.

CISO

CISO Hacking Cybersecurity Financial Services

How CISOs Can Impact Security for All

Cisco Security

APRIL 26, 2021

Insights from our new Advisory CISO, Helen Patton. If there’s anyone who’s been put through their paces in the security industry, it’s Helen Patton , our new Advisory Chief Information Security Officer (CISO). Helen has come to Cisco from The Ohio State University, where she served as CISO for approximately eight years.

CISO

CISO Education Technology Media

Hacking It as a CISO: Advice for Security Leadership

Dark Reading

AUGUST 10, 2020

A security leader shares tips for adopting a CISO mindset, creating risk management strategies, and "selling infosec" to IT and executives.

CISO

CISO InfoSec Hacking Risk

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

Krebs on Security

JULY 21, 2023

A review of the executives pages published by the 2022 list of Fortune 100 companies found only four — BestBuy , Cigna , Coca-Cola , and Walmart — that listed a Chief Security Officer (CSO) or Chief Information Security Officer (CISO) in their highest corporate ranks. Nor is the average pay hugely different among all these roles.

CSO

CSO CISO Insurance Risk

Battling Burnout: A Growing Concern for CISOs and Security Professionals

SecureWorld News

JUNE 20, 2024

As defenders of digital assets, Chief Information Security Officers (CISOs) and cybersecurity professionals face immense pressure, often leading to burnout. Key findings from the report include: 90% of CISOs are concerned about stress, fatigue, or burnout affecting their team's well-being.

CISO

CISO Cybersecurity Technology Digital transformation

BrandPost: Don’t Bore the Board: 5 CISO Hacks for Highly Effective Presentations

CSO Magazine

APRIL 6, 2022

The panel members’ engaging insights remain instructive to CISO s today as security leaders strive to hone their increasingly important board presentation approaches. Another board member stressed that she focused nearly all her attention during CISO presentations on the information pertaining to the security budget.

CISO

CISO Hacking Risk

Social Engineering Attacks Hacking Humans Today

Security Boulevard

MARCH 6, 2021

and podcast series during which cybersecurity experts discuss new zero-hour phishing attacks before a live audience of CISOs, CSOs and cybersecurity professionals. In Episode Two, Zero-Hour Attacks Hacking Humans Today, Patrick is joined by Chris Hadnagy, the Founder and CEO of The Social Engineer and host of the […].

Social Engineering

Social Engineering Engineering Hacking CISO

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 20, 2024

CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog Nation-state actor exploited three Ivanti CSA zero-days Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’ macOS HM Surf flaw in TCC allows bypass Safari privacy settings Iran-linked actors target critical infrastructure organizations (..)

Data breaches

Data breaches Cybercrime Cyber Insurance Marketing

JetBlue CISO Tim Rohrbaugh on putting threat intelligence at the center

CSO Magazine

DECEMBER 16, 2021

Like CISOs everywhere, he has seen bad actors ratchet up their attacks and do increasingly more harm with successful hacks. Success is nonnegotiable for Rohrbaugh, who took over as chief information security officer at JetBlue Airways in 2019. To read this article in full, please click here

CISO

CISO Information Security Hacking

Stress pushing CISOs out the door

CSO Magazine

FEBRUARY 23, 2023

Nearly half of CISOs will change jobs by 2025 due to stress caused by the risk of being breached while trying to retain staff, according to the Gartner report, Predicts 2023: Cybersecurity Industry Focuses on the Human Deal. This includes the knowledge that there are only two possible outcomes: get hacked or don’t.

CISO

CISO Data breaches Cybersecurity Hacking

A CISO's Guide to a Good Night's Sleep

SecureWorld News

SEPTEMBER 30, 2020

It is a common feeling in the cybersecurity community that CISOs do not sleep well at night. CISOs worry about the latest incident, end of life technology in their environment, breaches in the news, insecure users and vendors, penetration testing results, budget and resources, and the latest vulnerability report (to name a few).

CISO

CISO Penetration Testing Technology Antivirus

Meta Scores $168M Legal Victory Over NSO Group for Spyware Abuse

SecureWorld News

MAY 13, 2025

Evidence showed: NSO sold hacking packages for $ 7 million to European clients ( 15 device slots per deal). According to trial testimony and WhatsApp's forensic investigation, NSO's infrastructure masqueraded as WhatsApp traffic, allowing it to evade network- based detection tools and endpoint defenses.

Spyware

Spyware Surveillance CISO Government

D&O insurance not yet a priority despite criminal trial of Uber’s former CISO

CSO Magazine

SEPTEMBER 22, 2022

The trial of former Uber CISO Joe Sullivan marks the first time a cybersecurity chief has faced potential criminal liability. Sullivan is charged with trying to conceal from federal investigators the details of a 2016 hack at Uber that exposed the email addresses and phone numbers of 57 million drivers and passengers.

CISO

CISO Insurance Hacking Cybersecurity

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

SecureWorld News

DECEMBER 12, 2024

The details of the Krispy Kreme hack are still emerging, but the companys Form 8-K filing brought the incident to light, offering a rare glimpse into the challenges businesses face when their systems are compromised. The Krispy Kreme hack is a sobering reminder that no industry is immune to cyber threats.

Password Management

Password Management Passwords CISO Cybersecurity

The Effects of GDPR's 72-Hour Notification Rule

Schneier on Security

OCTOBER 3, 2018

Alex Stamos, former Facebook CISO now at Stanford University, points out how this can be a problem: Interesting impact of the GDPR 72-hour deadline: companies announcing breaches before investigations are complete. Last week's Facebook hack is his example. The EU's GDPR regulation requires companies to report a breach within 72 hours.

CISO

CISO Media Hacking

Top 9 Trends In Cybersecurity Careers for 2025

eSecurity Planet

OCTOBER 18, 2024

EC-Council : The International Council of E-Commerce Consultants, or EC-Council, offers several certifications for different career paths but is best known for its white-hat hacking program. Chief Information Security Officer (CISO) As Chief Information Security Officer, you’ve arrived at the C-Suite. Salary: $124,424, Cyberseek.

Cybersecurity

Cybersecurity Artificial Intelligence Penetration Testing Engineering

Wells Notice Against SolarWinds CISO Could Be First of Its Kind

SecureWorld News

JUNE 26, 2023

In a LinkedIn post today, June 26th, Jamil Farshchi, EVP and CISO at Equifax, had this to say about the news: "This is a really big deal. It's unprecedented: this is likely the first time a CISO has ever received one of these. So it seems odd for a CISO to get one of these," he wrote. federal securities laws."

CISO

CISO CSO Data privacy Cyber Risk

SolarWinds and its CISO accused of misleading investors before major cyberattack

Malwarebytes

NOVEMBER 1, 2023

The Securities and Exchange Commission (SEC) has announced charges against software company SolarWinds Corporation and its chief information security officer (CISO), Timothy G. Brown, for “fraud and internal control failures relating to allegedly known cybersecurity risks and vulnerabilities.”

CISO

CISO Risk Software Cybersecurity

Federal Judge Dismisses Most of SEC Claims Against SolarWinds, CISO

SecureWorld News

JULY 30, 2024

and its Chief CISO, Timothy G. The case highlights the critical role of CISOs and other cybersecurity leaders in maintaining transparent and effective security practices. On July 18th, a significant ruling came from a New York federal judge who dismissed most of the claims brought by the U.S.

CISO

CISO Risk Cybersecurity Accountability

SEC Fines Four Companies $7M for Misleading Cybersecurity Disclosures

SecureWorld News

OCTOBER 23, 2024

Securities and Exchange Commission (SEC) announced Tuesday that it has fined four companies $7 million for misleading statements about their cybersecurity incidents, particularly concerning the high-profile 2019 SolarWinds hack. Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd.,

Cybersecurity

Cybersecurity Risk Hacking Software

“Modern CTO” Podcast Features Avast CISO Jaya Baloo | Avast

Security Boulevard

FEBRUARY 4, 2022

In one episode, they hack into the California traffic information network to change those digital bulletin boards that hang above the freeway. The post “Modern CTO” Podcast Features Avast CISO Jaya Baloo | Avast appeared first on Security Boulevard. Afterwards, she asked her parents for a computer, and they got her one.

CISO

CISO Hacking

How the CISO has adapted to protect the hybrid workforce

IT Security Guru

FEBRUARY 28, 2022

As CISOs embark on their transformational journeys, identifying these areas of weakness should be the top priority. This has led to CISOs shifting how they approach protecting the corporate perimeter with additional controls and monitoring tools being used to scan any access to the network. Cloud dominance .

CISO

CISO Digital transformation Artificial Intelligence Risk

Secure Communications: Relevant or a Nice to Have?

Jane Frankland

FEBRUARY 7, 2025

But as a CISO or cyber risk owner, it’s not just about locking down sensitive informationits about doing it without slowing down your people. Amid a backdrop of increasingly sophisticated and frequent cyberattacks, APTs are a growing concern for CISOs and cyber risk owners.

Cyber Risk

Cyber Risk CISO Risk Encryption

Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchison

The Security Ledger

OCTOBER 7, 2021

Pondurance CISO Dustin Hutchison joins me to talk about how companies can operationalize MDR within their environment. The post Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchison appeared first on The Security Ledger with Paul F. Dustin Hutchison is CISO at Pondurance. Click the icon below to listen.

CISO

CISO InfoSec Ransomware Backups

Gamification of Ethical Hacking and Hacking Esports

Threatpost

JUNE 22, 2022

Joseph Carson, Chief Security Scientist and Advisory CISO at Delinea, explores why gamified platforms and hacking esports are the future.

Hacking

Hacking CISO InfoSec

CISO Stories Podcast: So You Want to be a Cyber Spy?

Security Boulevard

JUNE 17, 2021

Ira Winkler, CISO at Skyline Technology Solutions, recounts his amazing journey from wannabe astronaut to NSA intelligence analyst, social engineer, systems hacker and author, and some of the crazy things that happened along the way - check it out. The post CISO Stories Podcast: So You Want to be a Cyber Spy?

CISO

CISO Social Engineering Engineering Technology

GoDaddy Hosting Hacked — for FOURTH Time in 4 Years

Security Boulevard

FEBRUARY 20, 2023

The post GoDaddy Hosting Hacked — for FOURTH Time in 4 Years appeared first on Security Boulevard. GoDaddy’s web hosting service breached yet again. This time, the perps were redirecting legit websites to malware.

Hacking

Hacking Malware Social Engineering CISO

Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchinson

The Security Ledger

OCTOBER 7, 2021

Pondurance CISO Dustin Hutchison joins me to talk about how companies can operationalize MDR within their environment. The post Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchinson appeared first on The Security Ledger with Paul F. Dustin Hutchinson is CISO at Pondurance. Click the icon below to listen.

CISO

CISO InfoSec Ransomware Backups

Uber CISO's trial underscores the importance of truth, transparency, and trust

CSO Magazine

MAY 19, 2022

Truth, transparency and trust are the three T’s that all CISOs and CSOs should embrace as they march through their daily grind of keeping their enterprise and the data safe and secure. Failure to adhere to the three T’s can have serious consequences.

CISO

CISO CSO Data breaches Media

CISOs, beware of spyware tools for illicit competitive intelligence

CSO Magazine

FEBRUARY 24, 2022

Department of Justice (DOJ) released information surrounding the guilty plea of Mexican businessman Carlos Guerrero and his conspiracy to sell and use hacking tools that were manufactured by companies in Italy, Israel, and elsewhere.

Spyware

Spyware CISO Wireless Manufacturing

Sisense Hacked: CISA Warns Customers at Risk

Security Boulevard

APRIL 12, 2024

The post Sisense Hacked: CISA Warns Customers at Risk appeared first on Security Boulevard. A hard-coded credential catastrophe: The analytics firm kept big companies’ secrets in an insecure AWS bucket. Government says victims include the “critical infrastructure sector.”

Risk

Risk Hacking Government Digital transformation

Mailchimp Hack Causes Theft of Trezor Crypto Wallet ‘Money’

Security Boulevard

APRIL 5, 2022

The post Mailchimp Hack Causes Theft of Trezor Crypto Wallet ‘Money’ appeared first on Security Boulevard. Hackers have stolen a mother lode of personal data from Intuit’s email marketing operation, Mailchimp.

Hacking

Hacking Marketing Social Engineering CISO

Oops! Meta Security Guards Hacked Facebook Users

Security Boulevard

NOVEMBER 18, 2022

Facebook parent Meta has disciplined or fired at least 25 workers for allegedly hacking into user accounts. Meta Security Guards Hacked Facebook Users appeared first on Security Boulevard. The post Oops!

Hacking

Hacking Accountability Social Engineering CISO

Badge Life: The CISO Team Takes on DEF CON

Security Boulevard

AUGUST 28, 2024

The CISO Global Pen Testing Team Earlier this month, a group of our intrepid pen testers from our Readiness & Resilience team at CISO Global ventured into the heart of the hacking world at DEFCON 32 in Las Vegas. The post Badge Life: The CISO Team Takes on DEF CON appeared first on Security Boulevard.

CISO

CISO Hacking Cybersecurity

On the Irish Health Services Executive Hack

Security Boulevard

FEBRUARY 11, 2022

The post On the Irish Health Services Executive Hack appeared first on Security Boulevard. It had no documented cyber incident response runbooks or IT recovery plans (apart from documented AD recovery plans) for recovering from a wide-scale ransomware event. The antivirus server was later encrypted in the attack).

Hacking

Hacking Antivirus CISO Ransomware

Black Hat Fireside Chat: How to achieve API security — as AI-boosted attacks intensify

The Last Watchdog

AUGUST 28, 2023

At Black Hat USA 2023 , I had a great discussion about API security with Data Theorem COO Doug Dooley and Applovin CISO Jeremiah Kung. Yes, AI is bolstering hacking techniques; but it can also strengthen defensive capabilities by security teams, programs, and products Dooley observes. The arms race is just warming up, folks.

CISO

CISO Mobile Internet Internet

Collective resilience: Why CISOs are embracing a new culture of openness

CSO Magazine

JANUARY 18, 2022

Security exec Chad Kliewer had heard the initial reports of the SolarWinds attack as news about it broke in December 2020, sympathetic to those companies first named as victims of the hack. To read this article in full, please click here (Insider Story)

CISO

CISO Hacking

A Look Ahead at 2021: SolarWinds Fallout and Shifting CISO Budgets

Threatpost

JANUARY 8, 2021

Threatpost editors discuss the SolarWinds hack, healthcare ransomware attacks and other threats that will plague enterprises in 2021.

CISO

CISO Healthcare Ransomware Hacking

Why CISOs at gaming companies need to reimagine security

SC Magazine

APRIL 21, 2021

The hack of Words with Friends in 2019 was high-profile, but today’s columnist, Yuval Elddad of CYE, says CISOs at all gaming companies have to take a closer look at the growing threats to online gaming platforms. The post Why CISOs at gaming companies need to reimagine security appeared first on SC Media.

CISO

CISO Marketing Accountability Passwords

Former Uber CISO Faces Prison Time For Mishandling Cyberattack: Justice, Scapegoating, or Both?

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

Trending Sources

Black Hat insights: JupiterOne’s whodunnit puts CISOs on the trail of solving a devastating breach

Why Predator is the ultimate CISO movie

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

CISO Stories Podcast: Hacking Your Way Into Cybersecurity

How CISOs Can Impact Security for All

Hacking It as a CISO: Advice for Security Leadership

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

Battling Burnout: A Growing Concern for CISOs and Security Professionals

BrandPost: Don’t Bore the Board: 5 CISO Hacks for Highly Effective Presentations

Social Engineering Attacks Hacking Humans Today

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

JetBlue CISO Tim Rohrbaugh on putting threat intelligence at the center

Stress pushing CISOs out the door

A CISO's Guide to a Good Night's Sleep

Meta Scores $168M Legal Victory Over NSO Group for Spyware Abuse

D&O insurance not yet a priority despite criminal trial of Uber’s former CISO

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

The Effects of GDPR's 72-Hour Notification Rule

Top 9 Trends In Cybersecurity Careers for 2025

Wells Notice Against SolarWinds CISO Could Be First of Its Kind

SolarWinds and its CISO accused of misleading investors before major cyberattack

Federal Judge Dismisses Most of SEC Claims Against SolarWinds, CISO

SEC Fines Four Companies $7M for Misleading Cybersecurity Disclosures

“Modern CTO” Podcast Features Avast CISO Jaya Baloo | Avast

How the CISO has adapted to protect the hybrid workforce

Secure Communications: Relevant or a Nice to Have?

Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchison

Gamification of Ethical Hacking and Hacking Esports

CISO Stories Podcast: So You Want to be a Cyber Spy?

GoDaddy Hosting Hacked — for FOURTH Time in 4 Years

Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchinson

Uber CISO's trial underscores the importance of truth, transparency, and trust

CISOs, beware of spyware tools for illicit competitive intelligence

Sisense Hacked: CISA Warns Customers at Risk

Mailchimp Hack Causes Theft of Trezor Crypto Wallet ‘Money’

Oops! Meta Security Guards Hacked Facebook Users

Badge Life: The CISO Team Takes on DEF CON

On the Irish Health Services Executive Hack

Black Hat Fireside Chat: How to achieve API security — as AI-boosted attacks intensify

Collective resilience: Why CISOs are embracing a new culture of openness

A Look Ahead at 2021: SolarWinds Fallout and Shifting CISO Budgets

Why CISOs at gaming companies need to reimagine security

Stay Connected