SecureWorld News

OCTOBER 23, 2024

Securities and Exchange Commission (SEC) announced Tuesday that it has fined four companies $7 million for misleading statements about their cybersecurity incidents, particularly concerning the high-profile 2019 SolarWinds hack. The SEC charged the companies with "materially misleading disclosures regarding cybersecurity risks and intrusions."

Cybersecurity 113

Cybersecurity Risk Hacking Software 113

Krebs on Security

JULY 21, 2023

A review of the executives pages published by the 2022 list of Fortune 100 companies found only four — BestBuy , Cigna , Coca-Cola , and Walmart — that listed a Chief Security Officer (CSO) or Chief Information Security Officer (CISO) in their highest corporate ranks. Nor is the average pay hugely different among all these roles.

CSO 245

CSO CISO Insurance Risk 245

Jane Frankland

FEBRUARY 7, 2025

But as a CISO or cyber risk owner, it’s not just about locking down sensitive informationits about doing it without slowing down your people. It encompasses everything from ensuring the confidentiality and integrity of information to reducing risks, maintaining compliance, and building trust with customers.

Cyber Risk 130

Cyber Risk CISO Risk Encryption 130

Security Affairs

OCTOBER 20, 2024

CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog Nation-state actor exploited three Ivanti CSA zero-days Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’ macOS HM Surf flaw in TCC allows bypass Safari privacy settings Iran-linked actors target critical infrastructure organizations (..)

Data breaches 119

Data breaches Cybercrime Cyber Insurance Marketing 119

Dark Reading

AUGUST 10, 2020

A security leader shares tips for adopting a CISO mindset, creating risk management strategies, and "selling infosec" to IT and executives.

CISO 101

CISO InfoSec Hacking Risk 101

SecureWorld News

DECEMBER 12, 2024

The details of the Krispy Kreme hack are still emerging, but the companys Form 8-K filing brought the incident to light, offering a rare glimpse into the challenges businesses face when their systems are compromised. To mitigate such risks, organizations must adopt proactive measures.

Password Management 109

Password Management Passwords CISO Cybersecurity 109

Malwarebytes

NOVEMBER 1, 2023

The Securities and Exchange Commission (SEC) has announced charges against software company SolarWinds Corporation and its chief information security officer (CISO), Timothy G. Brown, for “fraud and internal control failures relating to allegedly known cybersecurity risks and vulnerabilities.”

CISO 136

CISO Risk Software Cybersecurity 136

Cisco Security

APRIL 26, 2021

Insights from our new Advisory CISO, Helen Patton. If there’s anyone who’s been put through their paces in the security industry, it’s Helen Patton , our new Advisory Chief Information Security Officer (CISO). Helen has come to Cisco from The Ohio State University, where she served as CISO for approximately eight years.

CISO 120

CISO Education Technology Media 120

SecureWorld News

MAY 13, 2025

Evidence showed: NSO sold hacking packages for $ 7 million to European clients ( 15 device slots per deal). Third- party software risks extend beyond the supply chain to nation- state surveillance contractors. Third- party software risks extend beyond the supply chain to nation- state surveillance contractors.

Spyware 105

Spyware Surveillance CISO Government 105

SecureWorld News

JUNE 20, 2024

As defenders of digital assets, Chief Information Security Officers (CISOs) and cybersecurity professionals face immense pressure, often leading to burnout. Key findings from the report include: 90% of CISOs are concerned about stress, fatigue, or burnout affecting their team's well-being.

CISO 125

CISO Cybersecurity Technology Digital transformation 125

CSO Magazine

APRIL 6, 2022

The panel members’ engaging insights remain instructive to CISO s today as security leaders strive to hone their increasingly important board presentation approaches. Another board member stressed that she focused nearly all her attention during CISO presentations on the information pertaining to the security budget.

CISO 99

CISO Hacking Risk 99

SecureWorld News

JULY 30, 2024

and its Chief CISO, Timothy G. The SEC accused SolarWinds of failing to adequately disclose cybersecurity risks and vulnerabilities, which allegedly misled investors about the company's security posture and internal controls. It emphasizes the importance of clear, accurate, and comprehensive risk factor disclosures.

CISO 113

CISO Risk Cybersecurity Accountability 113

CSO Magazine

FEBRUARY 23, 2023

Nearly half of CISOs will change jobs by 2025 due to stress caused by the risk of being breached while trying to retain staff, according to the Gartner report, Predicts 2023: Cybersecurity Industry Focuses on the Human Deal. This includes the knowledge that there are only two possible outcomes: get hacked or don’t.

CISO 100

CISO Data breaches Cybersecurity Hacking 100

Security Boulevard

MAY 20, 2025

That urgency was echoed powerfully in JPMorgan CISO Patrick Opets open letter to SaaS vendors. SaaS Is the New Enterprise Perimeter Weve long known our software supply chains carry risk. Among these are the North Korean IT workers hacks into U.S. We start by acknowledging the risk. That letter stuck with me.

Risk 52

Risk CISO Architecture Firewall 52

SecureWorld News

SEPTEMBER 30, 2020

It is a common feeling in the cybersecurity community that CISOs do not sleep well at night. CISOs worry about the latest incident, end of life technology in their environment, breaches in the news, insecure users and vendors, penetration testing results, budget and resources, and the latest vulnerability report (to name a few).

CISO 102

CISO Penetration Testing Technology Antivirus 102

eSecurity Planet

OCTOBER 18, 2024

EC-Council : The International Council of E-Commerce Consultants, or EC-Council, offers several certifications for different career paths but is best known for its white-hat hacking program. Chief Information Security Officer (CISO) As Chief Information Security Officer, you’ve arrived at the C-Suite.

Cybersecurity 125

Cybersecurity Artificial Intelligence Penetration Testing CISO 125

IT Security Guru

FEBRUARY 28, 2022

Given the connectivity needs of a remote workforce – and knowing a hybrid workforce is here to stay – many IT teams have had to make sudden changes in the way workers connect to corporate systems that could introduce new cyber risks and vulnerabilities. . Cloud dominance . Security landscape requires adaptation .

CISO 97

CISO Digital transformation Artificial Intelligence Risk 97

SC Magazine

APRIL 1, 2021

When Steve Katz was named chief information security officer of Citibank in 1995, he was given two directives: build the best information security department in the world and limit the damage from the 1994 hack of the bank’s funds transfer system. Listen to episode 6 of CISO Stories, Your Job is to Make CyberSecurity Simple!

Risk 97

Risk CISO Information Security Banking 97

SecureWorld News

JUNE 26, 2023

In a LinkedIn post today, June 26th, Jamil Farshchi, EVP and CISO at Equifax, had this to say about the news: "This is a really big deal. It's unprecedented: this is likely the first time a CISO has ever received one of these. So it seems odd for a CISO to get one of these," he wrote. federal securities laws."

CISO 113

CISO CSO Data privacy Cyber Risk 113

Security Boulevard

JANUARY 18, 2024

Cybersecurity risks increase every year and bludgeon victims who fail to prepare properly. For those interested in a better understanding of the oncoming risks, this is the information you are looking for. It can feel like crossing a major highway while blindfolded. Many never see the catastrophe about to happen, until it occurs.

Risk 115

Risk Cybersecurity CISO Technology 115

The Security Ledger

OCTOBER 7, 2021

Pondurance CISO Dustin Hutchison joins me to talk about how companies can operationalize MDR within their environment. The post Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchison appeared first on The Security Ledger with Paul F. Dustin Hutchison is CISO at Pondurance. Click the icon below to listen.

CISO 98

CISO InfoSec Backups Ransomware 98

The Security Ledger

OCTOBER 7, 2021

Pondurance CISO Dustin Hutchison joins me to talk about how companies can operationalize MDR within their environment. The post Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchinson appeared first on The Security Ledger with Paul F. Dustin Hutchinson is CISO at Pondurance. Click the icon below to listen.

CISO 97

CISO InfoSec Backups Ransomware 97

Security Boulevard

FEBRUARY 20, 2023

The post GoDaddy Hosting Hacked — for FOURTH Time in 4 Years appeared first on Security Boulevard. GoDaddy’s web hosting service breached yet again. This time, the perps were redirecting legit websites to malware.

Hacking 143

Hacking Malware Social Engineering CISO 143

Security Boulevard

APRIL 5, 2022

The post Mailchimp Hack Causes Theft of Trezor Crypto Wallet ‘Money’ appeared first on Security Boulevard. Hackers have stolen a mother lode of personal data from Intuit’s email marketing operation, Mailchimp.

Hacking 145

Hacking Marketing Social Engineering CISO 145

Security Boulevard

NOVEMBER 18, 2022

Facebook parent Meta has disciplined or fired at least 25 workers for allegedly hacking into user accounts. Meta Security Guards Hacked Facebook Users appeared first on Security Boulevard. The post Oops!

Hacking 128

Hacking Accountability Social Engineering CISO 128

SC Magazine

APRIL 21, 2021

The hack of Words with Friends in 2019 was high-profile, but today’s columnist, Yuval Elddad of CYE, says CISOs at all gaming companies have to take a closer look at the growing threats to online gaming platforms. Take a holistic approach, focusing on the real risks to business continuity and optimizing the cybersecurity investment.

CISO 94

CISO Marketing Accountability Passwords 94

BH Consulting

JANUARY 30, 2025

Cyber risk remains top of mind for business leaders A regular January fixture, the World Economic Forums Global Risk Report 2025 features two technology-related threats among the top five risks for the year ahead and beyond. The report ranks risks by severity over two-year and 10-year timeframes.

Cyber Risk 69

Cyber Risk Computers and Electronics Risk CISO 69

Security Boulevard

APRIL 18, 2025

Plus, learn why code-writing GenAI tools can put developers at risk of package-confusion attacks. Both frameworks have a Core section, which outlines detailed activities and outcomes aimed at helping organizations discuss risk management. Check out NISTs effort to further mesh its privacy and cyber frameworks.

Risk 59

Risk Cybersecurity Data privacy Software 59

SecureWorld News

OCTOBER 2, 2024

CISOs report a growing focus on managing AI-generated vulnerabilities and addressing insider threats amplified by the misuse of advanced AI tools. CISOs are working on improving collaboration with federal partners to share intelligence and best practices for AI threat management. Promote the CISO's role in digital transformation.

Cyber threats 116

Cyber threats CISO Digital transformation Artificial Intelligence 116

SC Magazine

MARCH 25, 2021

We are unsure what the rest of 2021 has in store, but the most successful CISOs will be the ones ensuring security teams have access to the latest intel and tools to be prepared for emerging threats. The SolarWinds hack brought the need for federal mandates on third-party vendors and suppliers to light in an unprecedented way.

CISO 96

CISO Cybersecurity CSO Government 96

Security Boulevard

MARCH 24, 2022

Identity credentials and source code are critical assets that can create major risks for your organization when exposed by breaches of third-party cloud service companies that provide identity management and software composition analysis. Know the risks of pushing your crown jewels into other services running in the cloud.

Risk 122

Risk Software Engineering Passwords 122

Security Boulevard

JANUARY 2, 2024

2023 Rewind — Cyber Trends and Threats The generative AI (r)evolution 2023 will be remembered as the year artificial intelligence (AI) rose to the forefront of our collective consciousness, ushering in never before seen opportunities and risks. A more mature third party risk management program. The solution?

CISO 104

CISO Social Engineering Architecture Ransomware 104

Security Boulevard

OCTOBER 26, 2021

The post New Russian Hacks Revealed—but U.S. Microsoft has issued another of its “look how clever we are” writeups of detecting APT29 hackers. But the U.S. government sees it differently. Says it’s Microsoft’s Fault appeared first on Security Boulevard.

Hacking 128

Hacking Government Social Engineering CISO 128

Notice Bored

AUGUST 5, 2022

Generally, though, the risk management and security arrangements quietly support and enable the business from the inside, as it were, rather than being exposed externally - unless they fail anyway! A glossy, nicely-constructed and detailed PowerPoint slide deck by Microsoft Security caught my beady this morning.

CISO 63

CISO Risk Artificial Intelligence Marketing 63

The Last Watchdog

JULY 11, 2023

By engaging third-party experts to simulate real-world hacks, companies can proactively uncover potential weaknesses and address them promptly. By using real-time antivirus scanning to detect and neutralize security risks as they enter the trading system, threats can be quickly identified and eliminated.

Penetration Testing 189

Penetration Testing Antivirus Threat Detection Encryption 189

Security Boulevard

FEBRUARY 10, 2023

Reddit got hacked with a “sophisticated” spear phishing attack. The post Reddit Hacked — 2FA is no Phishing Phix appeared first on Security Boulevard. The individual victim was an employee who clicked the wrong email link.

Phishing 111

Phishing Hacking Social Engineering CISO 111

SecureWorld News

MAY 3, 2023

If T-Mobile doesn't address the root cause of these breaches, it risks not only damaging its reputation but also losing out on millions of dollars from customers. If you were the CISO of T-Mobile right now, what would you do? Curious about past T-Mobile incidents?

Data breaches 98

Data breaches Mobile Risk Identity Theft 98