CISO, InfoSec and Risk - Cyber Security Informer

Assessing Third-Party InfoSec Risk Management

Security Boulevard

JUNE 14, 2023

Information security (InfoSec) risk management with third parties, including outsourcing, requires persistence and consistency due to the primary business risk it presents. The post Assessing Third-Party InfoSec Risk Management appeared first on Security Boulevard.

InfoSec

InfoSec Risk Information Security CISO

2023 Will Be The Year of Risk: 8 InfoSec Predictions for the New Year

Security Boulevard

DECEMBER 29, 2022

The post 2023 Will Be The Year of Risk: 8 InfoSec Predictions for the New Year appeared first on Hyperproof. The post 2023 Will Be The Year of Risk: 8 InfoSec Predictions for the New Year appeared first on Security Boulevard.

InfoSec

InfoSec Risk Cyber Attacks CISO

CISO Liability Risk and Jail Time, (ISC)2 Bylaw Vote and the Value of Cybersecurity Certifications

Security Boulevard

OCTOBER 30, 2022

Rafal Los, host of the popular Down the Security Rabbithole Podcast, joins us to discuss CISO liability risk and the ongoing discussion in the cybersecurity community about CISOs going to jail.

CISO

CISO Risk Cybersecurity Data privacy

Why Predator is the ultimate CISO movie

Javvad Malik

OCTOBER 29, 2020

I was reminded of this by Phil Cracknell who posted on linkedin that in his opinion the Kevin Costner, Whitney Houston classic, Bodyguard was the best infosec movie. The movie starts on the outskirts of a jungle and the CISO (Arnie) with his team land in their helicopters. Don’t believe me? Well read on.

CISO

CISO InfoSec Banking Backups

CISO Stories Podcast: No Insider Cybersecurity Risk? Guess Again!

Security Boulevard

JUNE 9, 2021

The post CISO Stories Podcast: No Insider Cybersecurity Risk? What happens when an employee decides to leave the organization and start their own business – but with your Intellectual property or customer lists? . Guess Again! appeared first on Security Boulevard.

CISO

CISO Risk Cybersecurity Security Awareness

Hacking It as a CISO: Advice for Security Leadership

Dark Reading

AUGUST 10, 2020

A security leader shares tips for adopting a CISO mindset, creating risk management strategies, and "selling infosec" to IT and executives.

CISO

CISO InfoSec Hacking Risk

InfoSec Leaders Share in Podcast Interview at SecureWorld Philadelphia

SecureWorld News

APRIL 28, 2023

One of the notable sessions at the SecureWorld Philadelphia conference, April 19-20, was a podcast recording featuring three prominent Philadelphia area cybersecurity experts, in a session titled, "CISOs Riff on the Latest in Cybersecurity. Glanden serves up the specialty cocktail of the day, the "CISO."

InfoSec

InfoSec CISO Ransomware Information Security

Hi-5 With A CISO Mário Fernandes, Banco BPI

Security Boulevard

MAY 30, 2021

CybeReady’s Hi-5 brings together InfoSec leaders for peer-to-peer sharing via five short questions and insights. The post Hi-5 With A CISO Mário Fernandes, Banco BPI appeared first on CybeReady. The post Hi-5 With A CISO Mário Fernandes, Banco BPI appeared first on Security Boulevard.

CISO

CISO InfoSec Banking Cybersecurity

Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchison

The Security Ledger

OCTOBER 7, 2021

Pondurance CISO Dustin Hutchison joins me to talk about how companies can operationalize MDR within their environment. The post Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchison appeared first on The Security Ledger with Paul F. Dustin Hutchison is CISO at Pondurance. Click the icon below to listen.

CISO

CISO InfoSec Backups Ransomware

Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchinson

The Security Ledger

OCTOBER 7, 2021

Pondurance CISO Dustin Hutchison joins me to talk about how companies can operationalize MDR within their environment. The post Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchinson appeared first on The Security Ledger with Paul F. Dustin Hutchinson is CISO at Pondurance. Click the icon below to listen.

CISO

CISO InfoSec Backups Ransomware

Why CISOs Are Joining 'The Great Resignation'

SecureWorld News

DECEMBER 8, 2022

We hear it all the time: there are not enough people to fill all the cybersecurity roles (including CISOs) that are currently available, not to mention the openings expected in the coming months and years. Being a CISO sometimes serves as the catalyst to finding a new career path.". People want: Work-life balance.

CISO

CISO Cyber Risk Cybersecurity Accountability

CISO Challenge: Check Your Cybersecurity Skills On This New Competition Site

The Hacker News

MAY 6, 2021

InfoSec leaders tend to be a specific type. Their jobs require them to think of possible threats, take actions that may not pay immediate results, plan for unknown security risks, and react quickly when emergencies arise, often before the morning's first coffee.

CISO

CISO InfoSec Cybersecurity Risk

InfoSec Reviews in Project Management Workflows

Security Boulevard

FEBRUARY 8, 2021

The post InfoSec Reviews in Project Management Workflows appeared first on Security Boulevard. I agree – this is very important. But there’s one topic that does not get.

InfoSec

InfoSec Information Security Software CISO

CISO workshop slides

Notice Bored

AUGUST 5, 2022

Generally, though, the risk management and security arrangements quietly support and enable the business from the inside, as it were, rather than being exposed externally - unless they fail anyway! A glossy, nicely-constructed and detailed PowerPoint slide deck by Microsoft Security caught my beady this morning.

CISO

CISO Risk Artificial Intelligence Marketing

Episode 209: Fortinet’s Renee Tarun on Scaling InfoSec To Meet Tomorrow’s Challenges

The Security Ledger

APRIL 2, 2021

The information security industry needs both better tools to fight adversaries, and more people to do the fighting, says Fortinet Deputy CISO Renee Tarun in this interview with The Security Ledger Podcast’s Paul Roberts. The post Episode 209: Fortinet’s Renee Tarun on Scaling InfoSec To Meet Tomorrow’s Challenges appeared first on The.

InfoSec

InfoSec CISO Information Security Cyber Risk

Hi-5 With A CISO Piotr Stecz, Adamed Pharma

Security Boulevard

JUNE 22, 2021

CybeReady’s Hi-5 brings together InfoSec leaders for peer-to-peer sharing via five short questions and insights. The post Hi-5 With A CISO Piotr Stecz, Adamed Pharma appeared first on CybeReady. The post Hi-5 With A CISO Piotr Stecz, Adamed Pharma appeared first on CybeReady.

CISO

CISO InfoSec Phishing Security Awareness

Hi-5 With A CISO Dmitriy Sokolovskiy, Avid Technology

Security Boulevard

MAY 20, 2021

CybeReady’s Hi-5 brings together InfoSec leaders for peer-to-peer sharing via five short questions and insights. The post Hi-5 With A CISO Dmitriy Sokolovskiy, Avid Technology appeared first on CybeReady. The post Hi-5 With A CISO Dmitriy Sokolovskiy, Avid Technology appeared first on Security Boulevard.

CISO

CISO Technology InfoSec Information Security

Hi-5 With A CISO Andrea Szeiler, Transcom

Security Boulevard

MAY 4, 2021

CybeReady’s Hi-5 brings together InfoSec leaders for peer-to-peer sharing via five short questions and insights. The post Hi-5 With A CISO Andrea Szeiler, Transcom appeared first on CybeReady. The post Hi-5 With A CISO Andrea Szeiler, Transcom appeared first on Security Boulevard.

CISO

CISO InfoSec Information Security Cybersecurity

Spotlight on Cybersecurity Leaders: Bill Bowman

SecureWorld News

FEBRUARY 26, 2024

He has been a first-hired CISO at five different companies. A : When I was with Bright Horizons, many top-tier clients demanded InfoSec competence. A : I started 16 quarters ago when the company needed its first CISO. A : Moving the reporting line to risk (GC/CLO); using AI. I learned from them. I learned from them.

Cybersecurity

Cybersecurity CISO InfoSec Data privacy

December 15 Marks Deadline for SEC's New Cyber Disclosure Rules

SecureWorld News

DECEMBER 11, 2023

We covered the new rules on July 31, with some thoughts from InfoSec leaders. Public companies will also have to share details about their "cybersecurity risk management, strategy, and governance" on an annual basis. The threat of cyber disruption is material and represents a risk to businesses.

CISO

CISO Risk Cybersecurity CSO

6 Unique InfoSec Metrics CISOs Should Track in 2020

Dark Reading

JANUARY 10, 2020

But they can help evaluate risks you haven't even considered yet. You might not find these measurements on a standard cybersecurity department checklist.

InfoSec

InfoSec CISO Risk Cybersecurity

Burnout: The Hidden Cost of Working in Cybersecurity & Other High Risk Fields

Jane Frankland

JUNE 20, 2023

In this blog, and ahead of my talk at Infosec this week , I’m delving into this, and giving you tips for recognising its signs and preventing it as a leader. And these changes increase the risk of developing anxiety, depression, and other mental health issues. The stakes are simply too high to neglect this.

Cybersecurity

Cybersecurity Risk InfoSec CISO

BSides Knoxville 2023 – Patterson Cake – 10 Things I Wish Every CISO Knew Before An Incident: A View From The IR Trenches

Security Boulevard

JULY 14, 2023

Permalink The post BSides Knoxville 2023 – Patterson Cake – 10 Things I Wish Every CISO Knew Before An Incident: A View From The IR Trenches appeared first on Security Boulevard. Our thanks to BSides Knoxville for publishing their presenter’s outstanding BSides Knoxville 2023 content on the organizations’ YouTube channel.

CISO

CISO Architecture Education Risk

Five 2023 Cybersecurity Predictions by Doug Dooley

CyberSecurity Insiders

DECEMBER 6, 2022

CISO shortage. CISO exodus. Chief Information Security Officers (CISOs) have a rare combination of business acumen, operational knowledge, technical insights, and legal/compliance experience. The net result will be less employment opportunities and eventually less job-hoping in 2023 despite the talent shortfall in IT security.

Cybersecurity

Cybersecurity CISO InfoSec Technology

BSides Tampa 2021 -Michael Melore’s, Hussein Syed’s, Charles Gagnon’s And Timothy Swope’s ‘CISO Panel, Managing Organizational Risk During A World Pandemic’

Security Boulevard

JUNE 24, 2021

The post BSides Tampa 2021 -Michael Melore’s, Hussein Syed’s, Charles Gagnon’s And Timothy Swope’s ‘CISO Panel, Managing Organizational Risk During A World Pandemic’ appeared first on Security Boulevard. Enjoy the Education!

CISO

CISO Risk Education InfoSec

Inside the Complex Universe of Cybersecurity

SecureWorld News

JANUARY 11, 2024

Working as CISO, DeSouza's areas of expertise include strategic planning, risk management, identity management, cloud computing, and privacy. While it fosters innovation, automation, and productivity, it simultaneously introduces significant cybersecurity and privacy risks. Zero Trust has come of age.

Cybersecurity

Cybersecurity CISO Cyber threats Risk

Importance of Cybersecurity Profession Highlights SecureWorld Chicago

SecureWorld News

JUNE 13, 2023

It was fitting that the opening keynote panel for SecureWorld Chicago on June 8th was titled " Making the Cybersecurity Music: Navigating Challenges and Opportunities in Today's InfoSec Landscape. Buerger recently joined Kraft Heinz as its Business Information Security Officer after serving as CISO at a smaller company.

Cybersecurity

Cybersecurity CISO InfoSec Risk

CyberSaint STRONGER 2022 Conference Call for Speakers is Open!

CyberSecurity Insiders

FEBRUARY 1, 2022

BOSTON–( BUSINESS WIRE )– CyberSaint , the developer of the leading platform delivering cyber risk automation, today announced that the company is seeking speaker submissions for its virtual STRONGER conference, set to occur September 13th-15th 2022. Conference Tracks: Frameworks, Security, & Risk. InfoSec 360.

Digital transformation

Digital transformation InfoSec CISO Education

First American Financial Pays Farcical $500K Fine

Krebs on Security

JUNE 18, 2021

Under First American’s documented vulnerability remediation policies, the data leak was classified as a security weakness with a “level 3” severity, which placed it in the “medium risk” category and required remediation within 45 days. “The [employee] did not request a waiver or risk acceptance from the CISO.”

Insurance

Insurance Risk Financial Services CISO

New York Financial Services Firms to Face More Cybersecurity Oversight

SecureWorld News

NOVEMBER 28, 2022

Designate a qualified individual (CISO or equivalent) responsible or overseeing and implementing a cybersecurity program and enforcing its cybersecurity policy. Require the CISO to provide a written report at least annually to the board or equivalent governing body. Have Infosec certifications and passion for #cyber and #dataprivacy.

Financial Services

Financial Services Cybersecurity CISO InfoSec

CISO Stories Podcast: Fiscally Responsible Ways to Train and Build Community

Security Boulevard

SEPTEMBER 23, 2021

The post CISO Stories Podcast: Fiscally Responsible Ways to Train and Build Community appeared first on Security Boulevard. All organizations must have security awareness training programs to teach basics to end users. Similarly, the technical teams need to be exposed to flexible training that is interesting to them.

CISO

CISO Security Awareness Risk InfoSec

CISO Stories Podcast: Necessity is the Mother of Security

Security Boulevard

APRIL 29, 2021

The post CISO Stories Podcast: Necessity is the Mother of Security appeared first on Security Boulevard. Tatu Ylönen, SSH founder and inventor of Secure Shell, discusses the genesis for the protocol and his keen interest in the application of technological solutions to fundamental cybersecurity challenges - check it out.

CISO

CISO Technology Cybersecurity Healthcare

My Top 5 Blogs of the Year

Javvad Malik

NOVEMBER 27, 2020

5: Writing better risk statements Do you struggle to articulate security risks? 2: Why Predator is the ultimate CISO movie I really enjoyed writing this – and was surprised at how much love and attention this got. It’s one big inside joke that you’ll only appreciate if you’ve worked in infosec.

InfoSec

InfoSec CISO Risk

Water utility CISO offers tips to stay secure as IT and OT converge

SC Magazine

APRIL 26, 2021

Kristin Sanders, CISO for the Albuquerque Bernalillo County Water Utility Authority, revealed how New Mexico’s largest water and wastewater utility has been addressing the security challenge. However, such modernization is not without risk. Route 66 runs through downtown Albuquerque, New Mexico. Asaavedra32, CC BY-SA 3.0

CISO

CISO IoT VPN InfoSec

CISO Stories Podcast: He Fought the FTC Over a Breach and Won

Security Boulevard

APRIL 21, 2021

The post CISO Stories Podcast: He Fought the FTC Over a Breach and Won appeared first on Security Boulevard. Hopefully, you won’t ever have to hire a lawyer to defend yourself against a government regulator.

CISO

CISO Data breaches Government Healthcare

Business Must Change: InfoSec in 2019

The Falcon's View

JANUARY 3, 2019

Consider, if you will, that fundamentally we in infosec want people to make better decisions. That's right, it's infosec. From a functional perspective, this means a few very specific things for infosec: 1) We must continue to work in a collaborative and consultative manner with everyone else in the organization.

InfoSec

InfoSec Engineering Digital transformation CISO

BSides Knoxville 2023 – Sara Anstey – Educating Your Guesses: How To Quantify Risk and Uncertainty

Security Boulevard

JULY 13, 2023

Permalink The post BSides Knoxville 2023 – Sara Anstey – Educating Your Guesses: How To Quantify Risk and Uncertainty appeared first on Security Boulevard. Our thanks to BSides Knoxville for publishing their presenter’s outstanding BSides Knoxville 2023 content on the organizations’ YouTube channel.

Education

Education Risk Architecture CISO

Noname Security Appoints Strategic Advisory Board Amid Impressive Growth

CyberSecurity Insiders

JANUARY 20, 2022

.–( BUSINESS WIRE )– Noname Security , the API security company, today announced the formation of a Strategic Advisory Board to support the company’s global expansions and establish Noname as a trusted API security provider to CISOs around the world. Alissa Knight , CISO, recovering hacker, InfoSec influencer.

CISO

CISO InfoSec Technology Cybersecurity

Inflation Is Making Cybersecurity Even More Challenging for Leaders

SecureWorld News

OCTOBER 19, 2023

Increased risk of cyberattacks The rising cost of living can lead to an increase in cybercrime, as people become more desperate to make money. I think it requires taking a step back and assessing what you can do with less," said Chris Roberts, CISO and Senior Director at Boom Supersonic. This is more critical now than it's ever been."

Cybersecurity

Cybersecurity CISO Education Phishing

Peer Report Explores Concerns, Challenges Facing Cybersecurity Leaders

SecureWorld News

AUGUST 23, 2023

This morning, Critical Start released its first ever Cyber Risk Landscape Peer Report , which explores some of the major concerns and challenges currently confronting cybersecurity leaders as they manage risk within their organizations. Here are some comments on the cyber risk landscape from cybersecurity vendor experts.

Cybersecurity

Cybersecurity Cyber Risk Risk Cyber Insurance

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

SecureWorld News

JULY 31, 2023

Cybersecurity professionals have various views on last week's news from the United States Securities and Exchange Commission (SEC) when it surprised the InfoSec community and the C-suites of corporate America. Many CISOs are already burnt out, and there is shortage of qualified CISOs globally.

CISO

CISO InfoSec Risk Cybersecurity

Time suck: Security awareness pros are getting sidetracked from core functions

SC Magazine

MARCH 29, 2021

Distractions and diversions are all too frequently stealing time away from security awareness professionals, forcing them to tend to non-critical tasks while setting aside their core responsibilities of developing a strong internal infosec culture. Brian Johnson, chief security officer at Armorblox, and former CISO at LendingClub.

Security Awareness

Security Awareness InfoSec CISO Media

Build an insider threat management program that involves everyone

SC Magazine

JULY 13, 2021

Today’s columnist, Deborah Watson of Proofpoint, says with so much work conducted via virtual meetings, risk has increased and businesses have to pay more attention to an insider threat management program. Think of Insider Threat Management Programs (ITMPs) as a holistic focus on managing the risks that insiders pose to your corporate assets.

Risk

Risk InfoSec Media Technology

Google won’t reveal technical details on patches for 30 days if vendors hit deadlines

SC Magazine

APRIL 16, 2021

Too many other vendors and enterprise infosec organizations take an unacceptable ‘head in the sand’ approach, just hoping vulnerabilities will go away,” said Yaniv Bar-Dayan, co-founder and CEO of Vulcan Cyber. Security researchers applauded Google for putting substantial effort into trying to improve vulnerability disclosure initiatives.

InfoSec

InfoSec Risk CISO Media

Assessing Third-Party InfoSec Risk Management

2023 Will Be The Year of Risk: 8 InfoSec Predictions for the New Year

Trending Sources

CISO Liability Risk and Jail Time, (ISC)2 Bylaw Vote and the Value of Cybersecurity Certifications

Why Predator is the ultimate CISO movie

CISO Stories Podcast: No Insider Cybersecurity Risk? Guess Again!

Hacking It as a CISO: Advice for Security Leadership

InfoSec Leaders Share in Podcast Interview at SecureWorld Philadelphia

Hi-5 With A CISO Mário Fernandes, Banco BPI

Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchison

Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchinson

Why CISOs Are Joining 'The Great Resignation'

CISO Challenge: Check Your Cybersecurity Skills On This New Competition Site

InfoSec Reviews in Project Management Workflows

CISO workshop slides

Episode 209: Fortinet’s Renee Tarun on Scaling InfoSec To Meet Tomorrow’s Challenges

Hi-5 With A CISO Piotr Stecz, Adamed Pharma

Hi-5 With A CISO Dmitriy Sokolovskiy, Avid Technology

Hi-5 With A CISO Andrea Szeiler, Transcom

Spotlight on Cybersecurity Leaders: Bill Bowman

December 15 Marks Deadline for SEC's New Cyber Disclosure Rules

6 Unique InfoSec Metrics CISOs Should Track in 2020

Burnout: The Hidden Cost of Working in Cybersecurity & Other High Risk Fields

BSides Knoxville 2023 – Patterson Cake – 10 Things I Wish Every CISO Knew Before An Incident: A View From The IR Trenches

Five 2023 Cybersecurity Predictions by Doug Dooley

BSides Tampa 2021 -Michael Melore’s, Hussein Syed’s, Charles Gagnon’s And Timothy Swope’s ‘CISO Panel, Managing Organizational Risk During A World Pandemic’

Inside the Complex Universe of Cybersecurity

Importance of Cybersecurity Profession Highlights SecureWorld Chicago

CyberSaint STRONGER 2022 Conference Call for Speakers is Open!

First American Financial Pays Farcical $500K Fine

New York Financial Services Firms to Face More Cybersecurity Oversight

CISO Stories Podcast: Fiscally Responsible Ways to Train and Build Community

CISO Stories Podcast: Necessity is the Mother of Security

My Top 5 Blogs of the Year

Water utility CISO offers tips to stay secure as IT and OT converge

CISO Stories Podcast: He Fought the FTC Over a Breach and Won

Business Must Change: InfoSec in 2019

BSides Knoxville 2023 – Sara Anstey – Educating Your Guesses: How To Quantify Risk and Uncertainty

Noname Security Appoints Strategic Advisory Board Amid Impressive Growth

Inflation Is Making Cybersecurity Even More Challenging for Leaders

Peer Report Explores Concerns, Challenges Facing Cybersecurity Leaders

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

Time suck: Security awareness pros are getting sidetracked from core functions

Build an insider threat management program that involves everyone

Google won’t reveal technical details on patches for 30 days if vendors hit deadlines

Stay Connected