CISO, Internet and Risk - Cyber Security Informer

Best Practices Q&A: Guidance about what directors need to hear from CISOs — from a board member

The Last Watchdog

APRIL 8, 2024

CISOs can sometimes be their own worst enemy, especially when it comes to communicating with the board of directors. She serves on the board of several technology companies and also happens to be steeped in cyber risk governance. LW: Why do so many CISOs still not get it that FUD and doom-and-gloom don’t work?

CISO

CISO Risk Cybersecurity Insurance

Black Hat insights: JupiterOne’s whodunnit puts CISOs on the trail of solving a devastating breach

The Last Watchdog

AUGUST 6, 2023

Related: A call to regulate facial recognition That said, a few dozen CISOs attending Black Hat USA 2023 will get to experience, hands-on, what it must have been like to be in the crucible of milestone hacks like Capital One, SolarWinds and Colonial Pipeline. San Diego or New York City , feel free to skip ahead.

CISO

CISO Data breaches Technology Software

Cybersecurity Insights with Contrast CISO David Lindner | 2/9/24

Security Boulevard

FEBRUARY 9, 2024

Insight #1 From toasters to toothbrushes , the Internet of Things (IoT) continues to wreak havoc on the internet. As consumers, it's important to balance necessity with risk, just like with everything else. The post Cybersecurity Insights with Contrast CISO David Lindner | 2/9/24 appeared first on Security Boulevard.

CISO

CISO IoT Cybersecurity Manufacturing

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

MY TAKE: COVID-19 cements the leadership role CISOs must take to secure company networks

The Last Watchdog

MAY 13, 2020

cybersecurity policy needs to match societal values CISOs must preserve and protect their companies in a fast-changing business environment at a time when their organizations are under heavy bombardment. I had the chance to discuss this state of affairs with Vishal Salvi, CISO of Infosys. Salvi “The CISO role has fundamentally changed.

CISO

CISO Cybersecurity Digital transformation Risk

Best Practices Q&A: The importance of articulating how cybersecurity can be a business enabler

The Last Watchdog

APRIL 1, 2024

Forrester’s report lays out a roadmap for CIOs, CISOs and privacy directors to drive this transformation – by weaving informed privacy and security practices into every facet of their business; this runs the gamut from physical and information assets to customer experiences and investment strategies. LW: Cultural change is acutely difficult.

Cybersecurity

Cybersecurity CISO B2B Risk

NEW TECH: CASBs continue evolving to help CISOs address multiplying ‘cloud-mobile’ risks

The Last Watchdog

APRIL 29, 2020

Some CISOs, at first, were reserved and said, ‘We’re not moving to the cloud.’ Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be. So if you’re a Microsoft shop, you’re on an Office 365 and a Windows 10 migration path. What are they touching on a cloud app?

Mobile

Mobile CISO Risk Cloud Migration

Thousands of Data Center Management Apps Exposed to Internet

eSecurity Planet

FEBRUARY 2, 2022

Tens of thousands of applications that are critical to the operations of data centers around the globe are exposed to the internet, with many secured with default factory passwords, posing a significant cyber risk to enterprises worldwide. Exposing that to the public internet is like allowing terrorists to direct air traffic control.”.

Internet

Internet Internet Passwords Software

How CISOs Can Impact Security for All

Cisco Security

APRIL 26, 2021

Insights from our new Advisory CISO, Helen Patton. If there’s anyone who’s been put through their paces in the security industry, it’s Helen Patton , our new Advisory Chief Information Security Officer (CISO). Helen has come to Cisco from The Ohio State University, where she served as CISO for approximately eight years.

CISO

CISO Education Technology Media

Spotlight: Your IoT Risk Is Bigger Than You Think. (And What To Do About It.)

The Security Ledger

OCTOBER 28, 2021

Curtis and I discuss the growing cyber risks posed by Internet of Things devices within enterprise networks. Related Stories Spotlight: Automation Beckons as DevOps, IoT Drive PKI Explosion Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchison Spotlight: Operationalizing MDR with Pondurance CISO Dustin Hutchinson.

IoT

IoT Risk CISO Cyber Risk

RSAC Fireside Chat: APIs are wondrous connectors — and the wellspring of multiplying exposures

The Last Watchdog

MAY 1, 2024

At the close of 2019, API security was a concern, though not necessarily a top priority for many CISOs. It has become table stakes for companies to discover all of their APIs, now imperative for companies not just to discover all of their APIs, but also to understand them and categorize them according to risk level, Nagaraj argues.

CISO

CISO Internet Internet Risk

Patreon Fires its Security Team — and the Internet Freaks Out

Security Boulevard

SEPTEMBER 9, 2022

The post Patreon Fires its Security Team — and the Internet Freaks Out appeared first on Security Boulevard. Patreon, the notorious membership monetization platform, laid off its entire security team yesterday. Just like that.

Internet

Internet Internet CISO Security Awareness

10 NFT and cryptocurrency security risks that CISOs must navigate

CSO Magazine

APRIL 11, 2022

This new major shift in the internet's evolution promises to decentralize our digital world, offering users more control and a more transparent flow of information. Cryptocurrency and NFTs are on many organizations' agenda as they discuss the ramifications of Web3 and the opportunities it presents.

Cryptocurrency

Cryptocurrency CISO Risk Marketing

3 biggest cyber risks from the Ukraine-Russia conflict

CSO Magazine

FEBRUARY 28, 2022

The invasion of Ukraine by Russia is reason enough for all CISOs to place their teams at a heightened state of alert and readiness in the event of deleterious cyber actions by nation-state actors or the cybercriminal groups. preparing offensive cyber measures?

Cyber Risk

Cyber Risk Risk CISO Internet

How to find, fund and fix cyber risk blind spots

SC Magazine

MAY 11, 2021

Today’s columnist, Sean McDermott of RedMonocle, says that companies should use the NIST 800-53 security and privacy controls to help find cyber risk blind spots. The rapid, overnight shift exposed new cyber risk blind spots and gaps unknown to security leaders or executive teams. Credit: NIST. FUND cybersecurity priorities.

Cyber Risk

Cyber Risk Risk CISO Digital transformation

Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk

The Security Ledger

MAY 16, 2024

In this Spotlight Podcast, host Paul Roberts talks with Chris Walcutt, the CSO of DirectDefense about the rising cyber threats facing operational technology (OT) and how organizations that manage OT - including critical infrastructure owners can best manage increased cyber risks to OT environments. Read the whole entry. »

CSO

CSO Risk Energy and Utilities Social Engineering

BrandPost: The Fearless CISO: 4 Ways to Secure Everything

CSO Magazine

DECEMBER 17, 2021

Ransomware continued its ruthless path across industries, often putting lives at risk. The FBI’s Internet Crime Complaint Center reported 2,084 ransomware complaints from January to July 31, 2021, representing a 62% year-over-year increase.

CISO

CISO Ransomware Internet Internet

2021 Security Outcomes Study: Stress Relief for CISOs

Cisco Security

FEBRUARY 19, 2021

This affected all levels of the cybersecurity landscape, and it has had a particularly broad impact for those in the C-Suite, specifically, the Chief Information Security Officer (CISO). So, what is an already over-stressed CISO to do? For example, the Internet of Things (IoT) will grow to include the entire agricultural industry.

CISO

CISO Technology Digital transformation Cybersecurity

Five considerations for cloud migration, from the House of Representatives CISO

SC Magazine

MAY 18, 2021

“It’s about how you can do your business mission” in a different environment, with its own requirements for protecting data, Vickers said during his talk at the RSA Show’s Cloud Security Alliance CISO Summit. It’s crucial to understanding the fitness of the CSP to assess future risk. Security risk review.

Cloud Migration

Cloud Migration CISO Firewall Risk

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 3)

The Last Watchdog

DECEMBER 14, 2023

Last Watchdog posed two questions: •What should be my biggest takeaway from 2023, with respect to mitigating cyber risks at my organization? CISOs will have to get quantum resilient encryption on their cyber roadmap. In 2024 I encourage leadership to dedicate more attention to discussing the risks of spear phishing.

Cybersecurity

Cybersecurity Marketing Encryption CISO

BSides Knoxville 2023 – Zachary Hunsaker – Open Source Intelligence: What Does The Internet Know About You?

Security Boulevard

JULY 7, 2023

Permalink The post BSides Knoxville 2023 – Zachary Hunsaker – Open Source Intelligence: What Does The Internet Know About You? Our thanks to BSides Knoxville for publishing their presenter’s outstanding BSides Knoxville 2023 content on the organizations’ YouTube channel. appeared first on Security Boulevard.

Internet

Internet Internet CISO Education

Microsoft aims to expand cloud security by acquiring RiskIQ

SC Magazine

JULY 12, 2021

Doerr said with more than a decade of experience scanning and analyzing the internet, RiskIQ helps enterprises identify and remediate vulnerable assets before attackers can capitalize on them. “It He said it also enhances Microsoft’s ability to create a vocabulary of communication between the CEO, the CISO, the CFO and the CIO. .

CISO

CISO Internet Internet Risk

Black Hat Fireside Chat: Easy come, easy go access strengthens ‘Identity Threat Detection & Response’

The Last Watchdog

AUGUST 4, 2023

The rise of the remote workforce, post Covid-19, did nothing to make the already difficult task of doing Identity and Access Management ( IAM ) any easier for CISOs. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be. (LW I’ll keep watch and keep reporting.

Threat Detection

Threat Detection CISO Internet Internet

Inside the Complex Universe of Cybersecurity

SecureWorld News

JANUARY 11, 2024

Working as CISO, DeSouza's areas of expertise include strategic planning, risk management, identity management, cloud computing, and privacy. While it fosters innovation, automation, and productivity, it simultaneously introduces significant cybersecurity and privacy risks.

Cybersecurity

Cybersecurity CISO Cyber threats Risk

[updated] Atlassian: “Take immediate action” to patch your Confluence Data Center and Server instances

Malwarebytes

NOVEMBER 2, 2023

or later Atlassian strongly advises you apply the patch, even for instances that are not exposed to the public internet. Instances accessible over the public internet, including those with user authentication, should be restricted from external network access until they have been patched. or later 8.3.4 or later 8.4.4 or later 8.5.3

Authentication

Authentication CISO Internet Internet

NEW TECH: CyberGRX seeks to streamline morass of third-party cyber risk assessments

The Last Watchdog

MARCH 14, 2019

So they began inundating their third-party suppliers with “bespoke assessments” – customized cyber risk audits that were time consuming and redundant. Kneip also painted the wider context about why effective third-party cyber risk management is an essential ingredient to baking-in security at a foundational level. We take that away.

Cyber Risk

Cyber Risk Risk Digital transformation Accountability

Annual Reports: How They Warn of Cyber Risk

SecureWorld News

OCTOBER 20, 2021

Cyberrisk is business risk. But how should we communicate this risk to the business, to clients, or to investors? Accenture annual report: risks we face from cyberattacks. However, we were most interested in seeing how Accenture articulated a particular business risk: the risk from a cyberattack.

Cyber Risk

Cyber Risk Risk Insurance Cyber Insurance

Water utility CISO offers tips to stay secure as IT and OT converge

SC Magazine

APRIL 26, 2021

Kristin Sanders, CISO for the Albuquerque Bernalillo County Water Utility Authority, revealed how New Mexico’s largest water and wastewater utility has been addressing the security challenge. However, such modernization is not without risk. Route 66 runs through downtown Albuquerque, New Mexico. Asaavedra32, CC BY-SA 3.0

CISO

CISO IoT VPN InfoSec

RSAC insights: How ‘TPRM’ can help shrink security skills gap — while protecting supply chains

The Last Watchdog

JUNE 2, 2022

Third-Party Risk Management ( TPRM ) has been around since the mid-1990s – and has become something of an auditing nightmare. Related: A call to share risk assessments. This is because third-party risk has become a huge problem for enterprises in the digital age. Cyber risks profiling. based CyberGRX. Cyber hygiene boost.

Cyber Risk

Cyber Risk Risk Digital transformation Insurance

NEW TECH: Devolutions’ ‘PAM’ solution helps SMBs deal with rising authentication risks

The Last Watchdog

MARCH 10, 2020

I spoke with Maurice Côté, VP Business Solutions, and Martin Lemay, CISO, of Devolutions , at the RSA 2020 Conference in San Francisco recently. I believe there’s pent up demand from SMBs for cost-effective services that can reduce the potentially catastrophic cyber risks they face every day. It’s really about offering value.”

Authentication

Authentication Risk Digital transformation Passwords

Importance of Cybersecurity Profession Highlights SecureWorld Chicago

SecureWorld News

JUNE 13, 2023

And so we think about different types of cybersecurity risk and how those risks or vulnerabilities or threat actors can actually impede that ability or an organization to meet those objectives," said Mary Faulkner, CISO at Thrivent, one of four panelists that took the stage to kick off the conference.

Cybersecurity

Cybersecurity CISO InfoSec Risk

CISO’s 2023 Planning Guide for ERP Applications

Security Boulevard

JANUARY 23, 2023

CISO’s 2023 Planning Guide for ERP Applications maaya.alagappan Mon, 01/23/2023 - 15:48 ERP systems, such as SAP and Oracle applications, run essential business functions and contain an organization’s most valuable data from HR and customer information to intellectual property and company financials.

CISO

CISO Risk Threat Reports Marketing

Spotlight on Cybersecurity Leaders: Kip Boyle

SecureWorld News

NOVEMBER 2, 2022

He helps senior decision makers overcome cybersecurity sales objections and manages unlimited cyber risks through rigorous prioritization. In the private sector, he was a CISO for an insurance company, credit card processor, bank, credit union, and IT Managed Service Provider. He's served as a captain with the F-22 program in the U.S.

Cybersecurity

Cybersecurity Cyber Insurance Insurance Cyber Risk

Report: Cyber Insurance Not Driving Ransomware Market

SecureWorld News

AUGUST 1, 2023

The role of the cyber insurance industry The research emphasizes that cyber insurance providers play a vital role in mitigating ransomware risks. Rather than being a direct enabler of ransom payments, the insurance industry has evolved to provide risk management resources and access to industry-leading security professionals and vendors.

Cyber Insurance

Cyber Insurance Insurance Marketing Ransomware

The Unseen Threats: Anticipating Cybersecurity Risks in 2024

Security Boulevard

JANUARY 18, 2024

Cybersecurity risks increase every year and bludgeon victims who fail to prepare properly. For those interested in a better understanding of the oncoming risks, this is the information you are looking for. It can feel like crossing a major highway while blindfolded. Many never see the catastrophe about to happen, until it occurs.

Risk

Risk Cybersecurity CISO Technology

Security Researchers Find Nearly 400,000 Exposed Databases

eSecurity Planet

MAY 3, 2022

Researchers at Singapore-based cybersecurity company Group-IB recently discovered thousands of databases exposed to the internet that could have been exploited when they were left unprotected. A data breach, a follow-up strike on clients whose data was exposed, and other risks may result from an exposed database.

Social Engineering

Social Engineering Internet Internet Risk

MY TAKE: Fostering Digital Trust – the role of ‘post-quantum crypto’ and ‘crypto agility’ in 2024

The Last Watchdog

DECEMBER 13, 2023

What’s more, a fresh layer of risks posed by the rise of quantum computing looms large. This will give software developers, CISOs and other stakeholders a sandbox to test and understand the practical implications of integrating the new NIST algorithms into their systems, he says. I’ll keep watch and keep reporting.

Encryption

Encryption Technology CISO IoT

Second-Guessing the CISO in an Emergency

Duo's Security Blog

FEBRUARY 8, 2021

How do you reach the maximum number of people, who have varying levels of poverty, Internet access, and technical knowledge, and stand up this service by next week? Sometimes “Good Enough” Wins Sometimes “good enough” is the best that you can do in a pinch.

CISO

CISO Passwords Authentication Accountability

GUEST ESSAY: Addressing DNS, domain names and Certificates to improve security postures

The Last Watchdog

DECEMBER 6, 2019

Although, the topic has gained popularity amongst CIOs and CISOs, most companies are still overlooking important security blind spots when it comes to securing their digital assets outside the enterprise firewalls—domains, DNS, digital certificates. I like to think of this topic like the electricity that powers our homes.

DNS

DNS Firewall Social Engineering Risk

Firms with exposed IoT have a higher concentration of other security problems

SC Magazine

JANUARY 29, 2021

The data shows that smaller indicators of cybersecurity risk performance, particularly on the negative side are strong indicators of larger problems. Let’s say you had a printer operating on the internet. So, how can CISOs operationalize that kind of information? ’ That’s another indicator of larger issues.

IoT

IoT Internet Internet CISO

“Left of Boom” Cybersecurity: Proactive Cybersecurity in a Time of Increasing Threats and Attacks

Cisco Security

OCTOBER 18, 2021

About 15 years ago, the idiom began to be applied to cybersecurity, where the risk management continuum values the investment in protection to mitigate the negative consequences of a cyber incident. We can never eliminate risk entirely, but we can manage it effectively with “Left of Boom” processes and procedures.

Cybersecurity

Cybersecurity CISO Insurance Risk

A Reactive Cybersecurity Strategy Is No Strategy at All

CyberSecurity Insiders

MAY 18, 2022

A foundational approach to cybersecurity empowers CISOs to see abnormalities and block threats before they do damage. By increasing visibility into DNS traffic, CISOs can detect, block, and respond to incidents more quickly as well as use this data to institute new controls and increase overall resiliency.

DNS

DNS Cybersecurity CISO Social Engineering

GUEST ESSAY: Now more than ever, companies need to proactively promote family Online Safety

The Last Watchdog

FEBRUARY 15, 2021

Consider that kids are constantly connected on the internet with online games, streaming devices, virtual schooling, and zoom play dates. Mistakes online by one family member can lead to compromises in a household’s network, placing computers, personal data, and perhaps even work-related content at risk. We’re all connected.

Education

Education CISO Security Awareness Cybersecurity

Mitigate insider threats by focusing on people, process and technology

SC Magazine

MARCH 12, 2021

The pandemic has challenged CISOs worldwide to adapt their security strategies—often years early—to create a safe work-from-home environment. But this shift has caused a growing risk: the insider threat. The longer the time, the higher the risk. Use a people-centric strategy to circumvent insider risk. Lucia Milic?,

Technology

Technology CISO Risk Government

Businesses Secretly Pentest Partners as Supply Chain Fears Grow

eSecurity Planet

SEPTEMBER 29, 2022

Howard Taylor, CISO of Radware, goes so far as to call it the “death of trust.” But the mere presence of closet security testers secretly carrying out pentests on partner and customer internet-facing resources could have serious repercussions on relationships if discovered. Taylor terms this “shadow compliance.”

Insurance

Insurance Software Internet Internet

Best Practices Q&A: Guidance about what directors need to hear from CISOs — from a board member

Black Hat insights: JupiterOne’s whodunnit puts CISOs on the trail of solving a devastating breach

Webinars

Trending Sources

Cybersecurity Insights with Contrast CISO David Lindner | 2/9/24

Webinars

MY TAKE: COVID-19 cements the leadership role CISOs must take to secure company networks

Best Practices Q&A: The importance of articulating how cybersecurity can be a business enabler

NEW TECH: CASBs continue evolving to help CISOs address multiplying ‘cloud-mobile’ risks

Thousands of Data Center Management Apps Exposed to Internet

How CISOs Can Impact Security for All

Spotlight: Your IoT Risk Is Bigger Than You Think. (And What To Do About It.)

RSAC Fireside Chat: APIs are wondrous connectors — and the wellspring of multiplying exposures

Patreon Fires its Security Team — and the Internet Freaks Out

10 NFT and cryptocurrency security risks that CISOs must navigate

3 biggest cyber risks from the Ukraine-Russia conflict

How to find, fund and fix cyber risk blind spots

Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk

BrandPost: The Fearless CISO: 4 Ways to Secure Everything

2021 Security Outcomes Study: Stress Relief for CISOs

Five considerations for cloud migration, from the House of Representatives CISO

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 3)

BSides Knoxville 2023 – Zachary Hunsaker – Open Source Intelligence: What Does The Internet Know About You?

Microsoft aims to expand cloud security by acquiring RiskIQ

Black Hat Fireside Chat: Easy come, easy go access strengthens ‘Identity Threat Detection & Response’

Inside the Complex Universe of Cybersecurity

[updated] Atlassian: “Take immediate action” to patch your Confluence Data Center and Server instances

NEW TECH: CyberGRX seeks to streamline morass of third-party cyber risk assessments

Annual Reports: How They Warn of Cyber Risk

Water utility CISO offers tips to stay secure as IT and OT converge

RSAC insights: How ‘TPRM’ can help shrink security skills gap — while protecting supply chains

NEW TECH: Devolutions’ ‘PAM’ solution helps SMBs deal with rising authentication risks

Importance of Cybersecurity Profession Highlights SecureWorld Chicago

CISO’s 2023 Planning Guide for ERP Applications

Spotlight on Cybersecurity Leaders: Kip Boyle

Report: Cyber Insurance Not Driving Ransomware Market

The Unseen Threats: Anticipating Cybersecurity Risks in 2024

Security Researchers Find Nearly 400,000 Exposed Databases

MY TAKE: Fostering Digital Trust – the role of ‘post-quantum crypto’ and ‘crypto agility’ in 2024

Second-Guessing the CISO in an Emergency

GUEST ESSAY: Addressing DNS, domain names and Certificates to improve security postures

Firms with exposed IoT have a higher concentration of other security problems

“Left of Boom” Cybersecurity: Proactive Cybersecurity in a Time of Increasing Threats and Attacks

A Reactive Cybersecurity Strategy Is No Strategy at All

GUEST ESSAY: Now more than ever, companies need to proactively promote family Online Safety

Mitigate insider threats by focusing on people, process and technology

Businesses Secretly Pentest Partners as Supply Chain Fears Grow

Stay Connected