CISO, Internet, Risk and Technology - Cyber Security Informer

Best Practices Q&A: Guidance about what directors need to hear from CISOs — from a board member

The Last Watchdog

APRIL 8, 2024

CISOs can sometimes be their own worst enemy, especially when it comes to communicating with the board of directors. She serves on the board of several technology companies and also happens to be steeped in cyber risk governance. LW: Why do so many CISOs still not get it that FUD and doom-and-gloom don’t work?

CISO

CISO Risk Cybersecurity Insurance

Black Hat insights: JupiterOne’s whodunnit puts CISOs on the trail of solving a devastating breach

The Last Watchdog

AUGUST 6, 2023

Related: A call to regulate facial recognition That said, a few dozen CISOs attending Black Hat USA 2023 will get to experience, hands-on, what it must have been like to be in the crucible of milestone hacks like Capital One, SolarWinds and Colonial Pipeline. San Diego or New York City , feel free to skip ahead.

CISO

CISO Data breaches Technology Software

MY TAKE: COVID-19 cements the leadership role CISOs must take to secure company networks

The Last Watchdog

MAY 13, 2020

cybersecurity policy needs to match societal values CISOs must preserve and protect their companies in a fast-changing business environment at a time when their organizations are under heavy bombardment. I had the chance to discuss this state of affairs with Vishal Salvi, CISO of Infosys. Salvi “The CISO role has fundamentally changed.

CISO

CISO Cybersecurity Digital transformation Risk

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Best Practices Q&A: The importance of articulating how cybersecurity can be a business enabler

The Last Watchdog

APRIL 1, 2024

The technology and best practices for treating cybersecurity as a business enabler, instead of an onerous cost-center, have long been readily available. These key capabilities fall under the four competencies of oversight, process risk management, technology risk management, and human risk management.

Cybersecurity

Cybersecurity CISO B2B Risk

RSAC insights: Security platforms arise to help companies discover, assess and mitigate cyber risks

The Last Watchdog

JUNE 6, 2022

Pity the poor CISO at any enterprise you care to name. As their organizations migrate deeper into an intensively interconnected digital ecosystem, CISOs must deal with cyber attacks raining down on all fronts. CISOs need only to follow the principles honed over the past 200 years by the property and casualty insurance industry.

Cyber Risk

Cyber Risk Risk CISO Cloud Migration

The Unseen Threats: Anticipating Cybersecurity Risks in 2024

Security Boulevard

JANUARY 18, 2024

Cybersecurity risks increase every year and bludgeon victims who fail to prepare properly. For those interested in a better understanding of the oncoming risks, this is the information you are looking for. It can feel like crossing a major highway while blindfolded. Many never see the catastrophe about to happen, until it occurs.

Risk

Risk Cybersecurity CISO Technology

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

SecureWorld News

JULY 31, 2023

Sam Masiello , CISO, The Anschutz Corporation: "I would expect that many CISOs today are feeling as if their job just got harder and now has a brighter spotlight shining specifically on them. Many CISOs are already burnt out, and there is shortage of qualified CISOs globally. CISOs are expected to be a unicorn already.

CISO

CISO InfoSec Risk Cybersecurity

Spotlight: Your IoT Risk Is Bigger Than You Think. (And What To Do About It.)

The Security Ledger

OCTOBER 28, 2021

Curtis and I discuss the growing cyber risks posed by Internet of Things devices within enterprise networks. IoT and OT (operation technology) deployments are growing and pose challenges to organizations that are still. Curtis and I discuss the growing cyber risks posed by Internet of Things devices within enterprise networks.

IoT

IoT Risk CISO Cyber Risk

How CISOs Can Impact Security for All

Cisco Security

APRIL 26, 2021

Insights from our new Advisory CISO, Helen Patton. If there’s anyone who’s been put through their paces in the security industry, it’s Helen Patton , our new Advisory Chief Information Security Officer (CISO). Helen has come to Cisco from The Ohio State University, where she served as CISO for approximately eight years.

CISO

CISO Education Technology Media

Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk

The Security Ledger

MAY 16, 2024

In this Spotlight Podcast, host Paul Roberts talks with Chris Walcutt, the CSO of DirectDefense about the rising cyber threats facing operational technology (OT) and how organizations that manage OT - including critical infrastructure owners can best manage increased cyber risks to OT environments. Read the whole entry. »

CSO

CSO Risk Energy and Utilities Social Engineering

Thousands of Data Center Management Apps Exposed to Internet

eSecurity Planet

FEBRUARY 2, 2022

Tens of thousands of applications that are critical to the operations of data centers around the globe are exposed to the internet, with many secured with default factory passwords, posing a significant cyber risk to enterprises worldwide. Exposing that to the public internet is like allowing terrorists to direct air traffic control.”.

Internet

Internet Internet Passwords Software

WEF Outlines Path to Cyber Resilience for Manufacturing Sector

SecureWorld News

MAY 29, 2024

The manufacturing sector faces an increasingly daunting cyber threat landscape that puts production operations, intellectual property, and entire supply chains at risk. The risk is too great, and key business partnerships are required," said Amy Bogac , former CISO at The Clorox Company. trillion annually. "

Manufacturing

Manufacturing CISO Artificial Intelligence Cyber threats

Mitigate insider threats by focusing on people, process and technology

SC Magazine

MARCH 12, 2021

The pandemic has challenged CISOs worldwide to adapt their security strategies—often years early—to create a safe work-from-home environment. But this shift has caused a growing risk: the insider threat. The longer the time, the higher the risk. Use a people-centric strategy to circumvent insider risk.

Technology

Technology CISO Risk Government

2021 Security Outcomes Study: Stress Relief for CISOs

Cisco Security

FEBRUARY 19, 2021

This affected all levels of the cybersecurity landscape, and it has had a particularly broad impact for those in the C-Suite, specifically, the Chief Information Security Officer (CISO). So, what is an already over-stressed CISO to do? Technological update. Technological integration. Practices with strong success Impact.

CISO

CISO Technology Digital transformation Cybersecurity

IoT Devices a Huge Risk to Enterprises

eSecurity Planet

JULY 22, 2021

When millions of people around the world were sent home to work at the onset of the global COVD-19 pandemic, they left behind not only empty offices but also a host of Internet of Things (IoT) devices – from smartwatches to networked printers – that were still connected to corporate networks and cranking away.

IoT

IoT Risk Architecture Manufacturing

Five considerations for cloud migration, from the House of Representatives CISO

SC Magazine

MAY 18, 2021

A visitor photographs a symbol of a cloud at the Deutsche Telekom stand the day before the CeBIT technology trade fair. It’s about how you can do your business mission” in a different environment, with its own requirements for protecting data, Vickers said during his talk at the RSA Show’s Cloud Security Alliance CISO Summit.

Cloud Migration

Cloud Migration CISO Firewall DNS

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 2)

The Last Watchdog

DECEMBER 14, 2023

We asked two questions: •What should be my biggest takeaway from 2023, with respect to mitigating cyber risks at my organization? Or Shoshani , CEO and founder, Stream Security Shoshani As 2023 ends, we’re already seeing businesses adopting technology to diagnose and detect threats to their cloud infrastructure before they occur.

Cybersecurity

Cybersecurity Risk Cyber threats CSO

Cybersecurity Risks of 5G – And How to Control Them

eSecurity Planet

SEPTEMBER 1, 2021

Consumers and organizations are enthused about the operational benefits of more robust mobile connectivity, but the shift to 5G networks doesn’t come without risks. Here we’ll discuss the most significant risks posed by 5G, how U.S. Table of Contents What Are the Cybersecurity Risks of 5G? How is 5G Different?

Risk

Risk Cybersecurity IoT Wireless

Zero Trust and the Failure of Sampling: Two Important Cybersecurity Trends

Joseph Steinberg

JUNE 10, 2022

Many of Gillis’s comments echoed those that I have heard in recent months from CISOs and others within the cybersecurity industry who witness developments from various vantage points quite different from those of a vendor of cybersecurity technologies. Sampling No Longer Works.

Cybersecurity

Cybersecurity Artificial Intelligence CISO Wireless

MY TAKE: Fostering Digital Trust – the role of ‘post-quantum crypto’ and ‘crypto agility’ in 2024

The Last Watchdog

DECEMBER 13, 2023

I had the opportunity to sit down with DigiCert’s Jason Sabin , Chief Technology Officer and Avesta Hojjati , Vice President of Engineering to chew this over. And PKI is the best technology we’ve got to get us there. What’s more, a fresh layer of risks posed by the rise of quantum computing looms large.

Encryption

Encryption Technology CISO IoT

Inside the Complex Universe of Cybersecurity

SecureWorld News

JANUARY 11, 2024

Working as CISO, DeSouza's areas of expertise include strategic planning, risk management, identity management, cloud computing, and privacy. While it fosters innovation, automation, and productivity, it simultaneously introduces significant cybersecurity and privacy risks.

Cybersecurity

Cybersecurity CISO Cyber threats Risk

NEW TECH: Devolutions’ ‘PAM’ solution helps SMBs deal with rising authentication risks

The Last Watchdog

MARCH 10, 2020

I spoke with Maurice Côté, VP Business Solutions, and Martin Lemay, CISO, of Devolutions , at the RSA 2020 Conference in San Francisco recently. We hide the complexity of all these providers and all of these technologies,” Côté told me. Managing the complexity of all these identities makes it easier for staff to do their work. “We

Authentication

Authentication Risk Digital transformation Passwords

NEW TECH: CyberGRX seeks to streamline morass of third-party cyber risk assessments

The Last Watchdog

MARCH 14, 2019

So they began inundating their third-party suppliers with “bespoke assessments” – customized cyber risk audits that were time consuming and redundant. Kneip also painted the wider context about why effective third-party cyber risk management is an essential ingredient to baking-in security at a foundational level.

Cyber Risk

Cyber Risk Risk Digital transformation Accountability

Cisco’s CISO of the Month – Esmond Kane

Cisco Security

JUNE 25, 2021

This month, we interviewed Esmond Kane, CISO of Steward Health Care. I learned on the job, fighting malware outbreaks, working my way up from the Helpdesk at the same time the whole planet was embracing the internet to radically transform business. Cyber attacks during the pandemic escalated by as much as 600%.

CISO

CISO Healthcare InfoSec Computers and Electronics

Annual Reports: How They Warn of Cyber Risk

SecureWorld News

OCTOBER 20, 2021

Cyberrisk is business risk. But how should we communicate this risk to the business, to clients, or to investors? Accenture annual report: risks we face from cyberattacks. However, we were most interested in seeing how Accenture articulated a particular business risk: the risk from a cyberattack.

Cyber Risk

Cyber Risk Risk Insurance Cyber Insurance

Key Cybersecurity Trends for 2024: My Predictions

Jane Frankland

DECEMBER 7, 2023

These include the adoption of hyper automation and artificial intelligence (AI)-driven decision making, where organisations will increasingly use automation technologies and artificial intelligence to streamline processes and enhance efficiency. which already account for 73% of Internet traffic will surge.

Cybersecurity

Cybersecurity Cyber threats Insurance Artificial Intelligence

RSAC insights: How ‘TPRM’ can help shrink security skills gap — while protecting supply chains

The Last Watchdog

JUNE 2, 2022

Third-Party Risk Management ( TPRM ) has been around since the mid-1990s – and has become something of an auditing nightmare. Related: A call to share risk assessments. This is because third-party risk has become a huge problem for enterprises in the digital age. Cyber risks profiling. based CyberGRX.

Cyber Risk

Cyber Risk Risk Digital transformation Insurance

A Question of Identity: The Evolution of Identity & Access Management

SecureWorld News

FEBRUARY 9, 2024

People, process & technology framework A successful IAM program requires all three dimensions—people, process, and technology—working in concert to enhance the user experience, fuel efficiency gains, and minimize enterprise risk. Session risk evaluation secures every connection attempt dynamically based on these factors.

IoT

IoT VPN Architecture Risk

Importance of Cybersecurity Profession Highlights SecureWorld Chicago

SecureWorld News

JUNE 13, 2023

And so we think about different types of cybersecurity risk and how those risks or vulnerabilities or threat actors can actually impede that ability or an organization to meet those objectives," said Mary Faulkner, CISO at Thrivent, one of four panelists that took the stage to kick off the conference.

Cybersecurity

Cybersecurity CISO InfoSec Risk

CISO’s 2023 Planning Guide for ERP Applications

Security Boulevard

JANUARY 23, 2023

CISO’s 2023 Planning Guide for ERP Applications maaya.alagappan Mon, 01/23/2023 - 15:48 ERP systems, such as SAP and Oracle applications, run essential business functions and contain an organization’s most valuable data from HR and customer information to intellectual property and company financials.

CISO

CISO Risk Threat Reports Marketing

Steps Forward: Can ‘CNAPP’ solutions truly unify cloud, on-premises best cybersecurity practices?

The Last Watchdog

JULY 17, 2023

However, to achieve this higher-level payoff, CISOs and CIOs must first bury the hatchet and truly collaborate – a bonus return. Managing dynamic risks Several developments have converged to put CNAPP on a fast track. This will continue to grow, but other security controls will remain important as well.

Cybersecurity

Cybersecurity Software Risk Internet

Forging the Path to Continuous Audit Readiness

CyberSecurity Insiders

JANUARY 9, 2023

Technology oversight is a common mandate across IT and security frameworks and compliance specifications, but achieving that oversight is difficult. The rise of hybrid workplaces, shadow IT/DevOps, and cloud infrastructure dynamics continue to create cybersecurity risks. By Scott Gordon, CISSP, Oomnitza .

Policy Compliance

Policy Compliance Technology Digital transformation Encryption

Spotlight on Cybersecurity Leaders: Kip Boyle

SecureWorld News

NOVEMBER 2, 2022

He helps senior decision makers overcome cybersecurity sales objections and manages unlimited cyber risks through rigorous prioritization. In the private sector, he was a CISO for an insurance company, credit card processor, bank, credit union, and IT Managed Service Provider. He's served as a captain with the F-22 program in the U.S.

Cybersecurity

Cybersecurity Cyber Insurance Insurance Cyber Risk

Invest vs. Optimize: Industry Leaders Weigh in on Simplifying Security Tech Stacks

NetSpi Executives

DECEMBER 19, 2023

It’s a question older than the internet—do we optimize our existing tech stack or invest in new technology? Partners include: Kris Kocinski, Principal, Cloud Engineering at Enduir Jeff Music, CISO at ReliaQuest Harsh Thanki, Security Consultant at SecureLink Middle East 1. Harsh Thanki, SecureLink Security Consultant 2.

CISO

CISO Technology Engineering Artificial Intelligence

EPA Issues Urgent Alert for Water Utilities to Enhance Cyber Defenses

SecureWorld News

MAY 22, 2024

It cites cyber incidents such as the 2021 Oldsmar water treatment facility hack as examples of real-world risks. Kip Boyle , vCISO, Cyber Risk Opportunities LLC, said he worries the EPA's actions do not go far enough. I applaud the EPA for recognizing the criticality of water treatment, storage, and distribution facilities. "I

Energy and Utilities

Energy and Utilities Cyber threats Cybersecurity Risk

Black Hat insights: How Sonrai Security uses graph analytics to visualize, mitigate cloud exposures

The Last Watchdog

JULY 29, 2021

With Black Hat USA 2021 just around the corner, I had a deep discussion about this with Eric Kedrosky, CISO and Director of Cloud Research at Sonrai Security. Sonrai is bringing graph database technology to bear on cloud security at a time when the migration from on-premises company data centers to the cloud is in full swing.

Risk

Risk Cloud Migration Digital transformation Software

Quantum Computing: A Looming Threat to Organizations and Nation States

SecureWorld News

SEPTEMBER 7, 2023

As for the panel presentation at SecureWorld Denver , it features Edgar Acosta, Experienced Cybersecurity Professional (former CISO at DCP Midstream ); Craig Hurter, Sr. Director of Information Security, State of Colorado Governor's Office of Information Technology; and Toby Zimmerer, Sr. Demand and Delivery Director, Optiv.

Encryption

Encryption Technology Risk Architecture

MY TAKE: Former NSA director says cybersecurity solutions need to reflect societal values

The Last Watchdog

MARCH 5, 2020

Rogers made his remarks as part of a panel discussion on securing digital transformation moderated by Infosys CISO Vishal Salvi. With cyber attacks intensifying and a systemic reversal a long way off, the burden for mitigating cyber risks in the digital age has come to lie with company decision makers and individual employees.

Cybersecurity

Cybersecurity Technology IoT Digital transformation

Second-Guessing the CISO in an Emergency

Duo's Security Blog

FEBRUARY 8, 2021

You can imagine that one person — the only one in a family comfortable with technology — might be sitting there registering all their family members one by one, directing them all back to the same email address. Think of adults who are trying to register their parents in nursing homes; think of parents trying to register their children.

CISO

CISO Passwords Authentication Accountability

AUTHOR Q&A: China’s spy balloons reflect a cyber warfare strategy America must counter

The Last Watchdog

FEBRUARY 21, 2023

This is a well-reasoned treatise collaboratively assembled by board members of the Internet Security Alliance ( ISA.) Part two is comprised of essays by CISOs from leading enterprises outlining what needs to get done. It also advocates a smarter, more concerted public-private partnership as the core solution.

Marketing

Marketing Cyber Risk Cybersecurity Internet

Cybersecurity Outlook 2022: Third-party, Ransomware and AI Attacks Will Get Worse

eSecurity Planet

JANUARY 6, 2022

Third-party Risks Take Center Stage. Third-party risks are at the forefront of security concerns, with identity risk management provider SecZetta predicting that “supply chain paranoia” will take over the cybersecurity world this year. Also read: Best Third-Party Risk Management (TPRM) Tools for 2022. .”

Ransomware

Ransomware Cybersecurity Artificial Intelligence CISO

Security gaps in operational tech exposed with hacker attempt to poison Florida city water

SC Magazine

FEBRUARY 8, 2021

Water and wastewater treatment is among the most at-risk areas of critical infrastructure that exists today, said Grant Geyer, chief product officer at Claroty. Geyer attributes the growing number of bugs to “the long depreciation period of equipment in critical infrastructure environments” as well as “technology obsolescence.”

CISO

CISO Internet Internet Media

ROUNDTABLE: Experts react to President Biden’s exec order in the aftermath of Colonial Pipeline hack

The Last Watchdog

MAY 19, 2021

It’s refreshing to see a government executive order that understands technology trends such as “zero trust”, is able to delineate “Operational Technology (OT)” from “information technology (IT,)” and can talk intelligently about supply chain risks. Bryson Bort , CEO, SCYTHE.

Hacking

Hacking Government Technology Ransomware

New York Takes Bold Stance Against Hospital Cyber Attacks

SecureWorld News

DECEMBER 6, 2023

The proposed regulations, designed specifically for hospitals, establish a robust framework for cybersecurity risk management and incident response. 500 million in funding for healthcare information technology: This funding will support the acquisition of cybersecurity tools, training, and IT modernization.

Cyber Attacks

Cyber Attacks Healthcare Computers and Electronics Financial Services

Best Practices Q&A: Guidance about what directors need to hear from CISOs — from a board member

Black Hat insights: JupiterOne’s whodunnit puts CISOs on the trail of solving a devastating breach

Webinars

Trending Sources

MY TAKE: COVID-19 cements the leadership role CISOs must take to secure company networks

Webinars

Best Practices Q&A: The importance of articulating how cybersecurity can be a business enabler

RSAC insights: Security platforms arise to help companies discover, assess and mitigate cyber risks

The Unseen Threats: Anticipating Cybersecurity Risks in 2024

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

Spotlight: Your IoT Risk Is Bigger Than You Think. (And What To Do About It.)

How CISOs Can Impact Security for All

Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk

Thousands of Data Center Management Apps Exposed to Internet

WEF Outlines Path to Cyber Resilience for Manufacturing Sector

Mitigate insider threats by focusing on people, process and technology

2021 Security Outcomes Study: Stress Relief for CISOs

IoT Devices a Huge Risk to Enterprises

Five considerations for cloud migration, from the House of Representatives CISO

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 2)

Cybersecurity Risks of 5G – And How to Control Them

Zero Trust and the Failure of Sampling: Two Important Cybersecurity Trends

MY TAKE: Fostering Digital Trust – the role of ‘post-quantum crypto’ and ‘crypto agility’ in 2024

Inside the Complex Universe of Cybersecurity

NEW TECH: Devolutions’ ‘PAM’ solution helps SMBs deal with rising authentication risks

NEW TECH: CyberGRX seeks to streamline morass of third-party cyber risk assessments

Cisco’s CISO of the Month – Esmond Kane

Annual Reports: How They Warn of Cyber Risk

Key Cybersecurity Trends for 2024: My Predictions

RSAC insights: How ‘TPRM’ can help shrink security skills gap — while protecting supply chains

A Question of Identity: The Evolution of Identity & Access Management

Importance of Cybersecurity Profession Highlights SecureWorld Chicago

CISO’s 2023 Planning Guide for ERP Applications

Steps Forward: Can ‘CNAPP’ solutions truly unify cloud, on-premises best cybersecurity practices?

Forging the Path to Continuous Audit Readiness

Spotlight on Cybersecurity Leaders: Kip Boyle

Invest vs. Optimize: Industry Leaders Weigh in on Simplifying Security Tech Stacks

EPA Issues Urgent Alert for Water Utilities to Enhance Cyber Defenses

Black Hat insights: How Sonrai Security uses graph analytics to visualize, mitigate cloud exposures

Quantum Computing: A Looming Threat to Organizations and Nation States

MY TAKE: Former NSA director says cybersecurity solutions need to reflect societal values

Second-Guessing the CISO in an Emergency

AUTHOR Q&A: China’s spy balloons reflect a cyber warfare strategy America must counter

Cybersecurity Outlook 2022: Third-party, Ransomware and AI Attacks Will Get Worse

Security gaps in operational tech exposed with hacker attempt to poison Florida city water

ROUNDTABLE: Experts react to President Biden’s exec order in the aftermath of Colonial Pipeline hack

New York Takes Bold Stance Against Hospital Cyber Attacks

Stay Connected