Anton on Security

JANUARY 28, 2025

Mitigating these risks requires robust security protocols including prompt sanitization, data governance policies, access controls, output filtering, data source vetting, and continuous monitoring, coupled with responsible AI practices such as data curation, model stress-testing, and customer safetytools.

CISO 100

CISO Risk Government Artificial Intelligence 100

Mitnick Security

JUNE 27, 2023

As a Chief Information Security Officer (CISO), you have the responsibility of not only directing your organization’s security but also conveying your risk status to leadership. The stakes are high.

Penetration Testing 52

Penetration Testing Small Business CISO Data breaches 52

NetSpi Executives

MARCH 25, 2025

Become the Influence A NetSPI podcast, Agent of Influence features experts in the cybersecurity field as they engage in conversation with Nabil Hannan, NetSPI Field CISO and podcast host, about the life and challenges as a leader in cybersecurity. Join Nabil Hannan, NetSPI Field CISO, on the Agent of Influence podcast.

Cybersecurity 52

Cybersecurity CISO Penetration Testing Financial Services 52

Jane Frankland

MARCH 8, 2025

As the first women owned penetration testing provider in the UK some 28-years ago, Ive researched, campaigned, written, spoken and stepped up as a visible role model, always presenting the business case. For nearly a decade, we’ve heard the same discussion in cybersecurity circles about the gender diversity problem.

Cybersecurity 130

Cybersecurity Penetration Testing Accountability Cyber Risk 130

The Last Watchdog

AUGUST 21, 2018

The security team needs to be at the table, working alongside the developers and the operations teams, providing the risk management view for security. Applications now are more valuable than ever, but they also expose organizations to more risk than ever before,” Cornell says. The tests drive results while resolving security issues.

Digital transformation 145

Digital transformation Penetration Testing IoT Risk 145

SecureWorld News

APRIL 27, 2023

Penetration testing is a critical cybersecurity and compliance tool today, but it's also highly misunderstood. First, pen tests have materially changed in the last couple of years, and many CIOs and CISOs still think of pen tests the way they used to be. What are the risks that they are worried about the most?"

Penetration Testing 98

Penetration Testing CISO IoT Risk 98

eSecurity Planet

OCTOBER 17, 2022

NetSPI, a top penetration testing and vulnerability management company, recently announced a $410 million funding round, a huge amount in a year in which $100+ million rounds have become a rarity. Before co-founding Cyolo, Almog Apirion was a CISO for 15 years. “I As for NetSPI, it fits into this sweet spot. Arctic Wolf.

Cybersecurity 113

Cybersecurity Penetration Testing CISO Marketing 113

Centraleyes

DECEMBER 11, 2024

These include: Cybersecurity Risk Assessment: Organizations must perform a comprehensive risk assessment to identify potential vulnerabilities in their operations. Awareness and Training: Employees across all levels must be trained on cybersecurity best practices to minimize human-related risks.

Risk 52

Risk Cybersecurity Penetration Testing Digital transformation 52

Duo's Security Blog

DECEMBER 2, 2021

The latter reduces the risk of a single point of failure to production, as if one supplier fails then an alternative can be used to ensure production resilience. This risk will ebb and flow as the nature of the supply chain changes. Already CISOs often chat offline. One of the characteristics is the willingness to collaborate.

CISO 105

CISO Penetration Testing Risk Authentication 105

Thales Cloud Protection & Licensing

JANUARY 16, 2025

It includes expectations for implementing comprehensive security programs, including risk assessments, incident response plans, periodic reporting, and controls like governance frameworks and application security protocols. Encryption: Protecting data at rest and in transit. Governance: Establishing accountability and enforcing policies.

Financial Services 62

Financial Services Insurance Encryption Government 62

McAfee

JUNE 17, 2021

Imagine if you had one place where you found a comprehensive real time security posture that tells you exactly where the looming current cyber risks are and the impact? With the score, you’ll know at a glance: Have you done enough to stave off the most likely risks? Risk and Posture. Risk and Posture.

Penetration Testing 97

Penetration Testing CISO Risk Cyber Insurance 97

eSecurity Planet

FEBRUARY 8, 2023

This allows you to determine which risks to eliminate first based on various factors, including their criticality and vulnerability threat levels, as well as classification. Findings are used to get a clear idea of the risks, factors, and threats levels. Phase Five: Remediation During this phase the reports are used to patch flaws.

Penetration Testing 104

Penetration Testing Software IoT Policy Compliance 104

Mitnick Security

SEPTEMBER 7, 2021

As a Chief Information Security Officer (CISO), you have the responsibility of not only directing your organization’s security but also conveying your risk status to leadership.

CISO 52

CISO Information Security Risk Penetration Testing 52

Jane Frankland

APRIL 28, 2022

Nowadays, organisations need digital leaders such as CIOs, CISOs, and CTOs who are strategists, visionaries, and know how to manage, effectively. The pressure for those in charge is immense as cyber risks have scaled, and can now bring businesses, economies, and communities to a halt. billion) is expected online.

CISO 130

CISO Mobile Technology Risk 130

Centraleyes

MARCH 13, 2025

Enacted in 2017, this regulation is all about minimizing risk in the financial services sector, which, lets face it, is prime real estate for cybercriminals. The program should be tailored to your specific business risks. Insight: Many businesses make the mistake of copying templates without understanding their unique risks.

Cybersecurity 52

Cybersecurity Financial Services Risk Encryption 52

NetSpi Executives

FEBRUARY 21, 2024

Artificial Intelligence (AI) and Machine Learning (ML) present limitless possibilities for enhancing business processes, but they also expand the potential for malicious actors to exploit security risks. For a comprehensive view of security in ML models, access our white paper, “ The CISO’s Guide to Securing AI/ML Models.”

Cybersecurity 111

Cybersecurity Artificial Intelligence Penetration Testing Architecture 111

Security Boulevard

JANUARY 28, 2025

Mitigating these risks requires robust security protocols including prompt sanitization, data governance policies, access controls, output filtering, data source vetting, and continuous monitoring, coupled with responsible AI practices such as data curation, model stress-testing, and customer safetytools.

CISO 52

CISO Risk Government Artificial Intelligence 52

eSecurity Planet

FEBRUARY 21, 2023

Blue team members might be led by a chief information security officer (CISO) or director of security operations, making this team the largest among the three. Learn more about Cybersecurity Risk Management Red Teams Red teams simulate the tactics, techniques, and procedures ( TTPs ) an adversary might use against the organization.

Social Engineering 109

Social Engineering Penetration Testing Engineering Risk 109

CyberSecurity Insiders

JUNE 24, 2021

Conduct risk assessments and penetration tests to determine the organization’s attack surface and what tools, processes and skills are in place to defend against attacks. If an attack occurs, Gartner notes, the press is likely to contact company directors, not the CISO. Initial Assessments. Ransomware Governance.

Ransomware 103

Ransomware Backups Penetration Testing Education 103

The Last Watchdog

AUGUST 19, 2021

Related: Kaseya hack worsens supply chain risk. This is the type of incident that could have been identified as a risk by a properly scoped penetration test and detected with the use of internal network monitoring tools. Once more, a heavily protected enterprise network has been pillaged by data thieves.

Mobile 235

Mobile Data breaches Authentication Accountability 235

Centraleyes

DECEMBER 19, 2024

The new NY regulations, however, go further by requiring hospitals to implement: Tailored cybersecurity programs, Designation of a Chief Information Security Officer (CISO), Penetration testing, Mandatory breach reporting within 72 hours.

Healthcare 52

Healthcare Penetration Testing Cybersecurity CISO 52

eSecurity Planet

MAY 12, 2023

This vulnerability management policy defines the requirements for the [eSecurity Planet] IT and security teams to protect company resources from unacceptable risk from unknown and known vulnerabilities. Broader is always better to control risks, but can be more costly.] Vulnerability Management Policy & Procedure A.

Penetration Testing 109

Penetration Testing Risk Firmware Software 109

CyberSecurity Insiders

SEPTEMBER 20, 2022

Earlier this year, I had the opportunity to speak before a group of CISOs about the topic of attack surface management (ASM). To make things even harder, there is no generally agreed upon and common SaaS security shared responsibility model and each new deployment, configuration, and integration can change the risk calculus.

Threat Detection 128

Threat Detection Risk Penetration Testing DNS 128

NopSec

MAY 11, 2022

We described in the previous blog post the difference between vulnerability management and risk management. A quick reminder: vulnerabilities are the weaknesses an organization has internally while risks are the threats existing externally that potentially could harm the organization. Let’s dig in to see how that works.

Risk 52

Risk IoT Penetration Testing Software 52

eSecurity Planet

SEPTEMBER 23, 2022

See the top Governance, Risk & Compliance (GRC) tools. Also read: What is Cybersecurity Risk Management? However, in turn, those policies are supposed to address the risks of the organization. Risk analysis and policies provide the foundational documents upon which all IT operations and security is supposed to be based.

Cybersecurity 131

Cybersecurity Risk Passwords Encryption 131

Security Boulevard

MARCH 23, 2025

Discover how PlexTrac addresses these issues by integrating various data sources, providing customized risk scoring, and enhancing remediation workflows. The episode offers an insightful [] The post From Spreadsheets to Solutions: How PlexTrac Enhances Security Workflows appeared first on Shared Security Podcast.

Risk 52

Risk Penetration Testing Social Engineering Data privacy 52

Security Boulevard

SEPTEMBER 19, 2022

Most organizations develop three to five-year phasing plans for most IT and cyber products to align with the manufacturer’s end-of-development, end-of-support, and end-of-life product life cycles and keep up with the latest security risks. Threat modeling (Risk management, vulnerability, and penetration testing).

Cybersecurity 98

Cybersecurity Architecture Risk Insurance 98

Lenny Zeltser

AUGUST 23, 2023

You’ll help reduce risk, cut costs, and build goodwill with your colleagues. This way of thinking about cybersecurity brings CISOs closer to the world of CIOs. Help Lower Expenses While Reducing Risk The mission of the cybersecurity team involves safeguarding the organization’s data.

Risk 52

Risk Penetration Testing Cybersecurity CISO 52

eSecurity Planet

MAY 2, 2024

Risk-based analytics: Considers the level of risk as the context for the level of permission needed to access systems, applications, and data. It’s always tempting to blame budgets, but most CISOs feel confident about their budgets and have already deployed significant resources. 44% based on vendor risk scoring.

Cybersecurity 121

Cybersecurity DDOS Penetration Testing Ransomware 121

NetSpi Executives

MARCH 11, 2025

Meet the Contributors This roundup includes insights from these NetSPI Partners: Thomas Cumberland, Tier 3 Senior Analyst at Cyber Sainik Michael Yates, CISO at All Lines Tech Sean Mahoney, Vice President at Netswitch Technology Management Kendra Vicars, Risk and Compliance Manager at Legato Security 1.

Risk 40

Risk CISO Technology Firewall 40

SecureWorld News

SEPTEMBER 5, 2024

When businesses consider compliance as the final objective, they may overlook other important aspects of security, such as real-time threat detection and proactive risk management—this narrow focus can result in vulnerabilities that sophisticated attackers can exploit. Following Zero Trust methods and the principle of least privilege.

Threat Detection 117

Threat Detection Phishing Penetration Testing Cyber threats 117

NetSpi Executives

JANUARY 16, 2024

You’re about to have your first Red Team experience, or maybe your first one in the CISO seat of your organization. If your goal is to absolutely find a way from the outside into your organization, you probably should do an External Network Penetration Test instead. How Often Should I Plan for Red Team Testing?

CISO 40

CISO Penetration Testing Social Engineering Engineering 40

Digital Shadows

FEBRUARY 26, 2025

Why Prioritizing Isnt Enough: The Critical Role of Validation in Exposure Management In cybersecurity, it’s critical to understand your risk. Consider this: CISOs and SecOps teams are inundated with a flood of exposures, often defaulting to the “loudest” CVEslike those receiving the most press coverage.

Penetration Testing 59

Penetration Testing Risk Ransomware Engineering 59

NetSpi Executives

JULY 16, 2024

It’s not often that I have the chance to speak to a room full of CISOs, but I was especially excited to present when I recently had this opportunity. I spoke on the trending topic of Gen AI and LLMs, specifically what types of AI security testing CISOs should be looking for when implementing these systems.

Penetration Testing 64

Penetration Testing CISO Network Security Risk 64

CyberSecurity Insiders

JULY 19, 2022

As hacks and extortion become more and more frequent, to truly minimize the risk of potential extortion and lost clear text data, a data security platform, specifically data-in-use encryption, also referred to as encryption-in-use, is the only option for complete protection and peace of mind. ” Tim Prendergrast, CEO, strongDM.

Healthcare 105

Healthcare Encryption Ransomware Penetration Testing 105

NetSpi Executives

AUGUST 16, 2024

Here, we summarize four key takeaways from the event, as told by members of our leadership team: Aaron Shilts, CEO Vinay Anand, CPO Tom Parker, CTO Nabil Hannan, Field CISO Read on for their insights and get a glimpse into the excitement of Las Vegas! ” Field CISO Nabil Hannan also noticed the buzz around AI.

Penetration Testing 52

Penetration Testing CISO Technology Artificial Intelligence 52

NetSpi Executives

DECEMBER 3, 2024

The coming year will demand organizations to prioritize proactive strategies, seamless collaboration, and smarter, more integrated solutions that can keep pace with modern risks. For today’s security teams, the source of an asset is less critical than understanding its role and risk within the broader ecosystem.

Cybersecurity 59

Cybersecurity CISO Social Engineering Accountability 59