CISO, Phishing and VPN - Cyber Security Informer

Top 5 Cyber Predictions for 2024: A CISO Perspective

Security Boulevard

JANUARY 2, 2024

This adoption brings us to the flip side of the generative AI coin: attackers are leveraging AI tools to elevate and automate phishing campaigns, craft extremely evasive malware, and reduce the development time of threats across the board. Let’s explore five predictions that should be top of mind for security leaders and organizations.

CISO

CISO Social Engineering Architecture Ransomware

The challenges of being a CISO during the COVID-19 pandemic

IT Security Guru

OCTOBER 14, 2021

The pre-COVID-19 CISO. The global COVID-19 pandemic has been a tumultuous time for Chief information security officers (CISOs) who on any given day have a long and complicated list of responsibilities. This pandemic has given the CISO role and security industry an opportunity to redefine its role and value proposition.

CISO

CISO Social Engineering Marketing Cyber Risk

Cisco’s CISO of the Month – Esmond Kane

Cisco Security

JUNE 25, 2021

This month, we interviewed Esmond Kane, CISO of Steward Health Care. Across Healthcare, infosec had to help IT rapidly improve endpoint hygiene, VPN posture assessment, handle all the COVID-related Phishing, increase and mitigate cloud exposure, and more. Esmond Kane is Cisco’s CISO of the month.

CISO

CISO Healthcare InfoSec Computers and Electronics

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

News Alert: CybeReady issues a summer saeson guide outlining 5 workforce security strategies

The Last Watchdog

JUNE 20, 2023

Produced by the company’s security experts, the guide is part of the CISO Toolkit, which is designed to help cybersecurity managers to communicate tips and best practices and help employees in maintaining a higher level of security – easily and effectively.

Security Awareness

Security Awareness Media Risk CISO

Enabling Secure Remote Working in Times of Crisis: Plan Ahead

Thales Cloud Protection & Licensing

MARCH 19, 2020

VPN access to the network, when most apps are still delivered on-premises. Unfortunately, businesses still rely on simple usernames and passwords, making phishing campaigns serious security issues. Remote desktop or virtual environments.

VPN

VPN CISO Passwords Scams

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 2)

The Last Watchdog

DECEMBER 14, 2023

Instead of arguing about MFA strength, VPN vendor, or nation-state treat actors, let’s finish our conversation about using dedicated administrator accounts and unique passwords. Meanwhile QR-code phishing arose as a popular form of attack. In 2024 we’ll see more of the same.

Cybersecurity

Cybersecurity Risk Cyber threats CSO

Charting a Course to Zero Trust Maturity: 5 Steps to Securing User Access to Apps

Duo's Security Blog

OCTOBER 6, 2023

In other words, it’s not just about implementing MFA to verify user trust, it’s about using phishing-resistant MFA with risk-based authentication , device posture checks and other security controls. To achieve more resilience in this heightened risk environment, stepping up zero trust maturity is essential. What does that journey look like?

Authentication

Authentication Risk Social Engineering InfoSec

GUEST ESSAY: The shock waves of mental illness have begun exacerbating cybersecurity exposures

The Last Watchdog

NOVEMBER 29, 2021

Another example that has become more prominent in a remote work-from-home world is an individual forgetting to use the company VPN or logging into unsecured WIFI. Almost all of us have seen phishing emails in our inbox at some point. Both can unintentionally expose critical data and leave a company vulnerable to an outside threat.

Cybersecurity

Cybersecurity Social Engineering Risk Cyber Risk

The Top Five Habits of Cyber-Aware Employees

CyberSecurity Insiders

JULY 21, 2021

By: Matt Lindley, COO and CISO at NINJIO. Public WiFi can easily be exploited by cybercriminals (through direct infiltration or the creation of fake hotspots), but the vast majority of people still use it – and many don’t use a VPN when they do so. Know how to identify a phishing attack.

Social Engineering

Social Engineering Password Management Passwords Phishing

Preventing Critical Email Attacks: Brian Krebs and Mike Britton Discuss

SecureWorld News

MARCH 17, 2022

That was the case for a broadcast SecureWorld recently hosted with Mike Britton, CISO of Abnormal Security , and legendary investigative journalist Brian Krebs. In these types of collaborative platforms, like Slack for example, when some user account credentials get phished, someone else's credentials could be phished.

InfoSec

InfoSec Social Engineering Phishing Cybercrime

What’s New in the Federal Zero Trust Strategy?

Duo's Security Blog

JANUARY 28, 2022

This, in combination with network encryption, will lay a strong foundation against phishing and other common attack vectors. What’s in the Strategy? The memo emphasizes the importance of including cloud-based platforms, applications and systems in the agency zero trust strategy.

Authentication

Authentication Government DNS Encryption

Reducing Human Error Security Threats with a Remote Workforce

Security Boulevard

MARCH 24, 2021

In a survey of UK&I CISOs, 55% said that human error posed a risk no matter what protections are in place. Damaging employee mistakes often come in the form of clicking or downloading malicious content, interacting with phishing emails, and unauthorized use of a device or app. Always use a virtual private network (VPN).

Education

Education Risk Cybersecurity VPN

New York: Cyberattack Is Twitter's Fault, Let's Increase Regulation

SecureWorld News

OCTOBER 15, 2020

And they traced the cybersecurity failures to a lack of leadership and a vacant Chief Information Security Officer role: "The problems started at the top: Twitter had not had a chief information security officer (“CISO”) since December 2019, seven months before the Twitter Hack. This is something end users at many organizations experienced.

Social Engineering

Social Engineering Media Scams Financial Services

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

eSecurity Planet

MAY 2, 2024

Compromised Credentials Compromised identities from phishing, info stealers, keyloggers, and bad password habits provide the entry point for most ransomware attacks and data breaches. Used active multi-email engagements after effective phishing screenings. Deployed malvertising and SEO poisoning to evade detection tools.

Cybersecurity

Cybersecurity DDOS Penetration Testing Passwords

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

Cisco Security

AUGUST 26, 2021

CyberArk reduces VPN risk with MFA enforcement on any VPN client that supports RADIUS; including Cisco Secure Firewall. CyberArk reduces VPN risk with MFA enforcement on any VPN client that supports RADIUS; including Cisco. A new panel with VPN metrics has been added. Cisco Secure Firewall integrations.

Technology

Technology Firewall VPN Authentication

The Remote Access Guide 2.0 — A Reality Check

Duo's Security Blog

NOVEMBER 17, 2020

In the future — which is now, actually — ‘remote access’ will just become ‘access.'" — Wendy Nather, head of advisory CISOs at Cisco's Duo Security The Remote Access Guide Version 3.0 But with this convenience comes a number of threats to users - like phishing, brute-force attacks and password-stealing malware. In our new 3.0

Risk

Risk Passwords CISO VPN

The Biggest Lessons about Vulnerabilities at RSAC 2021

eSecurity Planet

MAY 28, 2021

While CIOs, CISOs, and purchasing managers often make a faith-based decision on software, greater accountability in software development starting below the OS can lead to more data and risk-driven decisions. Whether it’s a VPN , firewall , or remote access server, unauthorized entry via network gateways is a problem.

Software

Software Firmware DNS VPN

The Hacker Mind Podcast: Digital Forensics

ForAllSecure

DECEMBER 2, 2021

Vamosi: So you’re CISO at a major corporation and all of sudden there’s been a ransomware attack in your network, and it’s spreading throughout your infrastructure. Is it a phishing campaign? Number one trend is simply through phishing. Maybe your first concern is to make sure the company is functional.

Penetration Testing

Penetration Testing Encryption Ransomware Passwords

Cyber Security Informer

Top 5 Cyber Predictions for 2024: A CISO Perspective

The challenges of being a CISO during the COVID-19 pandemic

Webinars

Trending Sources

Cisco’s CISO of the Month – Esmond Kane

Webinars

News Alert: CybeReady issues a summer saeson guide outlining 5 workforce security strategies

Enabling Secure Remote Working in Times of Crisis: Plan Ahead

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 2)

Charting a Course to Zero Trust Maturity: 5 Steps to Securing User Access to Apps

GUEST ESSAY: The shock waves of mental illness have begun exacerbating cybersecurity exposures

The Top Five Habits of Cyber-Aware Employees

Preventing Critical Email Attacks: Brian Krebs and Mike Britton Discuss

What’s New in the Federal Zero Trust Strategy?

Reducing Human Error Security Threats with a Remote Workforce

New York: Cyberattack Is Twitter's Fault, Let's Increase Regulation

2024 State of Cybersecurity: Reports of More Threats & Prioritization Issues

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

The Remote Access Guide 2.0 — A Reality Check

The Biggest Lessons about Vulnerabilities at RSAC 2021

The Hacker Mind Podcast: Digital Forensics

Stay Connected