This site uses cookies to improve your experience. To help us insure we adhere to various privacy regulations, please select your country/region of residence. If you do not select a country, we will assume you are from the United States. Select your Cookie Settings or view our Privacy Policy and Terms of Use.
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Used for the proper function of the website
Used for monitoring website traffic and interactions
Cookie Settings
Cookies and similar technologies are used on this website for proper function of the website, for tracking performance analytics and for marketing purposes. We and some of our third-party providers may use cookie data for various purposes. Please review the cookie settings below and choose your preference.
Strictly Necessary: Used for the proper function of the website
Performance/Analytics: Used for monitoring website traffic and interactions
” Ben Edwards, principal research scientist at Bitsight, told CSO, “My reaction is sadness and disappointment. We can’t score their severity or predict their exploitation. And we certainly wouldn’t be able to make the best decisions regarding patching them.”
The post Report finds women are declining CISO/CSO roles appeared first on TechRepublic. Professional risk factors into career decisions, and successful women need to encourage other women to accept the risks, says Accenture.
[no description provided] 20 Ways to Make AppSec Move at the Speed of DevOps [link to [link] no longer works] is in CSO. Update: Cant find it on CSO, [link] Its a good collection, and Im quoted.
Thoughts on Mark Rasch's essay, Conceal and Fail to Report - The Uber CSO Indictment Mark Rasch, who created the Computer Crime Unit at the United States Department of Justice, has an essay, " Conceal and Fail to Report - The Uber CSO Indictment."
The post Former Uber CSO found guilty of obstruction in attempted data breach cover-up appeared first on TechRepublic. Joe Sullivan schemed to hide a 2016 breach of 57 million users’ information shortly after he was hired.
In this post, Tenable CIO Patricia Grant looks at how the CIO/CSO relationship is key to a successful exposure management program. When I first joined Tenable, one of the first things I did was sit down with our CSO, Robert Huber , to align on how we were going to work together. So, my advice to fellow CIOs: Stay close to your CSO.
Like most CSOs, Joe Sullivan was drawn to the role to help prevent cybercrimes. His role as CSO of Uber was something of a shift from his previous job prosecuting cybercriminals as an assistant US attorney, but closer to the tip of the cybersecurity spear.
KrebsOnSecurity reviewed the Web sites for the global top 100 companies by market value, and found just five percent of top 100 firms listed a chief information security officer (CISO) or chief security officer (CSO). Not that these roles are somehow more or less important than that of a CISO/CSO within the organization.
98% of enterprises want CSOs, but 56% of industrial businesses don't have plans to introduce one to their company, according to a new Kaspersky report.
Daniel Lakier , Field CSO, Myriad360 Lakier Cyber professionals represent the companies they work for and are meant to protect them. Richard Bird , CSO, Traceable Bird These penalties are hollow.The SEC fixates on time-to-report metrics and vague “materiality” without defining it.
However, CSO's investigation shows that the bug bounty platforms have turned bug reporting and disclosure on its head, what multiple expert sources, including HackerOne's former chief policy officer, Katie Moussouris, call a "perversion." [.]. Leitschuh, the Zoom bug finder, agrees.
A review of the executives pages published by the 2022 list of Fortune 100 companies found only four — BestBuy , Cigna , Coca-Cola , and Walmart — that listed a Chief Security Officer (CSO) or Chief Information Security Officer (CISO) in their highest corporate ranks. Nor is the average pay hugely different among all these roles.
In this post, we look at a few of the highlights, focusing on the work of three Tenable thought leaders: information security engineer Arnie Cabral, CSO Robert Huber and CIO Patricia Grant. Ultimately, you cant do exposure management the right way without a strong relationship between the CIO and the CSO, she wrote.
Get the latest from CSO by signing up for our newsletters. ]. ISACs also facilitate the sharing of data between public and private sector groups. Learn what you need to know about defending critical infrastructure. |
Guest expert: Scott Gerlach, CSO, StackHawk We had a great conversation about how the venerable “ shift left ” security philosophy is being refined so that it better aligns with the way software gets developed today – at light speed.
Out of an abundance of caution, we replaced our RSA SSH host key used to secure Git operations for GitHub.com,” GitHub CSO and SVP. In an attempt to get ahead of fallout from the exposure of its private SSH key in a public repository, the software development platform GitHub proactively rotated its host key last week.
Den Jones shares his perspective as a CSO on the recent Okta breach, and what that means for the broader security community. The post CSO’s Perspective: The Okta Breach and What It Means to the Broader Community first appeared on Banyan Security.
About the essayist: Den Jones, CSO at Banyan Security , which supplies s imple, least-privilege, multi-cloud application access technologies. Food for thought, eh!
Jay” Abdullah , Mastercards Deputy CSO who gave a keynote address at The CSA Summit from Cloud Security Alliance at RSAC 2025. And also that intuitive, discerning human oversight is going to be essential at every step. Abdullah Lets start with Dr. Alissa “Dr.
RELATED: Uber CSO Found Guilty: The Sky Is Not Falling. Similarly, SolarWinds and its Chief Information Security Officer faced fraud and internal control failure charges from the SEC. These incidents underscore the critical importance of effective governance in cybersecurity programs.
(Source: ISACAs Tech Workplace and Culture 2025 report, March 2025) For more information about recruiting and retaining cybersecurity professionals: 10 Ways to Boost Cybersecurity Talent Retention (InformationWeek) 60% of cybersecurity pros looking to change employers (CSO) The cybersecurity industry has an urgent talent shortage.
It is not a book for the CSO. I'm giving little away by saying the twist is that attackers do innovate, and it's a surprisingly solid frame on which Kip hangs a readable and actionable book for executives who need to make cybersecurity decisions. And it doesn't fall into the jargon trap either in security or management.
If you would like to learn more about PQC, SecureWorld recently hosted a Remote Sessions broadcast in which Keyfactor CSO Chris Hickman offered an in-depth primer on PQC fundamentals for practical application. You may view the session on-demand here. Follow SecureWorld News for more stories related to cybersecurity.
As Diana Kelley, CSO and CISO at Cybrize notes, “it’s not about giving up, it’s about being better prepared.” If threats do compromise your business, time is of the essence when it comes to detection, response, and recovery. The longer an organization is unable to operate normally, the more at risk it becomes for damaging financial losses.
[RELATED: Suing the CISO: SolarWinds Fires Back ] Shawn Tuma, Co-Chair, Data Privacy & Cybersecurity Practice, at Spencer Fane, LLP and frequent SecureWorld instructor and speaker, offered this perspective: "The law evolves in incremental steps and, in my opinion, what this shows is a very early in developing—yet consistent—trend toward trying (..)
Glenn Kapetansky, CSO and Technology Lead at Trexin, had this to say about Bogac, whom he knows well: "I know Amy Bogac both professionally and personally, and she is well regarded in both circles.
“It took nearly 11 months (328 days) to identity and contain data breaches resulting from stolen or compromised credentials.” – IBM’s Cost of Data Breach Report 2023 I recently came across a 2012 article from CSO Online , and realized that it has been more than 11 years since the phrase “Identity is the new perimeter” was coined!
CSO Online marked the progress as 66 per cent done. The company says 99.2 per cent development pipelines are fully inventoried with enforced security measures. The initiative also emphasises a security-first culture, with security now included as part of performance reviews.
One of my friends, Greg van der Gaast tells this great story that perfectly illustrates one of the biggest challenges we face in cybersecurity today. It goes something like this… “Imagine someone who loves coffee. They have a fantastic coffee shop just steps from their home, serving the best lattes and espressos in town.
The Chief Information Security Officer (CISO) has become one of the most critical roles in modern organizations. Tasked with safeguarding data and infrastructure, CISOs face mounting pressures as cyber threats escalate, regulatory demands grow, and the role expands to encompass strategic business responsibilities.
My absolute congratulations and respect to Coinbase executive leadership: Brian Armstrong CEO, Jeff Lunglhofer CISO, and Philip Martin CSO The post Coinbase Hacked and Turns the Tables on the Cybercriminals! Craft your defense and response capabilities to be able to respond like Coinbase, in the unfortunate event of a breach.
A: Arlan McMillian —now CSO at Kirkland & Ellis LLP—was one of my early mentors and helped me understand what it took to be a leader in the cyber community and profession. Q: In honor of our 2024 conference theme, Legacies Untold: Revealing Cybersecurity's Hidden Figures , who is someone that you consider to be a Cyber Hero?
Evan Schuman has written a timely article in CSO , articulating many of the risks that both users and employers should avoid. The industry pushback was immediate and it looks like Microsoft is listening. They are delaying the release, probably to better understand the potential risks.
For more information about recent ransomware trends and incidents: Ransomware: Predictions and Actions in 2025 (SC Magazine) New ransomware group Funksec is quickly gaining traction (CSO) Ransomware isn't always about the money: Government spies have objectives, too (Dark Reading) Ransomware isn't always about the money: Government spies have (..)
And the recent clarifications—focusing on material cybersecurity incidents—is a step in the right direction," said Glenn Kapetansky , CSO, Trexin Group. "In "The SEC's intent in their latest cybersecurity incident disclosure rules—to enhance transparency for investors—is good.
At that time generative AI was not a major consideration and novel privacy-preserving techniques (PPT) were not featured heavily on a CSO 5yr budgetary plan. The world has changed. The responsible use of GenAI, and adoption of PPT play a crucial role in aligning with DORA legislation while safeguarding sensitive data.
Understanding the nature of the threat and how to appropriately mitigate that risk should be a shared responsibility, not solely the purview of the CISO or CSO. I would think that boards would want to have that experience, even though it is somewhat difficult to come by.
In this post, Tenable CSO Robert Huber shares practical advice on using an exposure management program to focus on risks that have business impact. Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management.
CISA advisor Nicole Perlroth closed out ISC2 Security Congress’ keynotes with a wake-up call for security teams to watch for nation-state-sponsored attacks.
I really respect Dave Kennedy, who is an extremely successful member of the security community having started two security companies after being a CSO himself. A: Maybe obvious, but the first "hackers" I ever saw was Kevin Mitnick (RIP). Q: Lastly, what are you most looking forward to at your regional SecureWorld conference this year?
In addition, 15 of today’s most successful business leaders back the company, including Olivier Pomel, Co-founder and CEO at Datadog; Pankaj Patel, Co-founder and CEO at Nile; Diogo Monica, Co-founder and CEO at Anchorage Digital; Joe Sullivan, former CSO at Facebook, Uber and CloudFlare; Bharat Shah, former CVP of Microsoft Security; Suresh Batchu, (..)
RELATED: Uber CSO Found Guilty: The Sky Is Not Falling. Having dedicated privacy personnel helps centralize expertise, authority, and accountability. " Jaworski added.
“The software supply chain issues identified … in OpenAI’s breach are not surprising, as most organizations are struggling with these challenges, albeit perhaps less publicly,” said Peter Morgan, who is the co-founder and CSO of Phylum.io, a cybersecurity firm that focuses on the supply chain.
“The most significant risk for enterprises isn’t the speed at which they are applying critical patches; it comes from not applying the patches on every asset,” noted Brian Contos, CSO of Sevco Security. The simple fact is that most organizations fail to maintain an up-to-date and accurate IT asset inventory.”
We organize all of the trending information in your field so you don't have to. Join 28,000+ users and stay up to date on the latest articles your peers are reading.
You know about us, now we want to get to know you!
Let's personalize your content
Let's get even more personalized
We recognize your account from another site in our network, please click 'Send Email' below to continue with verifying your account and setting a password.
Let's personalize your content