CSO and Cyber Risk - Cyber Security Informer

Exposure Management Works When the CIO and CSO Are in Sync

Security Boulevard

APRIL 28, 2025

In this post, Tenable CIO Patricia Grant looks at how the CIO/CSO relationship is key to a successful exposure management program. When I first joined Tenable, one of the first things I did was sit down with our CSO, Robert Huber , to align on how we were going to work together. So, my advice to fellow CIOs: Stay close to your CSO.

CSO

CSO Risk Cyber Risk CISO

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Unisys, for instance, was found to have framed cyber risks hypothetically even though its systems had already been breached, exfiltrating gigabytes of data. Daniel Lakier , Field CSO, Myriad360 Lakier Cyber professionals represent the companies they work for and are meant to protect them.

CISO

CISO CSO Risk Cyber threats

Cybersecurity’s Comfort Zone Problem: Are you Guilty of it?

Jane Frankland

APRIL 15, 2025

The hard truth is that technology alone cant fix the root causes of cyber risk. But just like the coffee drinker who bypasses their local shop, our focus on technology often distracts us from whats most important. These are challenges that require more than just a flashy new tool to overcome.

Risk

Risk Technology Cybersecurity Security Awareness

Cybersecurity Snapshot: CSA Outlines Data Security Challenges and Best Practices, While ISACA Offers Tips To Retain IT Pros

Security Boulevard

MARCH 7, 2025

Check out best practices for shoring up data security and reducing cyber risk. And get the latest on cyber scams; zero-day vulnerabilities; and critical infrastructure security. 1 - CSA: How to boost data security and reduce cyber risk Risk assessment gaps. Siloed cyber tools. Misaligned priorities.

Cybersecurity

Cybersecurity Scams CSO Risk

Cybersecurity Snapshot: U.S. Gov’t Urges Adoption of Memory-Safe Languages and Warns About Iran Cyber Threat

Security Boulevard

JUNE 27, 2025

government’s latest call for developers to use memory-safe programming languages, as well as its warning for cybersecurity teams regarding cyber risk from hackers tied to Iran. Plus, get the latest on ransomware trends, the quantum computing cyber threat and more! Check out the U.S.

Cyber threats

Cyber threats Cybersecurity Computers and Electronics Password Management

Cybersecurity Snapshot: CISA’s Best Cyber Advice on Securing Cloud, OT, Apps and More

Security Boulevard

MAY 2, 2025

For more information about the threat from nation-state cyber attackers: What CISOs Need to Know About Nation-State Actors (InformationWeek) 4 Ways to Defend Against Nation-State Attacks (BankInfoSecurity) Growing Nation-State Alliances Increase U.S. Tenable was one of the 68 original signatories of the pledge.

Cybersecurity

Cybersecurity Software Cyber Risk Risk

Cybersecurity Snapshot: Experts Issue Best Practices for Migrating to Post-Quantum Cryptography and for Improving Orgs’ Cyber Culture

Security Boulevard

JUNE 6, 2025

Embrace change: Stay attuned to emerging cyber risks and be ready to modify cybersecurity processes accordingly. Show how this capacity to adapt to new cyber threats helps strengthen the organization’s resilience. critical infrastructure organizations must have a plan in case a lengthy, widespread cyber war breaks out.

CISO

CISO Cybersecurity Cyber threats Government

ICYMI: A Look Back at Exposure Management Academy Highlights

Security Boulevard

MAY 26, 2025

In this post, we look at a few of the highlights, focusing on the work of three Tenable thought leaders: information security engineer Arnie Cabral, CSO Robert Huber and CIO Patricia Grant. We knew that, although it is critical to modern cybersecurity, vulnerability management alone doesnt provide a complete picture of cyber risk, he wrote.

CSO

CSO Risk Cyber Risk Engineering

Key Cybersecurity Trends for 2025. My Predictions

Jane Frankland

JANUARY 12, 2025

In this blog, I’m exploring these changes, grouped under key categories that I’ve used in previous years, to help business leaders and cyber risk owners better prepare for the evolving landscape. The emergence of shadow AIunauthorised AI tools used without IT approvalamplifies these vulnerabilities.

Cybersecurity

Cybersecurity CISO Insurance IoT

Security teams report rise in cyber risk

CSO Magazine

AUGUST 18, 2021

If you are like 80% of respondents to the Trend Micro’s biannual Cyber Risk Index (CRI) report, you expect to experience a data breach that compromises customer data in the next 12 months. Learn the 7 keys to better risk assessment. | Get the latest from CSO by signing up for our newsletters. ].

Cyber Risk

Cyber Risk Risk CSO Data breaches

3 ways to speak the board's language around cyber risk

CSO Magazine

FEBRUARY 5, 2021

The more digital the business becomes, the more cybersecurity becomes an existential issue to address, impacting the competitiveness, continuity, reliability, and overall trust of the enterprise.

Cyber Risk

Cyber Risk Risk Government Cybersecurity

BrandPost: An Intelligent Way to Monitor and Manage Your Cyber Risks

CSO Magazine

OCTOBER 28, 2022

Cyber risks, especially those emanating from third and fourth parties, are escalating. Yet gaining a clear picture of these risks is much more complex given interwoven ecosystem dependencies, data sitting in silos, and many organizations’ lack of a security mindset.

Cyber Risk

Cyber Risk Risk Cybersecurity

Cyber insurance explained: What it covers and why prices continue to rise

CSO Magazine

DECEMBER 1, 2021

Cyber insurance definition. Cyber insurance, also referred to as cyber risk insurance or cyber liability insurance coverage (CLIC), is a policy with an insurance carrier to mitigate risk exposure by offsetting costs involved with damages and recovery after a cyber-related security breach or similar event.

Cyber Insurance

Cyber Insurance Insurance CSO Cyber Risk

Cyber insurance explained and why you need it

CSO Magazine

DECEMBER 1, 2021

Cyber insurance definition. Cyber insurance, also referred to as cyber risk insurance or cyber liability insurance coverage (CLIC), is a policy with an insurance carrier to mitigate risk exposure by offsetting costs involved with damages and recovery after a cyber-related security breach or similar event.

Cyber Insurance

Cyber Insurance Insurance CSO Cyber Risk

Decline in ransomware claims could spark change for cyber insurance

CSO Magazine

OCTOBER 21, 2021

Could such variations trigger changes in the cyber insurance market and, if so, how will they impact insurance carriers and organizations? Learn the 7 keys to better risk assessment. | Get the latest from CSO by signing up for our newsletters. ]. Shifting ransomware priorities impacting claim costs.

Cyber Insurance

Cyber Insurance Insurance Ransomware CSO

Cyber insurance explained and why you need it

CSO Magazine

DECEMBER 1, 2021

Cyber insurance definition. Cyber insurance, also referred to as cyber risk insurance or cyber liability insurance coverage (CLIC), is a policy with an insurance carrier to mitigate risk exposure by offsetting costs involved with damages and recovery after a cyber-related security breach or similar event.

Cyber Insurance

Cyber Insurance Insurance CSO Cyber Risk

Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk

The Security Ledger

MAY 16, 2024

In this Spotlight Podcast, host Paul Roberts talks with Chris Walcutt, the CSO of DirectDefense about the rising cyber threats facing operational technology (OT) and how organizations that manage OT - including critical infrastructure owners can best manage increased cyber risks to OT environments.

CSO

CSO Risk Energy and Utilities Social Engineering

BrandPost: 3 Aspects to Managing Systemic Cyber Risk

CSO Magazine

DECEMBER 10, 2021

Cyberspace enables connections, whether between individuals, organizations, governments, or some combination of the three. In fact, one can argue that enabling simple, fast, and reliable connections over vast distances and at enormous scales is the key feature of cyberspace that makes it so revolutionary.

Cyber Risk

Cyber Risk Risk Government Software

6 steps for third-party cyber risk management

CSO Magazine

SEPTEMBER 30, 2021

Many organizations transact with hundreds of third-party partners, according to EY’s Global Third-Party Risk Management Survey 2019-2020 , a trend that PwC finds shows no sign of slowing, even as the risks increase.

Cyber Risk

Cyber Risk Risk Cybersecurity

Does Cyber Risk Quantification Work? | Avast

Security Boulevard

MARCH 31, 2022

Cyber strategist Pete Lindstrom maintained in an article on CSO that cybersecurity risk is constantly changing in a way analogous to the probability odds in a March Madness tournament. The post Does Cyber Risk Quantification Work? Avast appeared first on Security Boulevard.

Cyber Risk

Cyber Risk Risk CSO Cybersecurity

3 biggest cyber risks from the Ukraine-Russia conflict

CSO Magazine

FEBRUARY 28, 2022

The invasion of Ukraine by Russia is reason enough for all CISOs to place their teams at a heightened state of alert and readiness in the event of deleterious cyber actions by nation-state actors or the cybercriminal groups.

Cyber Risk

Cyber Risk Risk CISO Internet

UK government considers strengthening security rules for MSPs to address supply chain risks

CSO Magazine

MAY 18, 2021

Learn the 7 keys to better risk assessment. | Get the latest from CSO by signing up for our newsletters. ]. As a result, managed service providers (MSPs) could be required to adhere to strengthened security rules or guidance going forward.

Risk

Risk CSO Government Cyber Risk

BrandPost: Announcing HP Wolf Security, and a New Report Assessing Remote Working Cyber Risks

CSO Magazine

JUNE 11, 2021

HP recently announced the findings of a new report – Blurred Lines & Blindspots – a comprehensive global study assessing organizational cyber risk in an era of remote work. The report shows that changing work styles and behaviors are creating new vulnerabilities for companies, individuals, and their data.

Cyber Risk

Cyber Risk Risk

Lockheed’s Teresa Merklin: There’s no such thing as a quick fix

CSO Magazine

JANUARY 17, 2022

Teresa Merklin specializes in cyber risk assessment and engineering for cyber resiliency. To read this article in full, please click here (Insider Story)

Cyber Risk

Cyber Risk Engineering Risk

Fire Doesn't Innovate by Kip Boyle (Book Review)

Adam Shostack

JANUARY 2, 2025

It is not a book for the CSO. They need to understand why cyber risks aren't like fire risks, they need to drive action by their company, and they don't need, want, or have the time to be able to talk about the difference between Fancy Bear and SQL injection.

CSO

CSO Cyber Risk Backups Risk

CISO’s Guide to Presenting Cybersecurity to Board Directors

CyberSecurity Insiders

MARCH 30, 2023

Seasoned CISOs/CSOs understand the importance of effectively communicating cyber risk and the need for investment in cybersecurity defense to the board of directors. A comprehensive approach encompasses aligning with business objectives, identifying key cyber risks, and setting priorities for investment.

Cybersecurity

Cybersecurity Cyber Risk CISO Risk

8 biases that will kill your security program

CSO Magazine

JULY 20, 2021

Avoiding these biases is critical to ensuring that cyber risks are interpreted and acted upon in an appropriate manner especially when major disruptions happen—such as the recent shift to a more distributed work environment because of the COVID-19 pandemic.

Cyber Risk

Cyber Risk Risk

Diversity in cybersecurity: Barriers and opportunities for women and minorities

CSO Magazine

DECEMBER 23, 2021

As cyber risks intensify, organizations are beefing up defenses and adding more outside consultants and resources to their teams. Our world is getting increasingly digitized, and cybercrime continues to break new records.

Cybersecurity

Cybersecurity Cyber Risk Cybercrime Risk

At Nebraska Event, FBI Calls Out Cyber Threats To Agriculture

The Security Ledger

AUGUST 7, 2024

The FBI will host an event exploring agricultural cyber risks in Omaha, Nebraska amid growing concerns of cyber attacks on US agriculture as farms embrace precision agriculture. The post At Nebraska Event, FBI Calls Out Cyber Threats To Agriculture appeared first on The Security Ledger with Paul F. For Hacking.

Cyber threats

Cyber threats CSO Cyber Attacks Cyber Risk

At Pride Summit: A Warning On Cyber Literacy

The Security Ledger

JULY 11, 2021

Poor cyber literacy is at the root of many of the cybersecurity problems plaguing the U.S. economy, according to Dr. Alissa Abdullah, Deputy CSO at MasterCard. The post At Pride Summit: A Warning On Cyber Literacy appeared first on The Security Ledger with Paul F.

CSO

CSO Cyber Risk Ransomware Risk

Wells Notice Against SolarWinds CISO Could Be First of Its Kind

SecureWorld News

JUNE 26, 2023

It will be interesting to watch how the SEC navigates this next stage and its broader impact on the approach by executives in managing cyber risk." While these Wells Notices are official investigations, they are a sign of a potential intent to investigate the CISO and CFO.

CISO

CISO CSO Data privacy Cyber Risk

Measuring cybersecurity: The what, why, and how

CSO Magazine

FEBRUARY 14, 2023

A core pillar of a mature cyber risk program is the ability to measure, analyze, and report cybersecurity threats and performance. That said, measuring cybersecurity is not easy.

Cybersecurity

Cybersecurity Cyber Risk Risk

BrandPost: Women in Cybersecurity—Advancing the Conversation

CSO Magazine

NOVEMBER 29, 2021

Tyler is a nationally recognized cyber security, intelligence, national security expert, and former Director of Cyber Risk Management for AT&T. NETSCOUT's Chief Security Officer, Debby Briggs, was joined by Tyler Cohen Wood for an insightful conversation with Lisa Martin from theCUBE.

Cybersecurity

Cybersecurity Cyber Risk Security Intelligence Media

Tailor security training to developers to tackle software supply chain risks

CSO Magazine

MAY 25, 2021

A lack of cohesion between software development teams and cybersecurity functions compounds the software supply chain risks faced by organizations, making it all the more urgent for cybersecurity leaders and their teams to better engage with and educate developers. To read this article in full, please click here (Insider Story)

Software

Software Risk Cyber Risk Education

7 reasons to avoid investing in cyber insurance

CSO Magazine

FEBRUARY 20, 2023

With cyberattacks rising at an alarming rate around the world, cyber insurance has become an increasingly popular layer of protection for businesses across all sectors. However, despite its clear appeal as a means of supporting and augmenting cyber risk management, insurance might not be the right fit for all companies in every circumstance.

Cyber Insurance

Cyber Insurance Insurance Cyber Risk Risk

BrandPost: Connectivity and Cloud: A Chance for Zero Trust

CSO Magazine

FEBRUARY 24, 2023

While Zero Trust is a term that is often misunderstood as well as misused, it is an approach that has real value in helping to reduce systematic cyber risk and improve resiliency.

Cyber Risk

Cyber Risk Architecture Risk Cybersecurity

Skilling up the security team for the AI-dominated era

CSO Magazine

MAY 3, 2023

As artificial intelligence and machine learning models become more firmly woven into the enterprise IT fabric and the cyberattack infrastructure, security teams will need to level up their skills to meet a whole new generation of AI-based cyber risks.

Artificial Intelligence

Artificial Intelligence Cyber Risk CISO Risk

“Fire Doesn’t Innovate” by Kip Boyle (Book Review)

Adam Shostack

FEBRUARY 4, 2019

It is not a book for the CSO. They need to understand why cyber risks aren’t like fire risks, they need to drive action by their company, and they don’t need, want, or have the time to be able to talk about the difference between Fancy Bear and SQL injection.

CSO

CSO Cyber Risk Backups Risk

Darktrace launches new PREVENT AI security products to pre-empt cyberthreats

CSO Magazine

JULY 19, 2022

PREVENT/E2E (End-to-End) uses an outcome-based approach to managing cyber risk incorporating capabilities from across multiple disciplines including attack path modelling, automated penetration testing, breach and attack emulation, security awareness testing and training, and vulnerability prioritization.

Penetration Testing

Penetration Testing Artificial Intelligence Cyber Risk Security Awareness

Qualys upgrades vulnerability management solution

CSO Magazine

JUNE 7, 2022

provides a means for cutting through the noise created by an ever-expanding vulnerability landscape so the most critical risks can be identified and remedied. Cyber risk is becoming part of the business risk equation," IDC Research Director Michelle Abraham said in a statement. Cloud-based VMDR 2.0

Cyber Risk

Cyber Risk Risk

BrandPost: Driverless Cars Demand Air-Tight Cybersecurity

CSO Magazine

JANUARY 15, 2021

But with great autonomy, comes great cyber-risk. Driverless vehicles could save energy, limit car accidents and improve transport infrastructure. They could, eventually, save us the time we’d typically spend concentrating at the wheel. Autonomous cars are like big computers on wheels.

Cybersecurity

Cybersecurity Cyber Risk Risk Software

Spotlight Podcast: OT Is Under Attack. Now What?

The Security Ledger

JUNE 5, 2024

Chris Walcutt, the CSO at DirectDefense talks about the rapidly changing threat landscape that critical infrastructure owners and operators inhabit, and how savvy firms are managing OT cyber risks. The post Spotlight Podcast: OT Is Under Attack. appeared first on The Security Ledger with Paul F. Click the icon below to listen.

CSO

CSO Digital transformation Technology Cyber Attacks

M&A Trending In Cybersecurity Industry Vertical For 2022

CyberSecurity Insiders

JANUARY 28, 2022

According to CSO, 2021 shaped up to be an active year for mergers and acquisitions in the cybersecurity industry. Top cybersecurity M&A deals for 2021 | CSO Online. There is only one sure fire way to mitigate software application risk, at that is through comprehensive penetration testing. In fact, the volume of U.S.

Cybersecurity

Cybersecurity CSO Digital transformation Risk

December 15 Marks Deadline for SEC's New Cyber Disclosure Rules

SecureWorld News

DECEMBER 11, 2023

Understanding the nature of the threat and how to appropriately mitigate that risk should be a shared responsibility, not solely the purview of the CISO or CSO.

CISO

CISO Risk CSO Government

Exposure Management Works When the CIO and CSO Are in Sync

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

Trending Sources

Cybersecurity’s Comfort Zone Problem: Are you Guilty of it?

Cybersecurity Snapshot: CSA Outlines Data Security Challenges and Best Practices, While ISACA Offers Tips To Retain IT Pros

Cybersecurity Snapshot: U.S. Gov’t Urges Adoption of Memory-Safe Languages and Warns About Iran Cyber Threat

Cybersecurity Snapshot: CISA’s Best Cyber Advice on Securing Cloud, OT, Apps and More

Cybersecurity Snapshot: Experts Issue Best Practices for Migrating to Post-Quantum Cryptography and for Improving Orgs’ Cyber Culture

ICYMI: A Look Back at Exposure Management Academy Highlights

Key Cybersecurity Trends for 2025. My Predictions

Security teams report rise in cyber risk

3 ways to speak the board's language around cyber risk

BrandPost: An Intelligent Way to Monitor and Manage Your Cyber Risks

Cyber insurance explained: What it covers and why prices continue to rise

Cyber insurance explained and why you need it

Decline in ransomware claims could spark change for cyber insurance

Cyber insurance explained and why you need it

Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk

BrandPost: 3 Aspects to Managing Systemic Cyber Risk

6 steps for third-party cyber risk management

Does Cyber Risk Quantification Work? | Avast

3 biggest cyber risks from the Ukraine-Russia conflict

UK government considers strengthening security rules for MSPs to address supply chain risks

BrandPost: Announcing HP Wolf Security, and a New Report Assessing Remote Working Cyber Risks

Lockheed’s Teresa Merklin: There’s no such thing as a quick fix

Fire Doesn't Innovate by Kip Boyle (Book Review)

CISO’s Guide to Presenting Cybersecurity to Board Directors

8 biases that will kill your security program

Diversity in cybersecurity: Barriers and opportunities for women and minorities

At Nebraska Event, FBI Calls Out Cyber Threats To Agriculture

At Pride Summit: A Warning On Cyber Literacy

Wells Notice Against SolarWinds CISO Could Be First of Its Kind

Measuring cybersecurity: The what, why, and how

BrandPost: Women in Cybersecurity—Advancing the Conversation

Tailor security training to developers to tackle software supply chain risks

7 reasons to avoid investing in cyber insurance

BrandPost: Connectivity and Cloud: A Chance for Zero Trust

Skilling up the security team for the AI-dominated era

“Fire Doesn’t Innovate” by Kip Boyle (Book Review)

Darktrace launches new PREVENT AI security products to pre-empt cyberthreats

Qualys upgrades vulnerability management solution

BrandPost: Driverless Cars Demand Air-Tight Cybersecurity

Spotlight Podcast: OT Is Under Attack. Now What?

M&A Trending In Cybersecurity Industry Vertical For 2022

December 15 Marks Deadline for SEC's New Cyber Disclosure Rules

Stay Connected