CSO, Cyber threats and Software - Cyber Security Informer

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Avaya Holdings , Check Point Software Technologies , and Mimecast Limited each minimized or obscured the extent of security breaches linked to the SolarWinds Orion hack, impacting investor trust and highlighting the critical importance of clear, truthful communication. SEC investigators gathered evidence that Unisys Corp.,

CISO

CISO CSO Risk Cyber threats

Cybersecurity Snapshot: U.S. Gov’t Urges Adoption of Memory-Safe Languages and Warns About Iran Cyber Threat

Security Boulevard

JUNE 27, 2025

government’s latest call for developers to use memory-safe programming languages, as well as its warning for cybersecurity teams regarding cyber risk from hackers tied to Iran. Plus, get the latest on ransomware trends, the quantum computing cyber threat and more! Check out the U.S. and the U.K.)

Cyber threats

Cyber threats Cybersecurity Computers and Electronics Password Management

OT Under Siege No More? Fortinet Report Shows Improving Landscape

SecureWorld News

JULY 17, 2025

Based on a global survey of more than 550 OT professionals, the findings reveal both a maturing OT security landscape and the persistent threats it continues to face. One of the most striking revelations in the report : 52% of organizations now report that the CISO/CSO is responsible for OT cybersecurity, up from just 16% in 2022.

CISO

CISO Cyber Risk Risk CSO

Cybersecurity Snapshot: CISA Calls for Stamping Out Buffer Overflow Vulnerabilities, as Europol Tells Banks To Prep For Quantum Threat

Security Boulevard

FEBRUARY 14, 2025

government is urging software makers to adopt secure application-development practices that help prevent buffer overflow attacks. These are some of the recommendations the agencies offered for preventing buffer overflows in the fact sheet titled Malicious Cyber Actors Use Buffer Overflow Vulnerabilities to Compromise Software.

Banking

Banking Cybercrime Cybersecurity Ransomware

The Relevance of Privacy-Preserving Techniques and Generative AI to DORA Legislation

Thales Cloud Protection & Licensing

OCTOBER 28, 2024

To address these challenges, the European Union introduced the Digital Operational Resilience Act (DORA) in 2022, designed to ensure that financial entities can withstand and recover from cyber threats while maintaining operational continuity. The world has changed.

Encryption

Encryption Risk Data privacy Technology

Key Cybersecurity Trends for 2025. My Predictions

Jane Frankland

JANUARY 12, 2025

Software vendors, open-source software, cloud services, and hardware suppliers remain particularly vulnerable. Blindspots and Weaknesses Shadow AI Shadow IT has long exposed organisations to risks through unauthorized software and applications that bypass security protocols.

Cybersecurity

Cybersecurity CISO Insurance IoT

Cyber threat intelligence programs: Still crazy after all these years

CSO Magazine

APRIL 6, 2023

When I asked CISOs about their cyber threat intelligence (CTI) programs about five years ago, I got two distinct responses. Large, well-resourced enterprises were investing their threat intelligence programs with the goal of better operationalizing it for tactical, operational, and strategic purposes.

Cyber threats

Cyber threats CISO Firewall Software

Deloitte-NASCIO Study: AI and Cyber Threats Reshape the Landscape

SecureWorld News

OCTOBER 2, 2024

Incremental progress is important—CISOs should continuously be seeking to root out unsecure connections and shut software backdoors—but proactive efforts are increasingly necessary. Today's asymmetric cyberthreats demand more forceful responses.

Cyber threats

Cyber threats CISO Digital transformation Artificial Intelligence

Episode 250: Window Snyder of Thistle on Making IoT Security Easy

The Security Ledger

MAY 13, 2023

Related Stories Spotlight: Traceable CSO Richard Bird on Securing the API Economy Episode 249: Intel Federal CTO Steve Orrin on the CHIPS Act and Supply Chain Security Forget the IoT. It’s no surprise that cyber threats and attacks followed. The post Episode 250: Window Snyder of Thistle on. Read the whole entry. »

IoT

IoT Internet Internet CSO

M&A Trending In Cybersecurity Industry Vertical For 2022

CyberSecurity Insiders

JANUARY 28, 2022

According to CSO, 2021 shaped up to be an active year for mergers and acquisitions in the cybersecurity industry. Top cybersecurity M&A deals for 2021 | CSO Online. “ The Role of Cybersecurity in M&A – Journal of Cyber Policy. In fact, the volume of U.S. March alone saw more than 40 firms being acquired.

Cybersecurity

Cybersecurity CSO Digital transformation Penetration Testing

Survey: Alarming Number of IT Professionals Told to Conceal Breaches

SecureWorld News

APRIL 10, 2023

Failing to report a data breach creates a variety of challenges, including underestimating the level of cyber threat activity, legal jeopardy, and brand reputational damage. More than half (55%) of the respondents to the Bitdefender study expressed concern that their company would face legal action due to a breach being mismanaged.

Data breaches

Data breaches CSO Social Engineering Cyber threats

Clorox's Cybersecurity Chief Departs Amidst Incident Recovery Efforts

SecureWorld News

NOVEMBER 16, 2023

An intense failure within your domain, especially one that detrimentally affects investors, leaves the leader to bear the brunt," said Sabino Marquez , CISO at Cognota Software, who last week gave a keynote on "Running Cybersecurity as a Business" at SecureWorld Seattle.

CISO

CISO Cybersecurity CSO Risk

2022 Cybersecurity predictions

CyberSecurity Insiders

NOVEMBER 16, 2021

While in past years, InfoSec was previously the focus and CISOs were the norm – we’re moving to a new cybersecurity world order that expands the role of the CISO to a CSO (Chief Security Officer). The transition from hybrid to a software-defined world. Ransomware becomes the most feared adversary.

Cybersecurity

Cybersecurity Energy and Utilities Manufacturing Healthcare

Massive threat campaign strikes open-source repos, Sonatype spots new CursedGrabber malware

Security Affairs

NOVEMBER 23, 2020

Sonatype has discovered more malware in the npm registry which, following our analysis and multiple cyber threat intelligence reports, has led to the discovery of a novel and large scale malware campaign leveraging the open-source ecosystem. Sonatype is tracking CursedGrabber malware including npm’s xpc.js

Malware

Malware Antivirus Engineering Software

BrandPost: Next-generation SIEM for Healthcare: Here's What to Consider When Considering SIEM

CSO Magazine

FEBRUARY 16, 2021

This last year our team has seen more sophisticated cyber threats targeted towards healthcare organizations than ever before. One of the most pragmatic pieces of software to guard against these bad actors is security information and event management (SIEM) software.

Healthcare

Healthcare Cyber threats Software

BrandPost: Free Trials of Hardened VMs in AWS Marketplace

CSO Magazine

SEPTEMBER 1, 2022

Organizations challenged with a shortage of IT resources or little time to harden their systems know how difficult it can be to stay secure in a world where cyber threats are ever-present. In fact, organizations saw 50% more weekly cyber-attacks in 2021, according to Check Point Software.

Cyber threats

Cyber threats Cyber Attacks Software

Cybersecurity Snapshot: Tenable Report Warns About Toxic Cloud Exposures, as PwC Study Urges C-Suite Collaboration for Stronger Cyber Resilience

Security Boulevard

OCTOBER 18, 2024

The document, titled “ Framing Software Component Transparency ,” was last updated in 2021. In theory, SBOMs help boost your software supply chain security by listing all ingredients in a software product, such as an application. Their purpose is to provide granular visibility into all software components in your environment.

Cybersecurity

Cybersecurity CISO CSO Risk

CISO’s Guide to Presenting Cybersecurity to Board Directors

CyberSecurity Insiders

MARCH 30, 2023

Utilize real-world examples, case studies, and industry benchmarks to drive home the importance of investing in cybersecurity defense and creating a culture where everyone plays a role in protecting the organization from cyber threats.

Cybersecurity

Cybersecurity Cyber Risk CISO Risk

Cybersecurity Snapshot: New Standard for AI System Security Published, While Study Finds Cyber Teams Boost Value of Business Projects

Security Boulevard

MAY 30, 2025

And get the latest on properly decommissioning tech products; a cyber threat targeting law firms; and more! 4 - Guide: How to safely decommission tech products Its important to properly dispose of software and hardware products after removing them from your IT environment. Check out what they said.

CISO

CISO Cybersecurity Artificial Intelligence CSO

Cyber nonprofits ask billionaire philanthropists to show them some love

SC Magazine

APRIL 16, 2021

Judge has faced the same problem, finding that many philanthropic organizations don’t think cyber aligns with their areas of interest, be it economic development and disparity, education or mental health. But it really does.

Education

Education Cybercrime Media Internet

15 Top Cybersecurity Certifications for 2022

eSecurity Planet

JUNE 21, 2022

My advice for anybody that asks me which certifications they should get is this: find a certification in a subject that you wish to learn about,” Palo Alto Networks CSO Rick Howard said. “If If you are going to study the subject anyway, you might as well get a certification out of it.”. Also read: How to Get Started in a Cybersecurity Career.

Cybersecurity

Cybersecurity Penetration Testing System Administration Cyber Attacks

BrandPost: The Journey to Zero Trust

CSO Magazine

FEBRUARY 1, 2021

Will you only be implementing a software-defined perimeter? Mapping business goals to the cyber threats putting those goals at risk will help formulate the Zero Trust strategy to mitigate that risk. At a high level, the roadmap should cover the following: Develop a strategy – What are the overall goals of the business?

Architecture

Architecture B2B Government Risk

Walking the Walk: How Tenable Embraces Its “Secure by Design” Pledge to CISA

Security Boulevard

NOVEMBER 25, 2024

Cybersecurity and Infrastructure Security Agency (CISA), joining 67 other leading software makers. Our commitment is to ensure that our platform remains robust against evolving threats and provides the best possible security for our customers. None of the services in the Tenable One platform are developed using memory unsafe languages.

Passwords

Passwords Software CSO Manufacturing

Cybersecurity Snapshot: CISA Warns of Global Spear-Phishing Threat, While OWASP Releases AI Security Resources

Security Boulevard

NOVEMBER 8, 2024

Meanwhile, cybercriminals have amplified their use of malware for fake software-update attacks. And get the latest on CISA’s international plan, Interpol’s cyber crackdown and ransomware trends. To get more details, check out the CISA alert “ Foreign Threat Actor Conducting Large-Scale Spear-Phishing Campaign with RDP Attachments. ”

Phishing

Phishing Cybersecurity Cybercrime Ransomware

LW ROUNDTABLE: CrowdStrike outage reveals long road ahead to achieve digital resiliency

The Last Watchdog

JULY 25, 2024

Last week, CrowdStrike, one of the cybersecurity industry’s most reputable solution providers, inadvertently caused more disruption across the Internet than all the threat actors active online at the time. In the latter, a threat actor purposefully identified and exploited a soft spot in SolarWinds’ automated software update service.

Technology

Technology Ransomware Software CSO

New SEC Rules Require Breach Disclosure within Four Days

eSecurity Planet

JULY 27, 2023

Separately, the new Regulation S-K Item 106 requires public companies to detail their processes for identifying and managing risks from cyber threats, the role of management and the board of directors in managing such risks, and the potential impact from cyber threats and from any previous cybersecurity incidents.

Data privacy

Data privacy Risk Government CSO

Cybersecurity Awareness Month: Security Experts Reflect on Safety

CyberSecurity Insiders

NOVEMBER 1, 2021

Examples of this include keeping software up to date, backing up data, and maintaining good password practices. Cyber attacks nowadays do not often come from ingenious ‘hackers’ in dark rooms, they’re often the result of an employee reusing the same password, or businesses not implementing basic practices such as multi-factor authentication.

Cybersecurity

Cybersecurity Backups Ransomware Cyber Attacks

Details about Pentagon’s Zero Trust Office

CyberSecurity Insiders

NOVEMBER 12, 2021

Meaning, all those accessing the apps or data are verified and permitted while accessing the resources related to a network, hence, preventing a company from advanced cyber threats and data breaches, while complying with HIPAA, PCI, GDPR, CCPA, and FISMA.

Data breaches

Data breaches CSO Architecture Cyber threats

Cyber Security Informer

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

Cybersecurity Snapshot: U.S. Gov’t Urges Adoption of Memory-Safe Languages and Warns About Iran Cyber Threat

Trending Sources

OT Under Siege No More? Fortinet Report Shows Improving Landscape

Cybersecurity Snapshot: CISA Calls for Stamping Out Buffer Overflow Vulnerabilities, as Europol Tells Banks To Prep For Quantum Threat

The Relevance of Privacy-Preserving Techniques and Generative AI to DORA Legislation

Key Cybersecurity Trends for 2025. My Predictions

Cyber threat intelligence programs: Still crazy after all these years

Deloitte-NASCIO Study: AI and Cyber Threats Reshape the Landscape

Episode 250: Window Snyder of Thistle on Making IoT Security Easy

M&A Trending In Cybersecurity Industry Vertical For 2022

Survey: Alarming Number of IT Professionals Told to Conceal Breaches

Clorox's Cybersecurity Chief Departs Amidst Incident Recovery Efforts

2022 Cybersecurity predictions

Massive threat campaign strikes open-source repos, Sonatype spots new CursedGrabber malware

BrandPost: Next-generation SIEM for Healthcare: Here's What to Consider When Considering SIEM

BrandPost: Free Trials of Hardened VMs in AWS Marketplace

Cybersecurity Snapshot: Tenable Report Warns About Toxic Cloud Exposures, as PwC Study Urges C-Suite Collaboration for Stronger Cyber Resilience

CISO’s Guide to Presenting Cybersecurity to Board Directors

Cybersecurity Snapshot: New Standard for AI System Security Published, While Study Finds Cyber Teams Boost Value of Business Projects

Cyber nonprofits ask billionaire philanthropists to show them some love

15 Top Cybersecurity Certifications for 2022

BrandPost: The Journey to Zero Trust

Walking the Walk: How Tenable Embraces Its “Secure by Design” Pledge to CISA

Cybersecurity Snapshot: CISA Warns of Global Spear-Phishing Threat, While OWASP Releases AI Security Resources

LW ROUNDTABLE: CrowdStrike outage reveals long road ahead to achieve digital resiliency

New SEC Rules Require Breach Disclosure within Four Days

Cybersecurity Awareness Month: Security Experts Reflect on Safety

Details about Pentagon’s Zero Trust Office

Stay Connected