CSO and Risk - Cyber Security Informer

Report finds women are declining CISO/CSO roles

Tech Republic Security

SEPTEMBER 30, 2022

Professional risk factors into career decisions, and successful women need to encourage other women to accept the risks, says Accenture. The post Report finds women are declining CISO/CSO roles appeared first on TechRepublic.

CSO

CSO CISO Risk Cybersecurity

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Unisys, for instance, was found to have framed cyber risks hypothetically even though its systems had already been breached, exfiltrating gigabytes of data. But the SEC’s latest actions underscore that failing to inform stakeholders about material risks and breaches is not an option.

CISO

CISO CSO Risk Cyber threats

Exposure Management Works When the CIO and CSO Are in Sync

Security Boulevard

APRIL 28, 2025

In this post, Tenable CIO Patricia Grant looks at how the CIO/CSO relationship is key to a successful exposure management program. When I first joined Tenable, one of the first things I did was sit down with our CSO, Robert Huber , to align on how we were going to work together. And we both bring something essential to the table.

CSO

CSO Risk Cyber Risk CISO

A Chief Security Concern for Executive Teams

Krebs on Security

DECEMBER 18, 2018

KrebsOnSecurity reviewed the Web sites for the global top 100 companies by market value, and found just five percent of top 100 firms listed a chief information security officer (CISO) or chief security officer (CSO). Not that these roles are somehow more or less important than that of a CISO/CSO within the organization.

CSO

CSO CISO Marketing Banking

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

Krebs on Security

JULY 21, 2023

A review of the executives pages published by the 2022 list of Fortune 100 companies found only four — BestBuy , Cigna , Coca-Cola , and Walmart — that listed a Chief Security Officer (CSO) or Chief Information Security Officer (CISO) in their highest corporate ranks. Nor is the average pay hugely different among all these roles.

CSO

CSO CISO Insurance Risk

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

The Last Watchdog

MAY 5, 2022

Let’s walk through some practical steps organizations can take today, implementing zero trust and remote access strategies to help reduce ransomware risks: •Obvious, but difficult – get end users to stop clicking unknown links and visiting random websites that they know little about, an educational challenge. Best practices.

Ransomware

Ransomware Risk Internet Internet

Security teams report rise in cyber risk

CSO Magazine

AUGUST 18, 2021

If you are like 80% of respondents to the Trend Micro’s biannual Cyber Risk Index (CRI) report, you expect to experience a data breach that compromises customer data in the next 12 months. Learn the 7 keys to better risk assessment. | Get the latest from CSO by signing up for our newsletters. ].

Cyber Risk

Cyber Risk Risk CSO Data breaches

CSO Global Intelligence Report: The State of Cybersecurity in 2021

CSO Magazine

JULY 30, 2021

Any lingering indifference to cybersecurity risk has evaporated in the face of spiking ransomware attacks, software supply chain threats , and the challenges of securing remote workers. That’s the clear message of CSO’s Global Intelligence Report: The State of Cybersecurity in 2021, fielded via online survey in May and June of this year.

CSO

CSO Cybersecurity Ransomware Software

6 risk factors to know when hiring an MSSP

CSO Magazine

AUGUST 13, 2021

With enterprise adoption of managed security services gradually maturing, the rewards and risks of using these services have become a lot clearer for current and potential customers. Sign up for CSO newsletters. ]. Keep up with 8 hot cyber security trends (and 4 going cold). Keep up with 8 hot cyber security trends (and 4 going cold).

Risk

Risk CSO CISO Technology

Amazon Sidewalk highlights network security visibility risks consumer services pose

CSO Magazine

AUGUST 17, 2021

New research from security firm Cato Networks has highlighted potential security risks surrounding the use of Amazon sidewalk and other consumer-grade services that connect to corporate networks due to a lack of visibility. Get the latest from CSO by signing up for our newsletters. ] To read this article in full, please click here

Consumer Services

Consumer Services Network Security Risk CSO

Unpatched Exchange Servers an overlooked risk

CSO Magazine

SEPTEMBER 1, 2021

Get the latest from CSO by signing up for our newsletters. ] The two bad practices are: Use of unsupported (or end-of-life) software. Use of known/fixed/default passwords and credentials. Learn the must-have features in a modern network security architecture. | To read this article in full, please click here

CSO

CSO Risk Architecture Passwords

Insider risk management: Where your program resides shapes its focus

CSO Magazine

MAY 29, 2023

Today we call programs that help prevent or identify breaches of trust insider risk management (IRM). In 2019, a CSO article raised the question “ Insider risk management — who’s the boss ?” and examined where the buck should stop in terms of taking responsibility for threats from within.

Risk

Risk CSO Government

Cybersecurity’s Comfort Zone Problem: Are you Guilty of it?

Jane Frankland

APRIL 15, 2025

Instead of focusing on accessible, impactful solutions like human risk management, we gravitate toward shiny new technologiestools and systems that feel exciting, measurable, and comfortably within our domain of expertise. The hard truth is that technology alone cant fix the root causes of cyber risk.

Risk

Risk Technology Cybersecurity Security Awareness

Strategic risk analysis is key to ensure customer trust in product, customer-facing app security

CSO Magazine

APRIL 5, 2023

In many organizations they also focus on securing products and public-facing applications, and one way to do this well is through risk assessment. From the start, you've got things you’re committed to such as requirements in customer contracts and regulatory requirements and you have to work within those parameters.

Risk

Risk CSO CISO Cybersecurity

Chris Wysopal: Open source is becoming a national security risk

CSO Magazine

MAY 25, 2022

Chris Wysopal, founder and chief technology officer of application security company Veracode, sat down with CSO Senior Writer Lucian Constantin at a recent Security Summit to discuss just that.

CSO

CSO Risk Software Government

Enterprises report rise in risk events, yet risk management lags

CSO Magazine

MAY 19, 2022

Enterprises around the world are being barraged by risk events, according to a report released Wednesday by Forrester. Risk events, incidents and disruptions have become so frequent that the increased level of risk is the “new normal,” Forrester reported.

Risk

Cloud computing concentration and systemic risk

Security Boulevard

MAY 21, 2022

The post Cloud computing concentration and systemic risk appeared first on Security Boulevard. I came across an interesting blog post over at Finextra which got me thinking about a topic that has been in the back of my.

Risk

Risk CSO

How attackers could exploit breached T-Mobile user data

CSO Magazine

AUGUST 23, 2021

The exposed details differed across different types of customers, so the level of risk users are exposed to varies. Related: The T-Mobile data breach: A timeline | Get the latest from CSO by signing up for our newsletters. ] These include SMS/text-based phishing, SIM swapping and unauthorized number porting.

Mobile

Mobile CSO Data breaches Phishing

Why you need a SaaS governance plan, and what should be in it

CSO Magazine

AUGUST 17, 2021

They must also consider a SaaS governance plan that implements security measures to reduce risk associated with their SaaS usage. That plan includes a combination of compliance frameworks, documentation/due diligence and technical measures for ongoing monitoring and risk reduction. Follow these 5 tips for better cloud security. |

Government

Government CSO Risk

DISA Breach Highlights Need for Stronger Oversight: AppOmni CSO

Security Boulevard

FEBRUARY 26, 2025

million people was exposed in a data breach lasts year, prompting AppOmni CSO Cory Michal to say that data collection companies like DISA and National Public Data need more oversight, regulations, and penalties. The post DISA Breach Highlights Need for Stronger Oversight: AppOmni CSO appeared first on Security Boulevard.

CSO

CSO Data collection Data breaches Social Engineering

4 lessons from recent Microsoft Azure cloud vulnerabilities

CSO Magazine

SEPTEMBER 29, 2021

Both are subject to similar risks and vulnerabilities, and the cloud can sometimes be more complicated than on-premises because of our unfamiliarity with deployment and patching. Get the latest from CSO by signing up for our newsletters. ]. Recent events have brought cloud risks into focus.

CSO

CSO Risk

9 notable government cybersecurity initiatives of 2021

CSO Magazine

SEPTEMBER 2, 2021

“Government-led cybersecurity initiatives are critical to addressing cybersecurity issues such as destructive attacks, massive data breaches, poor security posture, and attacks on critical infrastructure,” Steve Turner, security and risk analyst at Forrester, tells CSO.

Government

Government Cybersecurity CSO Data breaches

Cyber insurance explained: What it covers and why prices continue to rise

CSO Magazine

DECEMBER 1, 2021

Cyber insurance, also referred to as cyber risk insurance or cyber liability insurance coverage (CLIC), is a policy with an insurance carrier to mitigate risk exposure by offsetting costs involved with damages and recovery after a cyber-related security breach or similar event. Cyber insurance definition.

Cyber Insurance

Cyber Insurance Insurance CSO Cyber Risk

Real-time is where the cybersecurity risk is

CSO Magazine

APRIL 5, 2022

I don’t know how many times I’ve heard cybersecurity professionals say something like, “Not having multi-factor authentication is a huge risk for our organization.” The real risk is the probability of a ransomware incident, for example, or the leak of personally identifiable information (PII) from a customer database.

Risk

Risk Cybersecurity Authentication Ransomware

Decline in ransomware claims could spark change for cyber insurance

CSO Magazine

OCTOBER 21, 2021

Learn the 7 keys to better risk assessment. | Get the latest from CSO by signing up for our newsletters. ]. Could such variations trigger changes in the cyber insurance market and, if so, how will they impact insurance carriers and organizations? Shifting ransomware priorities impacting claim costs.

Cyber Insurance

Cyber Insurance Insurance Ransomware CSO

How Jefferson Health enhanced cybersecurity via its cloud transformation

CSO Magazine

AUGUST 16, 2021

Learn the 7 keys to better risk assessment. | Get the latest from CSO by signing up for our newsletters. ]. In fact, by putting cybersecurity at the fore of its cloud innovations, Odom believes the hospital has installed a more efficient, agile, and risk-focused security approach to protect is 34,000 employees.

Cybersecurity

Cybersecurity CSO Healthcare CISO

Device identity: The overlooked insider threat

CSO Magazine

OCTOBER 5, 2021

Throughout National Insider Threat Awareness Month there has been no shortage of thoughts and ideas proffered on how to manage and mitigate insider risk that comes with having humans as part of the ecosystem. They are called upon to mitigate the risk and ameliorate the actions of the malevolent or careless employee.

CSO

CSO Risk

11 cybersecurity buzzwords you should stop using right now

CSO Magazine

NOVEMBER 2, 2021

However, such terms are not always helpful and can be inaccurate, outdated, misleading, or even risk causing harm. Sign up for CSO newsletters. ]. Sign up for CSO newsletters. ]. Learn 8 pitfalls that undermine security program success and 12 tips for effectively presenting cybersecurity to the board.

Cybersecurity

Cybersecurity CSO Marketing Information Security

Turn to Exposure Management to Prioritize Risks Based on Business Impact

Security Boulevard

APRIL 21, 2025

In this post, Tenable CSO Robert Huber shares practical advice on using an exposure management program to focus on risks that have business impact. Its a fairly simple trick of the mind: thinking that every risk deserves urgent attention. But Ive learned the hard way that not all risks are created equal.

Risk

Risk CSO Software

Cyber insurance explained and why you need it

CSO Magazine

DECEMBER 1, 2021

Cyber insurance, also referred to as cyber risk insurance or cyber liability insurance coverage (CLIC), is a policy with an insurance carrier to mitigate risk exposure by offsetting costs involved with damages and recovery after a cyber-related security breach or similar event. Cyber insurance definition.

Cyber Insurance

Cyber Insurance Insurance CSO Cyber Risk

GAO report faults CIOs, OMB for slow adoption of cybersecurity recommendations

CSO Magazine

AUGUST 3, 2021

The US General Accountability Office (GAO) issued the 19-page report , “Cybersecurity and Information Technology: Federal Agencies need to Strengthen Efforts to Address High-Risk Areas” on July 29. Sign up for CSO newsletters. ]. Both pointed out shortcomings in the cyber readiness of the United States government.

CSO

CSO Cybersecurity Government Accountability

ICYMI: A Look Back at Exposure Management Academy Highlights

Security Boulevard

MAY 26, 2025

In this post, we look at a few of the highlights, focusing on the work of three Tenable thought leaders: information security engineer Arnie Cabral, CSO Robert Huber and CIO Patricia Grant. We knew that, although it is critical to modern cybersecurity, vulnerability management alone doesnt provide a complete picture of cyber risk, he wrote.

CSO

CSO Risk Cyber Risk Engineering

5 IT risk assessment frameworks compared

CSO Magazine

NOVEMBER 11, 2021

From a cybersecurity standpoint, organizations are operating in a high-risk world. The ability to assess and manage risk has perhaps never been more important.

Risk

Risk Telecommunications CISO Data breaches

4 ways to keep the cybersecurity conversation going after the crisis has passed

CSO Magazine

MARCH 8, 2021

But nothing more than that.” [ Learn the 7 keys to better risk assessment. | Get the latest from CSO by signing up for our newsletters. ]. Could this happen to us? Should we be concerned?

CSO

CSO Cybersecurity CISO Healthcare

MY TAKE: RSAC 2025’s big takeaway — GenAI is growing up fast, but still needs human direction

The Last Watchdog

MAY 5, 2025

Jay” Abdullah , Mastercards Deputy CSO who gave a keynote address at The CSA Summit from Cloud Security Alliance at RSAC 2025. Willy Leichter , CMO of PointGuard AI , startup focused on visibility and risk governance for GenAI use, captured the unease many feel. Abdullah Lets start with Dr. Alissa “Dr.

Engineering

Engineering DDOS Threat Detection Risk

6 steps to getting risk acceptance right

CSO Magazine

MARCH 22, 2022

Cybersecurity and risk expert David Wilkinson has heard some executives put off discussions about risk acceptance, saying they don’t have any appetite or tolerance for risk. Yet there are indicators that many CISOs aren’t having productive conversations around risk acceptance. Otherwise, they’d be unable to function.

Risk

Risk CISO Cybersecurity

In-app browser security risks, and what to do about them

CSO Magazine

SEPTEMBER 6, 2022

In-app browsers can pose significant security risks to businesses, with their tendency to track data a primary concern. This was highlighted in recent research which examined how browsers within apps like Facebook, Instagram and TikTok can be a data privacy risk for iOS users.

Risk

Risk Data privacy Passwords

Why CISOs Are Stepping Away and What the Future Holds

SecureWorld News

DECEMBER 9, 2024

Stress and burnout are leading contributors, with 60% citing stress and 53% citing burnout as risks that could prompt them to leave. Reducing burnout Organizations are beginning to share cybersecurity responsibilities across leadership roles, such as involving Chief Risk Officers (CROs) and Chief Data Officers (CDOs).

CISO

CISO Cyber threats Risk Cybersecurity

CISOs: Do you know what's in your company’s products?

CSO Magazine

AUGUST 5, 2021

The question COOs should be asking their CISO’s is: “How can I make my product and processes the most secure and operate within acceptable risk parameters for the company and our customers?” [ Learn the 5 key qualities of successful CISOs, and how to develop them and 7 security incidents that cost CISOs their jobs.

CISO

CISO CSO Information Security Risk

Which countries are most (and least) at risk for cybercrime?

CSO Magazine

NOVEMBER 12, 2021

The risk of cybercrime is not spread equally across the globe. Cyberthreats differ widely, with internet users in some countries at much higher risk than those in nations that offer more security due to strong cybercrime legislation and widely implemented cybersecurity programs, according to fraud-detection software company SEON.

Cybercrime

Cybercrime Risk Internet Internet

Three recent events prove the need for an insider risk playbook

CSO Magazine

JANUARY 18, 2022

Every company, regardless of size, should have an insider risk management playbook in place to address the insider threat. The human factor is always in play, mistakes will happen that inadvertently place the company at risk.

Risk

With AI RMF, NIST addresses artificial intelligence risks

CSO Magazine

APRIL 11, 2022

The National Institute of Standards and Technology (NIST) is developing a voluntary framework to better manage risks associated with AI called the Artificial Intelligence Risk Management Framework (AI RMF).

Artificial Intelligence

Artificial Intelligence Risk Technology Government

Proofpoint lawsuits underscore risk of employee offboarding

CSO Magazine

SEPTEMBER 6, 2021

is fraught with risk and requires as much (if not more) attention than who is coming in the door. The hiring entity often spends an inordinate amount of time on process and acclimation onboarding new employees. The C-suite focus is rarely on who departed, yet the offboarding of employees, contractors, advisors, etc.

Risk

Secrets to building a healthy CISO-vendor partnership

CSO Magazine

MAY 3, 2022

Conversely, one that is problematic and incohesive can have the opposite effect, negatively impacting a company’s security practices and leaving them vulnerable to risks and wasted investment. A well-oiled relationship built on trust, communication and mutual understanding can reap significant benefits for a business’s cybersecurity posture.

CISO

CISO CSO Accountability Cybersecurity

Report finds women are declining CISO/CSO roles

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

Trending Sources

Exposure Management Works When the CIO and CSO Are in Sync

A Chief Security Concern for Executive Teams

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

Security teams report rise in cyber risk

CSO Global Intelligence Report: The State of Cybersecurity in 2021

6 risk factors to know when hiring an MSSP

Amazon Sidewalk highlights network security visibility risks consumer services pose

Unpatched Exchange Servers an overlooked risk

Insider risk management: Where your program resides shapes its focus

Cybersecurity’s Comfort Zone Problem: Are you Guilty of it?

Strategic risk analysis is key to ensure customer trust in product, customer-facing app security

Chris Wysopal: Open source is becoming a national security risk

Enterprises report rise in risk events, yet risk management lags

Cloud computing concentration and systemic risk

How attackers could exploit breached T-Mobile user data

Why you need a SaaS governance plan, and what should be in it

DISA Breach Highlights Need for Stronger Oversight: AppOmni CSO

4 lessons from recent Microsoft Azure cloud vulnerabilities

9 notable government cybersecurity initiatives of 2021

Cyber insurance explained: What it covers and why prices continue to rise

Real-time is where the cybersecurity risk is

Decline in ransomware claims could spark change for cyber insurance

How Jefferson Health enhanced cybersecurity via its cloud transformation

Device identity: The overlooked insider threat

11 cybersecurity buzzwords you should stop using right now

Turn to Exposure Management to Prioritize Risks Based on Business Impact

Cyber insurance explained and why you need it

GAO report faults CIOs, OMB for slow adoption of cybersecurity recommendations

ICYMI: A Look Back at Exposure Management Academy Highlights

5 IT risk assessment frameworks compared

4 ways to keep the cybersecurity conversation going after the crisis has passed

MY TAKE: RSAC 2025’s big takeaway — GenAI is growing up fast, but still needs human direction

6 steps to getting risk acceptance right

In-app browser security risks, and what to do about them

Why CISOs Are Stepping Away and What the Future Holds

CISOs: Do you know what's in your company’s products?

Which countries are most (and least) at risk for cybercrime?

Three recent events prove the need for an insider risk playbook

With AI RMF, NIST addresses artificial intelligence risks

Proofpoint lawsuits underscore risk of employee offboarding

Secrets to building a healthy CISO-vendor partnership

Stay Connected