CSO and Risk - Cyber Security Informer

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Unisys, for instance, was found to have framed cyber risks hypothetically even though its systems had already been breached, exfiltrating gigabytes of data. But the SEC’s latest actions underscore that failing to inform stakeholders about material risks and breaches is not an option.

CISO

CISO CSO Risk Government

Exposure Management Works When the CIO and CSO Are in Sync

Security Boulevard

APRIL 28, 2025

In this post, Tenable CIO Patricia Grant looks at how the CIO/CSO relationship is key to a successful exposure management program. When I first joined Tenable, one of the first things I did was sit down with our CSO, Robert Huber , to align on how we were going to work together. And we both bring something essential to the table.

CSO

CSO Risk CISO Cyber Risk

Cybersecurity’s Comfort Zone Problem: Are you Guilty of it?

Jane Frankland

APRIL 15, 2025

Instead of focusing on accessible, impactful solutions like human risk management, we gravitate toward shiny new technologiestools and systems that feel exciting, measurable, and comfortably within our domain of expertise. The hard truth is that technology alone cant fix the root causes of cyber risk.

Risk

Risk Technology Cybersecurity Security Awareness

OT Under Siege No More? Fortinet Report Shows Improving Landscape

SecureWorld News

JULY 17, 2025

One of the most striking revelations in the report : 52% of organizations now report that the CISO/CSO is responsible for OT cybersecurity, up from just 16% in 2022. This trend reflects increasing awareness of OT cyber risk and the need for executive-level accountability," Fortinet notes.

CISO

CISO Cyber Risk Risk CSO

DSPM & AI Are Booming: $17.87B and $4.8T Markets by 2033

Security Affairs

JULY 24, 2025

DSPM provides a comprehensive view of an organization’s data security posture, its compliance status, security and privacy threats, and, critically, how to manage these risks effectively. Continuously monitor data risks. On the other hand, CISOs and CIOs need to integrate DSPM into broader risk management frameworks.

Marketing

Marketing Data privacy Cloud Migration Healthcare

Why CISOs Are Stepping Away and What the Future Holds

SecureWorld News

DECEMBER 9, 2024

Stress and burnout are leading contributors, with 60% citing stress and 53% citing burnout as risks that could prompt them to leave. Reducing burnout Organizations are beginning to share cybersecurity responsibilities across leadership roles, such as involving Chief Risk Officers (CROs) and Chief Data Officers (CDOs).

CISO

CISO Cyber threats Risk Cybersecurity

The Relevance of Privacy-Preserving Techniques and Generative AI to DORA Legislation

Thales Cloud Protection & Licensing

OCTOBER 28, 2024

The Relevance of Privacy-Preserving Techniques and Generative AI to DORA Legislation madhav Tue, 10/29/2024 - 04:55 The increasing reliance on digital technologies has created a complex landscape of risks, especially in critical sectors like finance. The world has changed.

Encryption

Encryption Risk Data privacy Technology

MY TAKE: RSAC 2025’s big takeaway — GenAI is growing up fast, but still needs human direction

The Last Watchdog

MAY 5, 2025

Jay” Abdullah , Mastercards Deputy CSO who gave a keynote address at The CSA Summit from Cloud Security Alliance at RSAC 2025. Willy Leichter , CMO of PointGuard AI , startup focused on visibility and risk governance for GenAI use, captured the unease many feel. Abdullah Lets start with Dr. Alissa “Dr.

Engineering

Engineering DDOS Threat Detection Risk

Cybersecurity Snapshot: CSA Outlines Data Security Challenges and Best Practices, While ISACA Offers Tips To Retain IT Pros

Security Boulevard

MARCH 7, 2025

Check out best practices for shoring up data security and reducing cyber risk. 1 - CSA: How to boost data security and reduce cyber risk Risk assessment gaps. 1 - CSA: How to boost data security and reduce cyber risk Risk assessment gaps. Plus, get tips on how to improve job satisfaction among tech staff.

Cybersecurity

Cybersecurity Scams CSO Risk

Cybersecurity Snapshot: U.S. Gov’t Urges Adoption of Memory-Safe Languages and Warns About Iran Cyber Threat

Security Boulevard

JUNE 27, 2025

government’s latest call for developers to use memory-safe programming languages, as well as its warning for cybersecurity teams regarding cyber risk from hackers tied to Iran. Check out the U.S. Plus, get the latest on ransomware trends, the quantum computing cyber threat and more!

Cyber threats

Cyber threats Cybersecurity Computers and Electronics Password Management

Cybersecurity Snapshot: Experts Issue Best Practices for Migrating to Post-Quantum Cryptography and for Improving Orgs’ Cyber Culture

Security Boulevard

JUNE 6, 2025

Embrace change: Stay attuned to emerging cyber risks and be ready to modify cybersecurity processes accordingly. When elevating an enterprise CISO role, the position is less about technical acumen and more about business risk and business alignment,” Matt Comyns, Artico Search co-founder and president, said in the blog. “In

CISO

CISO Cybersecurity Cyber threats Government

ICYMI: A Look Back at Exposure Management Academy Highlights

Security Boulevard

MAY 26, 2025

In this post, we look at a few of the highlights, focusing on the work of three Tenable thought leaders: information security engineer Arnie Cabral, CSO Robert Huber and CIO Patricia Grant. We knew that, although it is critical to modern cybersecurity, vulnerability management alone doesnt provide a complete picture of cyber risk, he wrote.

CSO

CSO Risk Cyber Risk Engineering

Cybersecurity Snapshot: CISA Calls for Stamping Out Buffer Overflow Vulnerabilities, as Europol Tells Banks To Prep For Quantum Threat

Security Boulevard

FEBRUARY 14, 2025

Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) called buffer overflow vulnerabilities unforgivable defects that put national and economic security at risk.

Banking

Banking Cybercrime Cybersecurity Ransomware

Cybersecurity Snapshot: Apply Zero Trust to Critical Infrastructure’s OT/ICS, CSA Advises, as Five Eyes Spotlight Tech Startups’ Security

Security Boulevard

NOVEMBER 1, 2024

This guidance is designed to help tech startups protect their innovation, reputation, and growth, while also helping tech investors fortify their portfolio companies against security risks," Mike Casey, U.S. for tech startups: Be aware of threat vectors, including malicious insiders, insecure IT and supply chain risk. and the U.K.

CISO

CISO Cybersecurity Authentication Government

Cybersecurity Snapshot: CISA’s Best Cyber Advice on Securing Cloud, OT, Apps and More

Security Boulevard

MAY 2, 2025

Back in September 2024, CISA sounded the alarm on critical infrastructure organizations susceptibility to common, well-known attack methods in its CISA Analysis: Fiscal Year 2023 Risk and Vulnerability Assessments report. Coast Guard conducted in 2023. Enforce multi-factor authentication across all software development environments.

Cybersecurity

Cybersecurity Software Cyber Risk Risk

Key Cybersecurity Trends for 2025. My Predictions

Jane Frankland

JANUARY 12, 2025

In this blog, I’m exploring these changes, grouped under key categories that I’ve used in previous years, to help business leaders and cyber risk owners better prepare for the evolving landscape. Critical infrastructure face heightened risk from targeted disruptions, as do small businesses who are the backbone of the economy.

Cybersecurity

Cybersecurity CISO Insurance IoT

Turn to Exposure Management to Prioritize Risks Based on Business Impact

Security Boulevard

APRIL 21, 2025

In this post, Tenable CSO Robert Huber shares practical advice on using an exposure management program to focus on risks that have business impact. Its a fairly simple trick of the mind: thinking that every risk deserves urgent attention. But Ive learned the hard way that not all risks are created equal.

Risk

Risk CSO Software

Security Roundup April 2025

BH Consulting

APRIL 30, 2025

Third-party risk rises as a factor in breaches: Verizon DBIR 2025 Verizons latest annual Data Breach Investigations Report (DBIR) shows some concerning trends with a sharp escalation in global cyber threats. CSO Online marked the progress as 66 per cent done. The company says 99.2

Data breaches

Data breaches Scams CSO Cybercrime

Report finds women are declining CISO/CSO roles

Tech Republic Security

SEPTEMBER 30, 2022

Professional risk factors into career decisions, and successful women need to encourage other women to accept the risks, says Accenture. The post Report finds women are declining CISO/CSO roles appeared first on TechRepublic.

CSO

CSO CISO Risk Cybersecurity

A Chief Security Concern for Executive Teams

Krebs on Security

DECEMBER 18, 2018

KrebsOnSecurity reviewed the Web sites for the global top 100 companies by market value, and found just five percent of top 100 firms listed a chief information security officer (CISO) or chief security officer (CSO). Not that these roles are somehow more or less important than that of a CISO/CSO within the organization.

CSO

CSO CISO Marketing Banking

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

Krebs on Security

JULY 21, 2023

A review of the executives pages published by the 2022 list of Fortune 100 companies found only four — BestBuy , Cigna , Coca-Cola , and Walmart — that listed a Chief Security Officer (CSO) or Chief Information Security Officer (CISO) in their highest corporate ranks. Nor is the average pay hugely different among all these roles.

CSO

CSO CISO Insurance Risk

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

The Last Watchdog

MAY 5, 2022

Let’s walk through some practical steps organizations can take today, implementing zero trust and remote access strategies to help reduce ransomware risks: •Obvious, but difficult – get end users to stop clicking unknown links and visiting random websites that they know little about, an educational challenge. Best practices.

Ransomware

Ransomware Risk Internet Internet

Security teams report rise in cyber risk

CSO Magazine

AUGUST 18, 2021

If you are like 80% of respondents to the Trend Micro’s biannual Cyber Risk Index (CRI) report, you expect to experience a data breach that compromises customer data in the next 12 months. Learn the 7 keys to better risk assessment. | Get the latest from CSO by signing up for our newsletters. ].

Cyber Risk

Cyber Risk Risk CSO Data breaches

CSO Global Intelligence Report: The State of Cybersecurity in 2021

CSO Magazine

JULY 30, 2021

Any lingering indifference to cybersecurity risk has evaporated in the face of spiking ransomware attacks, software supply chain threats , and the challenges of securing remote workers. That’s the clear message of CSO’s Global Intelligence Report: The State of Cybersecurity in 2021, fielded via online survey in May and June of this year.

CSO

CSO Cybersecurity Ransomware Risk

6 risk factors to know when hiring an MSSP

CSO Magazine

AUGUST 13, 2021

With enterprise adoption of managed security services gradually maturing, the rewards and risks of using these services have become a lot clearer for current and potential customers. Sign up for CSO newsletters. ]. Keep up with 8 hot cyber security trends (and 4 going cold). Keep up with 8 hot cyber security trends (and 4 going cold).

Risk

Risk CSO CISO Technology

Amazon Sidewalk highlights network security visibility risks consumer services pose

CSO Magazine

AUGUST 17, 2021

New research from security firm Cato Networks has highlighted potential security risks surrounding the use of Amazon sidewalk and other consumer-grade services that connect to corporate networks due to a lack of visibility. Get the latest from CSO by signing up for our newsletters. ] To read this article in full, please click here

Consumer Services

Consumer Services Network Security Risk CSO

Unpatched Exchange Servers an overlooked risk

CSO Magazine

SEPTEMBER 1, 2021

Get the latest from CSO by signing up for our newsletters. ] The two bad practices are: Use of unsupported (or end-of-life) software. Use of known/fixed/default passwords and credentials. Learn the must-have features in a modern network security architecture. | To read this article in full, please click here

CSO

CSO Risk Architecture Passwords

Insider risk management: Where your program resides shapes its focus

CSO Magazine

MAY 29, 2023

Today we call programs that help prevent or identify breaches of trust insider risk management (IRM). In 2019, a CSO article raised the question “ Insider risk management — who’s the boss ?” and examined where the buck should stop in terms of taking responsibility for threats from within.

Risk

Risk CSO Government

Strategic risk analysis is key to ensure customer trust in product, customer-facing app security

CSO Magazine

APRIL 5, 2023

In many organizations they also focus on securing products and public-facing applications, and one way to do this well is through risk assessment. From the start, you've got things you’re committed to such as requirements in customer contracts and regulatory requirements and you have to work within those parameters.

Risk

Risk CSO CISO Cybersecurity

Chris Wysopal: Open source is becoming a national security risk

CSO Magazine

MAY 25, 2022

Chris Wysopal, founder and chief technology officer of application security company Veracode, sat down with CSO Senior Writer Lucian Constantin at a recent Security Summit to discuss just that.

CSO

CSO Risk Software Government

Enterprises report rise in risk events, yet risk management lags

CSO Magazine

MAY 19, 2022

Enterprises around the world are being barraged by risk events, according to a report released Wednesday by Forrester. Risk events, incidents and disruptions have become so frequent that the increased level of risk is the “new normal,” Forrester reported.

Risk

How attackers could exploit breached T-Mobile user data

CSO Magazine

AUGUST 23, 2021

The exposed details differed across different types of customers, so the level of risk users are exposed to varies. Related: The T-Mobile data breach: A timeline | Get the latest from CSO by signing up for our newsletters. ] These include SMS/text-based phishing, SIM swapping and unauthorized number porting.

Mobile

Mobile CSO Data breaches Phishing

Cloud computing concentration and systemic risk

Security Boulevard

MAY 21, 2022

The post Cloud computing concentration and systemic risk appeared first on Security Boulevard. I came across an interesting blog post over at Finextra which got me thinking about a topic that has been in the back of my.

Risk

Risk CSO

Why you need a SaaS governance plan, and what should be in it

CSO Magazine

AUGUST 17, 2021

They must also consider a SaaS governance plan that implements security measures to reduce risk associated with their SaaS usage. That plan includes a combination of compliance frameworks, documentation/due diligence and technical measures for ongoing monitoring and risk reduction. Follow these 5 tips for better cloud security. |

Government

Government CSO Risk

DISA Breach Highlights Need for Stronger Oversight: AppOmni CSO

Security Boulevard

FEBRUARY 26, 2025

million people was exposed in a data breach lasts year, prompting AppOmni CSO Cory Michal to say that data collection companies like DISA and National Public Data need more oversight, regulations, and penalties. The post DISA Breach Highlights Need for Stronger Oversight: AppOmni CSO appeared first on Security Boulevard.

CSO

CSO Data collection Data breaches Social Engineering

9 notable government cybersecurity initiatives of 2021

CSO Magazine

SEPTEMBER 2, 2021

“Government-led cybersecurity initiatives are critical to addressing cybersecurity issues such as destructive attacks, massive data breaches, poor security posture, and attacks on critical infrastructure,” Steve Turner, security and risk analyst at Forrester, tells CSO.

Government

Government Cybersecurity CSO Data breaches

4 lessons from recent Microsoft Azure cloud vulnerabilities

CSO Magazine

SEPTEMBER 29, 2021

Both are subject to similar risks and vulnerabilities, and the cloud can sometimes be more complicated than on-premises because of our unfamiliarity with deployment and patching. Get the latest from CSO by signing up for our newsletters. ]. Recent events have brought cloud risks into focus.

CSO

CSO Risk

Cyber insurance explained: What it covers and why prices continue to rise

CSO Magazine

DECEMBER 1, 2021

Cyber insurance, also referred to as cyber risk insurance or cyber liability insurance coverage (CLIC), is a policy with an insurance carrier to mitigate risk exposure by offsetting costs involved with damages and recovery after a cyber-related security breach or similar event. Cyber insurance definition.

Cyber Insurance

Cyber Insurance Insurance CSO Cyber Risk

How Jefferson Health enhanced cybersecurity via its cloud transformation

CSO Magazine

AUGUST 16, 2021

Learn the 7 keys to better risk assessment. | Get the latest from CSO by signing up for our newsletters. ]. In fact, by putting cybersecurity at the fore of its cloud innovations, Odom believes the hospital has installed a more efficient, agile, and risk-focused security approach to protect is 34,000 employees.

Cybersecurity

Cybersecurity CSO Healthcare CISO

Decline in ransomware claims could spark change for cyber insurance

CSO Magazine

OCTOBER 21, 2021

Learn the 7 keys to better risk assessment. | Get the latest from CSO by signing up for our newsletters. ]. Could such variations trigger changes in the cyber insurance market and, if so, how will they impact insurance carriers and organizations? Shifting ransomware priorities impacting claim costs.

Cyber Insurance

Cyber Insurance Insurance Ransomware CSO

Real-time is where the cybersecurity risk is

CSO Magazine

APRIL 5, 2022

I don’t know how many times I’ve heard cybersecurity professionals say something like, “Not having multi-factor authentication is a huge risk for our organization.” The real risk is the probability of a ransomware incident, for example, or the leak of personally identifiable information (PII) from a customer database.

Risk

Risk Cybersecurity Authentication Ransomware

11 cybersecurity buzzwords you should stop using right now

CSO Magazine

NOVEMBER 2, 2021

However, such terms are not always helpful and can be inaccurate, outdated, misleading, or even risk causing harm. Sign up for CSO newsletters. ]. Sign up for CSO newsletters. ]. Learn 8 pitfalls that undermine security program success and 12 tips for effectively presenting cybersecurity to the board.

Cybersecurity

Cybersecurity CSO Marketing Information Security

Device identity: The overlooked insider threat

CSO Magazine

OCTOBER 5, 2021

Throughout National Insider Threat Awareness Month there has been no shortage of thoughts and ideas proffered on how to manage and mitigate insider risk that comes with having humans as part of the ecosystem. They are called upon to mitigate the risk and ameliorate the actions of the malevolent or careless employee.

CSO

CSO Risk

Cyber insurance explained and why you need it

CSO Magazine

DECEMBER 1, 2021

Cyber insurance, also referred to as cyber risk insurance or cyber liability insurance coverage (CLIC), is a policy with an insurance carrier to mitigate risk exposure by offsetting costs involved with damages and recovery after a cyber-related security breach or similar event. Cyber insurance definition.

Cyber Insurance

Cyber Insurance Insurance CSO Cyber Risk

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

Exposure Management Works When the CIO and CSO Are in Sync

Trending Sources

Cybersecurity’s Comfort Zone Problem: Are you Guilty of it?

OT Under Siege No More? Fortinet Report Shows Improving Landscape

DSPM & AI Are Booming: $17.87B and $4.8T Markets by 2033

Why CISOs Are Stepping Away and What the Future Holds

The Relevance of Privacy-Preserving Techniques and Generative AI to DORA Legislation

MY TAKE: RSAC 2025’s big takeaway — GenAI is growing up fast, but still needs human direction

Cybersecurity Snapshot: CSA Outlines Data Security Challenges and Best Practices, While ISACA Offers Tips To Retain IT Pros

Cybersecurity Snapshot: U.S. Gov’t Urges Adoption of Memory-Safe Languages and Warns About Iran Cyber Threat

Cybersecurity Snapshot: Experts Issue Best Practices for Migrating to Post-Quantum Cryptography and for Improving Orgs’ Cyber Culture

ICYMI: A Look Back at Exposure Management Academy Highlights

Cybersecurity Snapshot: CISA Calls for Stamping Out Buffer Overflow Vulnerabilities, as Europol Tells Banks To Prep For Quantum Threat

Cybersecurity Snapshot: Apply Zero Trust to Critical Infrastructure’s OT/ICS, CSA Advises, as Five Eyes Spotlight Tech Startups’ Security

Cybersecurity Snapshot: CISA’s Best Cyber Advice on Securing Cloud, OT, Apps and More

Key Cybersecurity Trends for 2025. My Predictions

Turn to Exposure Management to Prioritize Risks Based on Business Impact

Security Roundup April 2025

Report finds women are declining CISO/CSO roles

A Chief Security Concern for Executive Teams

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

Security teams report rise in cyber risk

CSO Global Intelligence Report: The State of Cybersecurity in 2021

6 risk factors to know when hiring an MSSP

Amazon Sidewalk highlights network security visibility risks consumer services pose

Unpatched Exchange Servers an overlooked risk

Insider risk management: Where your program resides shapes its focus

Strategic risk analysis is key to ensure customer trust in product, customer-facing app security

Chris Wysopal: Open source is becoming a national security risk

Enterprises report rise in risk events, yet risk management lags

How attackers could exploit breached T-Mobile user data

Cloud computing concentration and systemic risk

Why you need a SaaS governance plan, and what should be in it

DISA Breach Highlights Need for Stronger Oversight: AppOmni CSO

9 notable government cybersecurity initiatives of 2021

4 lessons from recent Microsoft Azure cloud vulnerabilities

Cyber insurance explained: What it covers and why prices continue to rise

How Jefferson Health enhanced cybersecurity via its cloud transformation

Decline in ransomware claims could spark change for cyber insurance

Real-time is where the cybersecurity risk is

11 cybersecurity buzzwords you should stop using right now

Device identity: The overlooked insider threat

Cyber insurance explained and why you need it

Stay Connected