CSO, Risk and Social Engineering - Cyber Security Informer

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

The Last Watchdog

MAY 5, 2022

Let’s walk through some practical steps organizations can take today, implementing zero trust and remote access strategies to help reduce ransomware risks: •Obvious, but difficult – get end users to stop clicking unknown links and visiting random websites that they know little about, an educational challenge. Best practices. Let’s talk VPNs.

Ransomware

Ransomware Risk Internet Internet

Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk

The Security Ledger

MAY 16, 2024

In this Spotlight Podcast, host Paul Roberts talks with Chris Walcutt, the CSO of DirectDefense about the rising cyber threats facing operational technology (OT) and how organizations that manage OT - including critical infrastructure owners can best manage increased cyber risks to OT environments. Read the whole entry. »

CSO

CSO Risk Energy and Utilities Social Engineering

DISA Breach Highlights Need for Stronger Oversight: AppOmni CSO

Security Boulevard

FEBRUARY 26, 2025

million people was exposed in a data breach lasts year, prompting AppOmni CSO Cory Michal to say that data collection companies like DISA and National Public Data need more oversight, regulations, and penalties. The post DISA Breach Highlights Need for Stronger Oversight: AppOmni CSO appeared first on Security Boulevard.

CSO

CSO Data collection Data breaches Social Engineering

97% of enterprises say VPNs are prone to cyberattacks: Study

CSO Magazine

SEPTEMBER 26, 2022

Reliance on VPNs for remote access is putting enterprises at significant risk as social engineering , ransomware , and malware attacks continue to advance, exposing businesses to greater risk, according to a new report by cloud security company Zscaler. To read this article in full, please click here

Social Engineering

Social Engineering Engineering Risk Ransomware

Cybersecurity First: #BeCyberSmart at Work and Home

Security Through Education

OCTOBER 27, 2021

Social-Engineer, LLC saw an almost 350% increase in recognition of phishing emails when using a similar training platform in 2020. It is to these carefully crafted campaigns that Social-Engineer, LLC can attribute their success. The answer is simple; with simulated attacks and subsequent training.

Cybersecurity

Cybersecurity Social Engineering Firewall Engineering

10 top anti-phishing tools and services

CSO Magazine

APRIL 28, 2022

A key factor in protecting your business from phishing is to understand your vulnerabilities, weigh the potential risk to your business, and decide what tools offer the best protection to match your business needs. Most phishing attacks are less about the technology and more about social engineering. Why phishing is successful.

Phishing

Phishing Social Engineering Engineering Technology

A Clear and Present Need: Bolster Your Identity Security with Threat Detection and Response

Duo's Security Blog

NOVEMBER 20, 2023

“It took nearly 11 months (328 days) to identity and contain data breaches resulting from stolen or compromised credentials.” – IBM’s Cost of Data Breach Report 2023 I recently came across a 2012 article from CSO Online , and realized that it has been more than 11 years since the phrase “Identity is the new perimeter” was coined!

Threat Detection

Threat Detection Authentication Accountability Data breaches

Survey: Alarming Number of IT Professionals Told to Conceal Breaches

SecureWorld News

APRIL 10, 2023

A new study from cybersecurity vendor Bitdefender revealed that this is a reality for more than two-fifths of IT professionals—putting both organizations and individuals at risk.

Data breaches

Data breaches CSO Social Engineering Cyber threats

BrandPost: Secure Microsoft 365 with Reveal(x) 360 Network Detection and Response

CSO Magazine

NOVEMBER 5, 2021

Risks and challenges in SaaS security monitoring. Using SaaS offerings such as Microsoft 365 to conduct important business carries risk. Rich network context and comprehensive visibility in a single, streamlined interface. User identities can be compromised through phishing, brute force, or simple abuse by malicious insiders.

Social Engineering

Social Engineering Phishing Data breaches Risk

NEW TECH: Data Theorem helps inventory sprawling APIs — as the first step to securing them

The Last Watchdog

MARCH 25, 2019

If I go to a CSO and say, ‘We can secure your APIs,’ he’ll say, ‘Great, can you also find them for me?’ ” observed Dwivedi, Data Theorem’s founder. It’s encouraging that Data Theorem and other security vendors are innovating in this space, and striving to give companies viable tools and processes to mitigate API risks. Talk more soon.

Digital transformation

Digital transformation Software Data breaches Authentication

BrandPost: Keeping Your Hybrid Workforce Secure with Cyber Hygiene Training

CSO Magazine

SEPTEMBER 20, 2021

Any time an organization shifts an employee’s workspace and network usage, they may be less adept at identifying phishing attacks, social engineering or other security threats. The key to mitigating the human risk factor in hybrid workforce cybersecurity is education.

Social Engineering

Social Engineering Phishing Security Awareness Education

Coinbase Hacked and Turns the Tables on the Cybercriminals!

Security Boulevard

MAY 16, 2025

With the loss of customer name and contact data, there may be some social engineering attacks, but Coinbase has already said they will make customer whole if that happens. In cybersecurity we must manage risks. This is a playbook for every company out there that is at risk of ransomware or other digital extortion!

Hacking

Hacking CSO Social Engineering CISO

ChatGPT Security and Privacy Issues Remain in GPT-4

eSecurity Planet

APRIL 27, 2023

The software supply chain issues identified … in OpenAI’s breach are not surprising, as most organizations are struggling with these challenges, albeit perhaps less publicly,” said Peter Morgan, who is the co-founder and CSO of Phylum.io, a cybersecurity firm that focuses on the supply chain. The key is getting ahead of the risks.”

Risk

Risk Engineering CSO Software

Interview with Dr. Arun Vishwanath on the Latest Cybersecurity Attacks

CyberSecurity Insiders

JUNE 3, 2021

It’s one thing for cyber security experts and engineers to ask everyone to be cyber safe, but they need to practice their what they preach. What are the most important cybersecurity risks for 2021? Some of the data that is stolen feeds social engineering attacks, where hackers use the stolen data to attack people and steal even more.

Cybersecurity

Cybersecurity Social Engineering Energy and Utilities Phishing

Cybersecurity Snapshot: Tenable Report Warns About Toxic Cloud Exposures, as PwC Study Urges C-Suite Collaboration for Stronger Cyber Resilience

Security Boulevard

OCTOBER 18, 2024

Check out invaluable cloud security insights and recommendations from the “Tenable Cloud Risk Report 2024.” 1 - Tenable: Riskiest cloud workloads present in 38% of orgs Almost 40% of global organizations have cloud workloads that put them at the highest risk of attack — an alarmingly high percentage.

Cybersecurity

Cybersecurity CISO CSO Risk

Malwarebytes releases Mobile Security for OneView to secure Chromebooks, Android, iOS devices

CSO Magazine

MAY 9, 2023

Malware, social engineering, data leakage, and Wi-Fi interference are among the many mobile security risks organizations face, while novel technologies such as generative AI are predicted to create new opportunities for cybercriminals to target mobile devices.

Mobile

Mobile Social Engineering Engineering Technology

Cyber Security Awareness and Risk Management

Spinone

DECEMBER 26, 2018

In this article we will learn how to address and effectively respond to major enterprise cybersecurity threats and provide tips to mitigate IT security risk. Social engineering attacks , including phishing, spam, and viruses introduced via clickable links within e-mail affected 80% of the banking institutions in 2016.

Security Awareness

Security Awareness Risk Cyber threats Cyber Risk

Meet the 2021 SC Awards judges

SC Magazine

MAY 1, 2021

Cedric Leighton is founder and president of Cedric Leighton Associates, a strategic risk and leadership management consultancy. Since founding Cedric Leighton Associates, he has become an internationally known strategic risk expert. Leighton is also a founding partner of CYFORIX, specializing in the field of cyber risk.

Computers and Electronics

Computers and Electronics Technology Information Security Education

Podcast Episode 134: The Deep Fake Threat to Authentication and analyzing the PEAR Compromise

The Security Ledger

FEBRUARY 19, 2019

And, in our second segment, Sam Bisbee the CSO of the firm ThreatStack joins us to talk about last month's hack of the PEAR open source package manager and why data deserialization attacks are a growing threat to projects that use open source components. They risk undermining a range of voice and image based authentication technologies.

Authentication

Authentication CSO Artificial Intelligence Social Engineering

Camera tricks: Privacy concerns raised after massive surveillance cam breach

SC Magazine

MARCH 10, 2021

Making matters worse, the cameras employ facial recognition technology, which leads to questions as to whether an attacker could actually identify individuals caught on camera and then pursue them as targets for social engineering schemes or something even more nefarious. When surveillance leads to spying.

Surveillance

Surveillance IoT Accountability Hacking

Cybersecurity Snapshot: CISA Warns of Global Spear-Phishing Threat, While OWASP Releases AI Security Resources

Security Boulevard

NOVEMBER 8, 2024

Unraveling the True Security Risks ” (SecurityWeek) “ How deepfakes threaten biometric security controls ” (TechTarget) “ Deepfakes break through as business threat ” (CSO) 3 - Fake update variants dominate list of top malware in Q3 Hackers are doubling down on fake software-update attacks.

Phishing

Phishing Cybersecurity Ransomware Cybercrime

Leaking company secrets via generative AIs like ChatGPT

Security Boulevard

JANUARY 21, 2023

For a third party, knowing what people from company X are asking of ChatGPT (or any other generative AI) could be quite interesting and profitable. The post Leaking company secrets via generative AIs like ChatGPT appeared first on Security Boulevard.

Social Engineering

Social Engineering CSO Engineering Risk

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Haddix continues to provide his insights while serving as the Head of Security and Risk Management for Ubisoft. Formerly on the FBI’s Most Wanted list, Kevin Mitnick is a crucial figure in the history of information security, including approaches to social engineering and penetration testing. Kevin Mitnick | @kevinmitnick.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 2)

The Last Watchdog

DECEMBER 14, 2023

We asked two questions: •What should be my biggest takeaway from 2023, with respect to mitigating cyber risks at my organization? As the adoption of generative AI accelerates, organizations must prioritize security and risk management. Balancing efficiency, innovation and risk will be essential. Part three to follow on Friday.

Cybersecurity

Cybersecurity Risk Cyber threats CSO

Key Cybersecurity Trends for 2025. My Predictions

Jane Frankland

JANUARY 12, 2025

In this blog, I’m exploring these changes, grouped under key categories that I’ve used in previous years, to help business leaders and cyber risk owners better prepare for the evolving landscape. Critical infrastructure face heightened risk from targeted disruptions, as do small businesses who are the backbone of the economy.

Cybersecurity

Cybersecurity CISO Insurance IoT

Cyber Security Informer

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk

Trending Sources

DISA Breach Highlights Need for Stronger Oversight: AppOmni CSO

97% of enterprises say VPNs are prone to cyberattacks: Study

Cybersecurity First: #BeCyberSmart at Work and Home

10 top anti-phishing tools and services

A Clear and Present Need: Bolster Your Identity Security with Threat Detection and Response

Survey: Alarming Number of IT Professionals Told to Conceal Breaches

BrandPost: Secure Microsoft 365 with Reveal(x) 360 Network Detection and Response

NEW TECH: Data Theorem helps inventory sprawling APIs — as the first step to securing them

BrandPost: Keeping Your Hybrid Workforce Secure with Cyber Hygiene Training

Coinbase Hacked and Turns the Tables on the Cybercriminals!

ChatGPT Security and Privacy Issues Remain in GPT-4

Interview with Dr. Arun Vishwanath on the Latest Cybersecurity Attacks

Cybersecurity Snapshot: Tenable Report Warns About Toxic Cloud Exposures, as PwC Study Urges C-Suite Collaboration for Stronger Cyber Resilience

Malwarebytes releases Mobile Security for OneView to secure Chromebooks, Android, iOS devices

Cyber Security Awareness and Risk Management

Meet the 2021 SC Awards judges

Podcast Episode 134: The Deep Fake Threat to Authentication and analyzing the PEAR Compromise

Camera tricks: Privacy concerns raised after massive surveillance cam breach

Cybersecurity Snapshot: CISA Warns of Global Spear-Phishing Threat, While OWASP Releases AI Security Resources

Leaking company secrets via generative AIs like ChatGPT

Top Cybersecurity Accounts to Follow on Twitter

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 2)

Key Cybersecurity Trends for 2025. My Predictions

Stay Connected