CSO and Technology - Cyber Security Informer

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Related: Technology and justice systems The U.S. Avaya Holdings , Check Point Software Technologies , and Mimecast Limited each minimized or obscured the extent of security breaches linked to the SolarWinds Orion hack, impacting investor trust and highlighting the critical importance of clear, truthful communication.

CISO

CISO CSO Risk Cyber threats

Exposure Management Works When the CIO and CSO Are in Sync

Security Boulevard

APRIL 28, 2025

In this post, Tenable CIO Patricia Grant looks at how the CIO/CSO relationship is key to a successful exposure management program. When I first joined Tenable, one of the first things I did was sit down with our CSO, Robert Huber , to align on how we were going to work together. So, my advice to fellow CIOs: Stay close to your CSO.

CSO

CSO Risk Cyber Risk CISO

A Chief Security Concern for Executive Teams

Krebs on Security

DECEMBER 18, 2018

Even among top tech firms, less than half list a chief technology officer (CTO). KrebsOnSecurity reviewed the Web sites for the global top 100 companies by market value, and found just five percent of top 100 firms listed a chief information security officer (CISO) or chief security officer (CSO). Not anymore. EXECUTIVE SILOS.

CSO

CSO CISO Marketing Banking

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

Krebs on Security

JULY 21, 2023

A review of the executives pages published by the 2022 list of Fortune 100 companies found only four — BestBuy , Cigna , Coca-Cola , and Walmart — that listed a Chief Security Officer (CSO) or Chief Information Security Officer (CISO) in their highest corporate ranks. Nor is the average pay hugely different among all these roles.

CSO

CSO CISO Insurance Risk

CSO's ultimate guide to security and privacy laws, regulations, and compliance

CSO Magazine

JANUARY 28, 2021

CSO's ultimate guide to security and privacy laws, regulations, and compliance Security and privacy laws, regulations, and compliance: The complete guide This directory includes laws, regulations and industry guidelines with significant security and privacy impact and requirements. NERC) standards.

CSO

CSO Financial Services Consumer Protection Data privacy

Why CISO roles require business and technology savvy

CSO Magazine

OCTOBER 12, 2022

This was a few years ago, and one can only guess that the role had been created by a technologist who didn’t care about or didn’t understand the business—or, inversely by a businessperson who didn’t understand enough about technology. In either case, the disconnect is real. To read this article in full, please click here

CISO

CISO Technology Advertising

11 technologies improving database security

CSO Magazine

JULY 12, 2021

Now, sophisticated tools and technologies are making it possible for database developers to have their cake and, to stay in metaphor, not count the calories by keeping the information private. Databases hold vast amounts of personal information including some very sensitive tidbits, creating headaches for the companies that must curate them.

Technology

Recent shadow IT related incidents present lessons to CISOs

CSO Magazine

AUGUST 12, 2021

Sign up for CSO newsletters. ]. Operating within an enclaved system means direct user access to more advanced technologies from their workstations wasn’t happening. They do have the challenge of employees using technology and applications with capabilities that far outstrip their ability to keep up.

CISO

CISO CSO Technology Government

Cybersecurity’s Comfort Zone Problem: Are you Guilty of it?

Jane Frankland

APRIL 15, 2025

While these technological investments have their value, theyre not enough to solve the fundamental problem the majority of risks come from humans. The Allure of Technology in Cybersecurity Cybersecurity professionals, like Gregs car-loving coffee enthusiast, often find comfort in technology. Its the complement, not the crutch.

Risk

Risk Technology Cybersecurity Security Awareness

New Intel CPU-level threat detection capabilities target ransomware

CSO Magazine

JANUARY 19, 2021

Keep up on the latest thought leadership, insights, how-to, and analysis on IT security through CSO Online’s newsletters. ]. These include things like trusted execution, virtualization, memory encryption, runtime BIOS resilience and threat detection technology ( Intel TDT ). To read this article in full, please click here

Threat Detection

Threat Detection Ransomware CSO Mobile

What is physical security? How to keep your facilities and devices safe from on-site attackers

CSO Magazine

AUGUST 4, 2021

Get the latest from CSO by signing up for our newsletters. ]. All the firewalls in the world can’t help you if an attacker removes your storage media from the storage room. Learn what you need to know about defending critical infrastructure. |

Artificial Intelligence

Artificial Intelligence CSO IoT Firewall

Biden memo, infrastructure deal deliver cybersecurity performance goals and money

CSO Magazine

JULY 30, 2021

Get the latest from CSO by signing up for our newsletters. ]. Both efforts aim to prepare the nation for the next significant cybersecurity incidents, making up for lost time due to the previous administration's relative inattention to the topic. Learn what you need to know about defending critical infrastructure. |

Cybersecurity

Cybersecurity CSO Technology

GAO report faults CIOs, OMB for slow adoption of cybersecurity recommendations

CSO Magazine

AUGUST 3, 2021

The US General Accountability Office (GAO) issued the 19-page report , “Cybersecurity and Information Technology: Federal Agencies need to Strengthen Efforts to Address High-Risk Areas” on July 29. Sign up for CSO newsletters. ]. Both pointed out shortcomings in the cyber readiness of the United States government.

CSO

CSO Cybersecurity Government Accountability

How deepfakes enhance social engineering and authentication threats, and what to do about it

CSO Magazine

OCTOBER 25, 2021

Deepfake technology is an escalating cybersecurity threat to organizations. Get the latest from CSO by signing up for our newsletters. ] Get the latest from CSO by signing up for our newsletters. ] Learn what makes these 6 social engineering techniques so effective. | To read this article in full, please click here

Social Engineering

Social Engineering Engineering Authentication CSO

Top cybercrime gangs use targeted fake job offers to deploy stealthy backdoor

CSO Magazine

APRIL 6, 2021

Check out these 11 phishing prevention tips for best technology practices, employee education and social media smarts. | Get the latest from CSO by signing up for our newsletters. ] To read this article in full, please click here

Cybercrime

Cybercrime CSO Education Media

6 zero trust myths and misconceptions

CSO Magazine

OCTOBER 18, 2021

Interest in zero trust is surging, according to IDG’s 2020 Security Priorities Study, with 40% of survey respondents saying they are actively researching zero trust technologies, up from only 11% in 2019, and 18% of organizations indicating they already have zero trust solutions, more than double the 8% in 2018.

CSO

CSO Marketing Technology

Coca-Cola trade secret theft underscores importance of insider threat early detection

CSO Magazine

APRIL 6, 2021

She is accused of trade secret theft and economic espionage after allegedly stealing bisphenol-A-free (BPA-free) technologies owned by several companies, including her former employers Coca-Cola and Eastman Chemical Company. The value placed on the development of the stolen technologies is $119.6 Sign up for CSO newsletters. ].

CSO

CSO Threat Detection Technology Cybersecurity

6 risk factors to know when hiring an MSSP

CSO Magazine

AUGUST 13, 2021

Sign up for CSO newsletters. ]. The analyst firm discovered that CISOs everywhere are struggling to justify their spending on MSSPs to non-security executives because of a lack of proper metrics and because of technology complexity—among other things.

Risk

Risk CSO CISO Technology

US charges four suspected Chinese spies who coordinated APT40 hackers

CSO Magazine

JULY 19, 2021

Sign up for CSO newsletters. ]. According to the indictment , the APT40 group operated out of a company called Hainan Xiandun Technology Development that was used as a front by the Hainan State Security Department (HSSD), an arm of MSS in the province of Hainan.

CSO

CSO Technology Cybersecurity

ICYMI: A Look Back at Exposure Management Academy Highlights

Security Boulevard

MAY 26, 2025

In this post, we look at a few of the highlights, focusing on the work of three Tenable thought leaders: information security engineer Arnie Cabral, CSO Robert Huber and CIO Patricia Grant. Ultimately, you cant do exposure management the right way without a strong relationship between the CIO and the CSO, she wrote.

CSO

CSO Risk Cyber Risk Engineering

Google launches Secure AI Framework to help secure AI technology

CSO Magazine

JUNE 9, 2023

Google, owner of the generative AI chatbot Bard and parent company of AI research lab DeepMind, said a framework across the public and private sectors is essential for making sure that responsible actors safeguard the technology that supports AI advancements so that when AI models are implemented, they’re secure-by-default.

Technology

Technology Risk

Top cybersecurity M&A deals for 2022

CSO Magazine

JANUARY 14, 2022

Many of the 2021 transactions CSO reported were in the identity and cloud security markets, especially toward the end of the year. Recorded Future’s acquisition of SecurityTrails is an early 2022 example, as it adds attack surface monitoring technology to Recorded Future’s offerings. That’s up from 94 for the same period in 2020.

CSO

CSO Cybersecurity Marketing Technology

Uber CISO's trial underscores the importance of truth, transparency, and trust

CSO Magazine

MAY 19, 2022

Case in point: A federal judge recently ordered Uber Technologies to work with its former CSO, Joseph Sullivan (who held the position from April 2015 to November 2017), and review a plethora of Uber documents that Sullivan has requested in unredacted form for use in his defense in the upcoming criminal trial.

CISO

CISO CSO Data breaches Media

Chris Wysopal: Open source is becoming a national security risk

CSO Magazine

MAY 25, 2022

Chris Wysopal, founder and chief technology officer of application security company Veracode, sat down with CSO Senior Writer Lucian Constantin at a recent Security Summit to discuss just that.

CSO

CSO Risk Software Government

BrandPost: The state of operational technology and cybersecurity

CSO Magazine

MAY 26, 2023

Today, the convergence of operational technology (OT) and IT networks is accelerating because organizations can use the data collected by physical equipment and Industrial Internet of Things (IIoT) devices to identify issues and increase efficiency.

Technology

Technology Cybersecurity Data collection Internet

How to choose an endpoint protection suite

CSO Magazine

SEPTEMBER 28, 2021

Studies show that CSO readers are most likely to know that endpoint protection is the modern iteration of the antivirus tools of previous generations. Okay, I made that first part up, but the second part is, of course, true. Endpoint protection covers much more than antimalware.

Antivirus

Antivirus CSO Spyware Phishing

GAO calls out US government agencies: Get your supply chain security act together

CSO Magazine

JUNE 8, 2021

In May 2021, the GAO’s director of information technology and cybersecurity, Vijay A. Get the latest from CSO by signing up for our newsletters. ]. D’Souza, testified before Congress on supply chain risks.

Government

Government CSO Risk Accountability

5 best practices for designing application logs

CSO Magazine

AUGUST 11, 2021

Sign up for CSO newsletters. ]. Schmitt, who is now in her early 30s, has always been passionate about technology, so she didn't buy into this. She shouldn't worry—maybe it's just stress. Learn 12 tips for effectively presenting cybersecurity to the board and 6 steps for building a robust incident response plan.

CSO

CSO Technology Cybersecurity

Iranian APT targets aerospace and telecom firms with stealthy ShellClient Trojan

CSO Magazine

OCTOBER 6, 2021

The goal of the attacks is the theft of information about the victims' infrastructure, technology and critical assets. [ Sign up for CSO newsletters ! ] Security firm Cybereason has dubbed the campaign Operation GhostShell and said it targeted primarily companies in the Middle East, but also in the US, Europe and Russia.

CSO

CSO Technology Malware

Threat intelligence programs poised for growth

CSO Magazine

JUNE 12, 2023

In my last CSO article , I detailed cybersecurity professionals’ opinions on the characteristics of a mature cyber-threat intelligence (CTI) program. Alas, most CTI programs are far from mature, but this may change over the next few years as most enterprise organizations bolster CTI program investment.

CSO

CSO Cyber threats Technology Cybersecurity

BrandPost: Overcoming the Top Technology, Process, and People Challenges Faced by CISOs

CSO Magazine

DECEMBER 19, 2022

First, is the tie to their current technology, which often suffers from complexity and siloed operations that prevent automation. Many organizations struggle to define the right process within their teams, technology stacks, and across users and suppliers. The second challenge is process-related.

CISO

CISO Technology

BrandPost: Three Essential Security Technologies to Combat Ransomware

CSO Magazine

SEPTEMBER 29, 2021

Over the past year we’ve seen an explosion in ransomware attacks – over 10x according to FortiGuard Labs – making the odds increasingly high that your organization will be attacked. In fact, a recent ransomware survey demonstrates that ransomware has become the top threat concern for most organizations globally.

Ransomware

Ransomware Technology

IT asset disposal is a security risk CISOs need to take seriously

CSO Magazine

JUNE 21, 2021

Asset disposal normally isn’t one of those burning topics that is top-of-mind for CISOs, yet every CISO must be able to address it when asked to describe their information technology asset disposal (ITAD) program. Sign up for CSO newsletters. ]. Sign up for CSO newsletters. ].

CISO

CISO Risk CSO Accountability

Johnson & Johnson CISO Marene Allison: ‘You can’t sit on today’s technology’

CSO Magazine

JULY 15, 2022

The oath Marene Allison took years ago to defend and protect the United States is the same tenet that now guides her work maintaining cybersecurity at one of the largest pharmaceutical and consumer packaged goods manufacturers in the world.

CISO

CISO Technology Manufacturing Healthcare

BrandPost: Your Employees Aren’t the Problem—It’s Your Technology

CSO Magazine

OCTOBER 15, 2021

Insider breaches are growing – because you can actually see them In their annual look at trends in cyber security , Forrester made a few startling revelations: 33% of your breaches in 2021 are going to be insider threat related. Insider threat incidents are expected to grow 8% in 2021 .

Technology

Technology Risk Cybersecurity

DXC Technology says global network is not compromised following Latitude Financial breach

CSO Magazine

MARCH 30, 2023

Soon after Latitude Financial revealed it suffered a cyber attack, DXC Technology quietly published a note on its website stating its global network and customer support networks were not compromised.

Technology

Technology Insurance Cyber Attacks

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

The Last Watchdog

MAY 5, 2022

About the essayist: Den Jones, CSO at Banyan Security , which supplies s imple, least-privilege, multi-cloud application access technologies. Food for thought, eh!

Ransomware

Ransomware Risk Internet Internet

Australian electric grid vulnerable to Cyber Attacks via Solar Panels

CyberSecurity Insiders

MARCH 14, 2022

Nowadays, companies are showing a lot of interest in offering products loaded with connected technology. And unless these devices are secure enough, their usage can invite more troubles,” said Alistair MacGibbon, the CSO of CyberCX.

Cyber Attacks

Cyber Attacks CSO Manufacturing Cyber threats

BrandPost: The Cybercrime Crisis: Advanced & Automated DDoS Technology is Essential NOW

CSO Magazine

NOVEMBER 5, 2021

As NETSCOUT’s 1H 2021 Threat Intelligence Report shows, the long tail of cybercrime innovation swept through the lockdown days of the COVID-19 pandemic to infiltrate the bulk of 2021. The vulnerabilities introduced by the global shift to online work and play are admittedly an outlier event.

Cybercrime

Cybercrime Technology DDOS

MY TAKE: RSAC 2025’s big takeaway — GenAI is growing up fast, but still needs human direction

The Last Watchdog

MAY 5, 2025

Jay” Abdullah , Mastercards Deputy CSO who gave a keynote address at The CSA Summit from Cloud Security Alliance at RSAC 2025. Must have skill: prompt engineering Jamison Utter, security evangelist at A10 Networks , a supplier of network performance and DDoS defense technologies, was especially candid.

Engineering

Engineering DDOS Threat Detection Artificial Intelligence

Cybersecurity Snapshot: CSA Outlines Data Security Challenges and Best Practices, While ISACA Offers Tips To Retain IT Pros

Security Boulevard

MARCH 7, 2025

(Source: ISACAs Tech Workplace and Culture 2025 report, March 2025) For more information about recruiting and retaining cybersecurity professionals: 10 Ways to Boost Cybersecurity Talent Retention (InformationWeek) 60% of cybersecurity pros looking to change employers (CSO) The cybersecurity industry has an urgent talent shortage.

Cybersecurity

Cybersecurity Scams CSO Risk

Tracking device technology: A double-edged sword for CISOs

CSO Magazine

MARCH 6, 2023

The transportation industry has doubled down in the area of fleet tracking in recent years, which has come with great benefits and not a few security headaches.

CISO

CISO Technology Cybersecurity

Episode 250: Window Snyder of Thistle on Making IoT Security Easy

The Security Ledger

MAY 13, 2023

In this episode of the podcast, I speak with Window Snyder, the founder and CEO of Thistle Technologies about the (many) security challenges facing Internet of Things (IoT) devices and her idea for making things better: Thistle’s platform for secure development and deployment of IoT devices. The post Episode 250: Window Snyder of Thistle on.

IoT

IoT Internet Internet Technology

NIST Unveils Groundbreaking Post-Quantum Cryptography Standards

SecureWorld News

AUGUST 14, 2024

National Institute of Standards and Technology (NIST) announced the finalization of three post-quantum cryptography standards, marking a significant milestone in the effort to secure digital communications against the looming threat of quantum computing. You may view the session on-demand here.

Encryption

Encryption CSO System Administration Backups

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

Exposure Management Works When the CIO and CSO Are in Sync

Trending Sources

A Chief Security Concern for Executive Teams

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

CSO's ultimate guide to security and privacy laws, regulations, and compliance

Why CISO roles require business and technology savvy

11 technologies improving database security

Recent shadow IT related incidents present lessons to CISOs

Cybersecurity’s Comfort Zone Problem: Are you Guilty of it?

New Intel CPU-level threat detection capabilities target ransomware

What is physical security? How to keep your facilities and devices safe from on-site attackers

Biden memo, infrastructure deal deliver cybersecurity performance goals and money

GAO report faults CIOs, OMB for slow adoption of cybersecurity recommendations

How deepfakes enhance social engineering and authentication threats, and what to do about it

Top cybercrime gangs use targeted fake job offers to deploy stealthy backdoor

6 zero trust myths and misconceptions

Coca-Cola trade secret theft underscores importance of insider threat early detection

6 risk factors to know when hiring an MSSP

US charges four suspected Chinese spies who coordinated APT40 hackers

ICYMI: A Look Back at Exposure Management Academy Highlights

Google launches Secure AI Framework to help secure AI technology

Top cybersecurity M&A deals for 2022

Uber CISO's trial underscores the importance of truth, transparency, and trust

Chris Wysopal: Open source is becoming a national security risk

BrandPost: The state of operational technology and cybersecurity

How to choose an endpoint protection suite

GAO calls out US government agencies: Get your supply chain security act together

5 best practices for designing application logs

Iranian APT targets aerospace and telecom firms with stealthy ShellClient Trojan

Threat intelligence programs poised for growth

BrandPost: Overcoming the Top Technology, Process, and People Challenges Faced by CISOs

BrandPost: Three Essential Security Technologies to Combat Ransomware

IT asset disposal is a security risk CISOs need to take seriously

Johnson & Johnson CISO Marene Allison: ‘You can’t sit on today’s technology’

BrandPost: Your Employees Aren’t the Problem—It’s Your Technology

DXC Technology says global network is not compromised following Latitude Financial breach

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

Australian electric grid vulnerable to Cyber Attacks via Solar Panels

BrandPost: The Cybercrime Crisis: Advanced & Automated DDoS Technology is Essential NOW

MY TAKE: RSAC 2025’s big takeaway — GenAI is growing up fast, but still needs human direction

Cybersecurity Snapshot: CSA Outlines Data Security Challenges and Best Practices, While ISACA Offers Tips To Retain IT Pros

Tracking device technology: A double-edged sword for CISOs

Episode 250: Window Snyder of Thistle on Making IoT Security Easy

NIST Unveils Groundbreaking Post-Quantum Cryptography Standards

Stay Connected