InfoSec, Risk and Technology - Cyber Security Informer

Demand, CyberInsurance, and Automation/AI Are the Future of InfoSec

Daniel Miessler

NOVEMBER 6, 2020

2021-2030) A Surge in Demand for InfoSec people will result in many more professionals being trained and placed within companies, likely using more of a trade/certification model than a 4-year university model. That’s the distant future of InfoSec, with humans playing less and less a part in the equation as time goes on.

InfoSec

InfoSec Insurance Artificial Intelligence Cybersecurity

Iterative scientific infosec

Notice Bored

MAY 25, 2022

There is a strong argument to facilitate much more sharing of information about information risk and security, incidents, controls etc. So, this morning I've been thinking about the applications of those principles and mechanisms to information risk management, putting infosec under the microscope.

InfoSec

InfoSec Risk Antivirus Government

Professional services infosec policy template

Notice Bored

MAY 12, 2022

Professional services engagements, and hence the associated information risks, are so diverse that it made no sense to specify particular infosec controls, except a few examples. This is another shining example of the value of the 'information ownership' concept. and that once again emphasises that corporate policies form a mesh.

InfoSec

InfoSec Risk Accountability Government

The Clock To Q-Day Is Ticking: InfoSec Global and Thales Provide Collaborative Path to Quantum Readiness

Thales Cloud Protection & Licensing

FEBRUARY 19, 2024

Vladimir Soukharev, InfoSec Global The advent of quantum computers poses a substantial threat to various industries due to their potential to compromise standard encryption methods that protect global data, communications, and transactions. This vulnerability could expose sensitive enterprise information to risk. In the U.S.,

InfoSec

InfoSec Encryption Risk Marketing

Managing Cybersecurity Risk in M&A

Cisco Security

SEPTEMBER 26, 2022

As Technology Audit Director at Cisco, Jacob Bolotin focuses on assessing Cisco’s technology, business, and strategic risk. Bolotin champions the continued advancement of the technology audit profession and received a master’s degree in cybersecurity from the University of California Berkeley.

Risk

Risk Cybersecurity Technology InfoSec

CISA releases Insider Risk Mitigation Self-Assessment Tool

Security Affairs

SEPTEMBER 30, 2021

The US CISA has released a new tool that allows to assess the level of exposure of organizations to insider threats and devise their own defense plans against such risks. The tool elaborates the answers of the organizations to a survey about their implementations of a risk program management for insider threats. Pierluigi Paganini.

Risk

Risk InfoSec Ransomware Technology

Seeds of Destruction: Cyber Risk Is Growing in Agriculture

The Security Ledger

MAY 4, 2021

In this episode of the podcast (#213): Molly Jahn of DARPA and University of Wisconsin joins us to talk about the growing cyber risk to the Food and Agriculture sector, as industry consolidation and precision agriculture combine to increase the chances of cyber disruption of food production. Read the whole entry. »

Cyber Risk

Cyber Risk Risk Digital transformation InfoSec

CISA Order Highlights Persistent Risk at Network Edge

Krebs on Security

JUNE 15, 2023

Mandiant said the attackers will continue to change their tactics and malware, “especially as network defenders continue to take action against this adversary and their activity is further exposed by the infosec community.” “COVID-19 extended the life of these companies and technologies, and that’s unfortunate.”

Risk

Risk VPN Internet Internet

Hi-5 With A CISO Dmitriy Sokolovskiy, Avid Technology

Security Boulevard

MAY 20, 2021

CybeReady’s Hi-5 brings together InfoSec leaders for peer-to-peer sharing via five short questions and insights. The post Hi-5 With A CISO <br><br> Dmitriy Sokolovskiy, Avid Technology appeared first on CybeReady. The post Hi-5 With A CISO Dmitriy Sokolovskiy, Avid Technology appeared first on Security Boulevard.

CISO

CISO Technology InfoSec Information Security

Why Is Shadow IT a Growing Cybersecurity Risk?

SecureWorld News

AUGUST 13, 2023

To experiment with new technologies. Whatever the reason, shadow IT can pose a serious security risk to organizations. This means that they are more vulnerable to attack, and any data stored on them is at risk. This means that they are more vulnerable to attack, and any data stored on them is at risk. Probably not.

Risk

Risk Cybersecurity Education Technology

Resecurity Named Winner of the Coveted Global InfoSec Awards During RSA Conference 2021

CyberSecurity Insiders

MAY 27, 2021

Next-Gen in Third-Party Risk Management (TPRM). We knew the competition would be tough and with top judges who are leading infosec experts from around the globe, we couldn’t be more pleased,” said Gene Yoo, CEO of Resecurity. Join a webinar at [link] and realize that infosec knowledge is power. About Cyber Defense Magazine.

InfoSec

InfoSec B2C B2B Media

Herjavec Group Wins 4 Cyber Defense Magazine Global InfoSec Awards

Herjavec Group

MAY 17, 2021

As the global leader in Managed Security Services, Herjavec Group has demonstrated the innate ability to combine the power of technology, AI, and automation with human intelligence to optimize the IT security monitoring, incident detection, and incident response times of enterprises globally. HG Mana ged Detection & Response (MDR) .

InfoSec

InfoSec Marketing Technology B2C

How Aflac maximizes security ROI

CSO Magazine

JUNE 8, 2022

With rapidly evolving threats and increased business risk, security leaders are constantly pressed by the question: Do we have the right technology, people, and processes in place to protect the organization? For more of Goldsworthy’s insights, watch the full video of the event session embedded below.

InfoSec

InfoSec Technology Risk

Episode 209: Fortinet’s Renee Tarun on Scaling InfoSec To Meet Tomorrow’s Challenges

The Security Ledger

APRIL 2, 2021

The post Episode 209: Fortinet’s Renee Tarun on Scaling InfoSec To Meet Tomorrow’s Challenges appeared first on The. Fixing InfoSec Demands Scale, Diversity. Read the whole entry. » The information security industry is simultaneously robust and beset by problems and challenges.

InfoSec

InfoSec CISO Information Security Cyber Risk

The Hacker Mind: Shattering InfoSec's Glass Ceiling

ForAllSecure

MARCH 8, 2023

Booth babes and rampant sexism were more of a problem in infosec in the past. And I always want it to be in technology or computer science in the choice but I could very easily do like electrical engineering or any other engineering discipline. That is, until Chenxi Wang spoke up. Today she runs a 100% woman owned VC. WANG : Oh, yeah.

InfoSec

InfoSec Engineering CSO Technology

Purdue University’s CERIAS 2021 Security Symposium – Randall Brooks’ ‘Cyber Supply Chain Risk Management (SCRM) And Its Impact On Information And Operational Technology’

Security Boulevard

APRIL 3, 2022

The post Purdue University’s CERIAS 2021 Security Symposium – Randall Brooks’ ‘Cyber Supply Chain Risk Management (SCRM) And Its Impact On Information And Operational Technology’ appeared first on Security Boulevard.

Technology

Technology Risk Education InfoSec

Your Digital Immortality is Coming, Apple and Google Are Data Gatekeepers, Satellite Security Risks Revealed

Security Boulevard

JULY 30, 2023

Listen to our discussion about this cutting-edge technology and its potential impact on our privacy. Join […] The post Your Digital Immortality is Coming, Apple and Google Are Data Gatekeepers, Satellite Security Risks Revealed appeared first on Shared Security Podcast. Have these tech companies gone too far?

Risk

Risk Technology Data privacy InfoSec

CERIAS – Randall Brooks’ Cyber Supply Chain Risk Management (SCRM) And Its Impact On Information And Operational Technology’

Security Boulevard

APRIL 5, 2021

The post CERIAS – Randall Brooks’ Cyber Supply Chain Risk Management (SCRM) And Its Impact On Information And Operational Technology’ appeared first on Security Boulevard. Many thanks to CERIAS Purdue University for publishing their outstanding videos on the organization's YouTube channel.

Technology

Technology Risk Education InfoSec

Business Must Change: InfoSec in 2019

The Falcon's View

JANUARY 3, 2019

Consider, if you will, that fundamentally we in infosec want people to make better decisions. No matter how you look at it, DevOps is the way that business should operate, and that is - interestingly enough - exactly matched to the org management model that Laloux describes (without ever getting into technology or DevOps!).

InfoSec

InfoSec Engineering Digital transformation CISO

Private Tweets Exposed, Unauthorized Tracking Collaboration, AI Risks and Regulation

Security Boulevard

MAY 14, 2023

Finally, we explore the US government’s […] The post Private Tweets Exposed, Unauthorized Tracking Collaboration, AI Risks and Regulation appeared first on Shared Security Podcast. The post Private Tweets Exposed, Unauthorized Tracking Collaboration, AI Risks and Regulation appeared first on Security Boulevard.

Risk

Risk Artificial Intelligence Data privacy Technology

CISO Liability Risk and Jail Time, (ISC)2 Bylaw Vote and the Value of Cybersecurity Certifications

Security Boulevard

OCTOBER 30, 2022

Rafal Los, host of the popular Down the Security Rabbithole Podcast, joins us to discuss CISO liability risk and the ongoing discussion in the cybersecurity community about CISOs going to jail. The post CISO Liability Risk and Jail Time, (ISC)2 Bylaw Vote and the Value of Cybersecurity Certifications appeared first on Security Boulevard.

CISO

CISO Risk Cybersecurity Data privacy

Spotlight on Cybersecurity Leaders: Bill Bowman

SecureWorld News

FEBRUARY 26, 2024

He is the father of five children and gives talks on helping families work through social media and technology challenges. A : When I was with Bright Horizons, many top-tier clients demanded InfoSec competence. A : Moving the reporting line to risk (GC/CLO); using AI. I learned from them. A : Phil Venables.

Cybersecurity

Cybersecurity CISO InfoSec Data privacy

Stepping on the cracks

Notice Bored

MAY 24, 2021

T he recently-published ISO/IEC TS 27570 " Privacy guidelines for smart cities" neatly illustrates the creativity required to tackle new information risks arising from innovation in the realm of IoT, AI and short range data communications between the proliferating portable, wearable and mobile IT devices now roaming our city streets.

InfoSec

InfoSec Risk IoT Information Security

News alert: Traceable celebrates winning the prestigious SINET16 Innovator Award for 2023

The Last Watchdog

OCTOBER 31, 2023

The SINET16 Innovator Award recognizes the most innovative companies and technologies addressing today’s top cybersecurity threats and vulnerabilities. Traceable enables organizations to minimize risk and maximize the value that APIs bring their customers. San Francisco, Calif.,

InfoSec

InfoSec Firewall Cybersecurity Technology

Why Taylor Swift Fans Should Work in Cybersecurity

SecureWorld News

SEPTEMBER 12, 2023

These skills also happen to apply to information security (infosec) and cyber threat intelligence and research. And you'll leave your first infosec conference with an armful of them. From network to endpoint to cloud , the cybersecurity industry does its own genre blending, evolving with advances in technology.

Cybersecurity

Cybersecurity InfoSec Threat Detection Accountability

CyberSaint STRONGER 2022 Conference Call for Speakers is Open!

CyberSecurity Insiders

FEBRUARY 1, 2022

BOSTON–( BUSINESS WIRE )– CyberSaint , the developer of the leading platform delivering cyber risk automation, today announced that the company is seeking speaker submissions for its virtual STRONGER conference, set to occur September 13th-15th 2022. Conference Tracks: Frameworks, Security, & Risk. InfoSec 360.

Digital transformation

Digital transformation InfoSec CISO Education

Juice Jacking Debunked, Photographer vs. AI Dataset, Google Authenticator Risks

Security Boulevard

MAY 7, 2023

Next, we dive into a case where a photographer tried to get his photos removed from an AI dataset, only to receive an invoice instead of having his photos taken […] The post Juice Jacking Debunked, Photographer vs. AI Dataset, Google Authenticator Risks appeared first on Shared Security Podcast.

Authentication

Authentication Risk Cyber Attacks Data privacy

OpenText Blends Security, Data Protection for Greater Cyber Resilience

Dark Reading

AUGUST 6, 2020

SPONSORED CONTENT: Infosec professionals are taking advantage of technology hybrids to keep users, data, and their networks more safe, according to Hal Lonas of OpenText's Webroot division. And they're also finding new ways to use artificial intelligence and machine learning to improve security management and reduce risk.

Artificial Intelligence

Artificial Intelligence InfoSec Technology Risk

December 15 Marks Deadline for SEC's New Cyber Disclosure Rules

SecureWorld News

DECEMBER 11, 2023

We covered the new rules on July 31, with some thoughts from InfoSec leaders. Public companies will also have to share details about their "cybersecurity risk management, strategy, and governance" on an annual basis. The threat of cyber disruption is material and represents a risk to businesses. Immediately or not, Dec.

CISO

CISO Risk Cybersecurity CSO

Cyber CEO: 3 Key Components for Resilient Third Party Risk Management

Herjavec Group

APRIL 26, 2021

Third-party risk is a hot topic in the world of cybersecurity. The recent SolarWinds breach was a tough reminder that technological advancement will always carry inherent risks. former CEO of RSA Security) for a virtual fireside chat last week to chat about third-party risk. So where does that leave us?

Risk

Risk Government InfoSec Cybersecurity

Announcing the public availability of the Cisco Cloud Controls Framework (CCF)

Cisco Security

MAY 5, 2022

A strategic compliance and risk management approach is as essential to the success of an organization as its product strategy. ISO IEC 27001:2013 – Information technology — Security techniques — Information security management systems — Requirements. Infosec Registered Assessors Program (IRAP December 2020).

Marketing

Marketing InfoSec Risk Technology

Peer Report Explores Concerns, Challenges Facing Cybersecurity Leaders

SecureWorld News

AUGUST 23, 2023

This morning, Critical Start released its first ever Cyber Risk Landscape Peer Report , which explores some of the major concerns and challenges currently confronting cybersecurity leaders as they manage risk within their organizations. Here are some comments on the cyber risk landscape from cybersecurity vendor experts.

Cybersecurity

Cybersecurity Cyber Risk Risk Cyber Insurance

VMware adds Cloud Security extension to Containers and Kubernetes

CyberSecurity Insiders

APRIL 7, 2021

Initially, when it was released in December, Carbon Black Container was only used to help track down misconfiguration and other security risks. Now, the newly developed vulnerability identity and management tool helps scan all container images to track down security risks at time and build them into production environments.

InfoSec

InfoSec Risk Technology Cybersecurity

Episode 144: Infosec Supporting Right to Repair with Joe Grand and Kyle Wiens

The Security Ledger

APRIL 30, 2019

The post Episode 144: Infosec Supporting Right to Repair with Joe Grand and Kyle Wiens appeared first on The Security Ledger. Households Introducing Securepairs.org: Fighting Infosec FUD for the Right to Repair. A concerted lobbying effort by major technology, heavy equipment, telecommunications and electronics firms, that’s what.

InfoSec

InfoSec Computers and Electronics Telecommunications Software

People-Centric Security (or Bottoms-Up)

Security Boulevard

NOVEMBER 17, 2022

One source of data that is typically missing from an infosec program is user, or employee driven data. Data should be used to monitor the health of information security, report on it, improve it, and proactively mitigate risks.One source of data that is typically missing from an infosec program is user, or employee driven data.

InfoSec

InfoSec Passwords Risk Information Security

Quantum Computing: A Looming Threat to Organizations and Nation States

SecureWorld News

SEPTEMBER 7, 2023

Director of Information Security, State of Colorado Governor's Office of Information Technology; and Toby Zimmerer, Sr. The panel will tackle topics and questions, including: The potential risks quantum computing poses to current cryptographic methods. When will these risks come to fruition, and who are the main threat actors?

Encryption

Encryption Technology Risk Architecture

Importance of Cybersecurity Profession Highlights SecureWorld Chicago

SecureWorld News

JUNE 13, 2023

It was fitting that the opening keynote panel for SecureWorld Chicago on June 8th was titled " Making the Cybersecurity Music: Navigating Challenges and Opportunities in Today's InfoSec Landscape. Well, information security, cybersecurity happens to be a critical part of the business, being able to achieve strategic objectives.

Cybersecurity

Cybersecurity CISO InfoSec Risk

Five 2023 Cybersecurity Predictions by Doug Dooley

CyberSecurity Insiders

DECEMBER 6, 2022

Many technology workers will resign from their comfortable, high-paying jobs at larger employers. Starting in 2023, we will see a growing trend of experienced CISOs exit and retire to other opportunities like joining security and technology vendors, startups, investors, and board members.

Cybersecurity

Cybersecurity CISO InfoSec Technology

GUEST ESSAY: How and why ‘pen testing’ will continue to play a key role in cybersecurity

The Last Watchdog

MARCH 15, 2021

When we look at society today, we can see that we are moving further and further ahead with technology. In fact, there is evidence that technology grows exponentially fast. Since we are quickly putting out large technologies, security risks always come with this. As mentioned earlier, technology is rapidly expanding.

Penetration Testing

Penetration Testing Social Engineering Cybersecurity Engineering

Build an insider threat management program that involves everyone

SC Magazine

JULY 13, 2021

Today’s columnist, Deborah Watson of Proofpoint, says with so much work conducted via virtual meetings, risk has increased and businesses have to pay more attention to an insider threat management program. Think of Insider Threat Management Programs (ITMPs) as a holistic focus on managing the risks that insiders pose to your corporate assets.

Risk

Risk InfoSec Media Technology

Thinking About the Future of InfoSec (v2022)

Daniel Miessler

MARCH 20, 2022

The ideas will cover multiple aspects of InfoSec, from organizational structure to technology. Technology. At the highest level, I think the big change to InfoSec will be a loss of magic compared to now. Technology. HT to Jeremiah Grossman to also being very early to seeing the role of insurance in InfoSec.

InfoSec

InfoSec Insurance Engineering Technology

Key Learnings from 20th Annual Detroit Conference

SecureWorld News

OCTOBER 4, 2022

Paul Rapier, Vice President of Information Technology for the Detroit Pistons, led a discussion on best practices for InfoSec teams. Manager of Third-Party Risk at Raytheon Technologies. Moving on through the first day of the conference, we had some sessions unique to the city of Detroit.

InfoSec

InfoSec Cybersecurity Cryptocurrency Technology

The 7 Biggest Cybersecurity Scoops from February 2015

SiteLock

AUGUST 27, 2021

2015 Cyber Security Risks. TechRadar recently posted an article covering the top seven cyber security risks that businesses should be aware of for 2015. The Infosec Institute recently wrote a topic on the subject, which can be read here. Read the full story here on Hot for Security. Heartbleed: Almost a Year Later.

Passwords

Passwords Cybersecurity Internet Internet

7 Best Attack Surface Management Software for 2024

eSecurity Planet

DECEMBER 20, 2023

Attack surface management (ASM) is a relatively new cybersecurity technology that combines elements of vulnerability management and asset discovery with the automation capabilities of breach and attack simulation (BAS) and applies them to an organization’s entire IT environment, from networks to the cloud.

Software

Software Risk Architecture Internet

Demand, CyberInsurance, and Automation/AI Are the Future of InfoSec

Iterative scientific infosec

Trending Sources

Professional services infosec policy template

The Clock To Q-Day Is Ticking: InfoSec Global and Thales Provide Collaborative Path to Quantum Readiness

Managing Cybersecurity Risk in M&A

CISA releases Insider Risk Mitigation Self-Assessment Tool

Seeds of Destruction: Cyber Risk Is Growing in Agriculture

CISA Order Highlights Persistent Risk at Network Edge

Hi-5 With A CISO Dmitriy Sokolovskiy, Avid Technology

Why Is Shadow IT a Growing Cybersecurity Risk?

Resecurity Named Winner of the Coveted Global InfoSec Awards During RSA Conference 2021

Herjavec Group Wins 4 Cyber Defense Magazine Global InfoSec Awards

How Aflac maximizes security ROI

Episode 209: Fortinet’s Renee Tarun on Scaling InfoSec To Meet Tomorrow’s Challenges

The Hacker Mind: Shattering InfoSec's Glass Ceiling

Purdue University’s CERIAS 2021 Security Symposium – Randall Brooks’ ‘Cyber Supply Chain Risk Management (SCRM) And Its Impact On Information And Operational Technology’

Your Digital Immortality is Coming, Apple and Google Are Data Gatekeepers, Satellite Security Risks Revealed

CERIAS – Randall Brooks’ Cyber Supply Chain Risk Management (SCRM) And Its Impact On Information And Operational Technology’

Business Must Change: InfoSec in 2019

Private Tweets Exposed, Unauthorized Tracking Collaboration, AI Risks and Regulation

CISO Liability Risk and Jail Time, (ISC)2 Bylaw Vote and the Value of Cybersecurity Certifications

Spotlight on Cybersecurity Leaders: Bill Bowman

Stepping on the cracks

News alert: Traceable celebrates winning the prestigious SINET16 Innovator Award for 2023

Why Taylor Swift Fans Should Work in Cybersecurity

CyberSaint STRONGER 2022 Conference Call for Speakers is Open!

Juice Jacking Debunked, Photographer vs. AI Dataset, Google Authenticator Risks

OpenText Blends Security, Data Protection for Greater Cyber Resilience

December 15 Marks Deadline for SEC's New Cyber Disclosure Rules

Cyber CEO: 3 Key Components for Resilient Third Party Risk Management

Announcing the public availability of the Cisco Cloud Controls Framework (CCF)

Peer Report Explores Concerns, Challenges Facing Cybersecurity Leaders

VMware adds Cloud Security extension to Containers and Kubernetes

Episode 144: Infosec Supporting Right to Repair with Joe Grand and Kyle Wiens

People-Centric Security (or Bottoms-Up)

Quantum Computing: A Looming Threat to Organizations and Nation States

Importance of Cybersecurity Profession Highlights SecureWorld Chicago

Five 2023 Cybersecurity Predictions by Doug Dooley

GUEST ESSAY: How and why ‘pen testing’ will continue to play a key role in cybersecurity

Build an insider threat management program that involves everyone

Thinking About the Future of InfoSec (v2022)

Key Learnings from 20th Annual Detroit Conference

The 7 Biggest Cybersecurity Scoops from February 2015

7 Best Attack Surface Management Software for 2024

Stay Connected