CISO

Weak alerting and slipping prevention raise risk levels for CISOs

CISO, cyber risk, cybersecurity, Don't miss, News, Picus Security, report, strategy, survey, tips /

Weak alerting and slipping prevention raise risk levels for CISOs 2025-08-18 at 07:47 By Mirko Zorz Prevention effectiveness is falling, detection gaps remain wide, and attackers are exploiting weaknesses in data protection and credentials. Data theft prevention has dropped to 3 percent, password cracking success rates have nearly doubled, and new threat groups are bypassing […]

Weak alerting and slipping prevention raise risk levels for CISOs Read More »

Bridging the AI model governance gap: Key findings for CISOs

Anaconda, Artificial Intelligence, CISO, cybersecurity, monitoring, News, report, security controls, strategy, survey /

Bridging the AI model governance gap: Key findings for CISOs 2025-08-18 at 07:47 By Anamarija Pogorelec While most organizations understand the need for strong AI model governance, many are still struggling to close gaps that could slow adoption and increase risk. The findings of a new Anaconda survey of more than 300 AI practitioners and

Bridging the AI model governance gap: Key findings for CISOs Read More »

AWS CISO explains how cloud-native security scales with your business

access management, Amazon Web Services, Artificial Intelligence, AWS, CISO, Cloud, cloud security, cybersecurity, Don't miss, Features, Hot stuff, News, strategy /

AWS CISO explains how cloud-native security scales with your business 2025-08-13 at 09:01 By Mirko Zorz In this Help Net Security interview, Amy Herzog, CISO at AWS, discusses how cloud-native security enables scalable, flexible protection that aligns with how teams build in the cloud. She explains the Shared Responsibility Model and the tools and processes

AWS CISO explains how cloud-native security scales with your business Read More »

CISOs face a complex tangle of tools, threats, and AI uncertainty

CISO, cybersecurity, JumpCloud, News, report /

CISOs face a complex tangle of tools, threats, and AI uncertainty 2025-08-13 at 07:02 By Anamarija Pogorelec Most organizations are juggling too many tools, struggling with security blind spots, and rushing into AI adoption without governance, according to JumpCloud. he average organization now uses more than nine tools to manage core IT functions. That is

CISOs face a complex tangle of tools, threats, and AI uncertainty Read More »

APT groups are getting personal, and CISOs should be concerned

APT, attacks, CISO, cybersecurity, Data Protection, Don't miss, Doppel, Features, Hot stuff, how-to, News, Privacy, strategy, threats, tips /

APT groups are getting personal, and CISOs should be concerned 2025-08-12 at 14:42 By Mirko Zorz Instead of focusing only on corporate systems, some APT groups are now going after executives in their personal lives. Home networks, private devices, and even family members have become targets. This approach works because executives often work remotely, store

APT groups are getting personal, and CISOs should be concerned Read More »

What makes a security program mature and how to get there faster

CISO, Don't miss, Hot stuff, News, PlexTrac, strategy, tips, Video /

What makes a security program mature and how to get there faster 2025-08-12 at 08:31 By Help Net Security Security leaders are flush with tools and data, but it’s not helping their programs mature. In this Help Net Security video, PlexTrac’s Dan DeCloss outlines the 3 key gaps holding security programs back and what sets

What makes a security program mature and how to get there faster Read More »

Why DNS threats should be on every CISO’s radar in 2025

attacks, CISO, cybersecurity, DNS, Infoblox, News, report, threats /

Why DNS threats should be on every CISO’s radar in 2025 2025-08-12 at 07:32 By Sinisa Markovic DNS is once again in the crosshairs of threat actors. According to the 2025 DNS Threat Landscape Report by Infoblox, attackers are changing tactics, and enterprises are feeling the pressure. The report shows that DNS is being used

Why DNS threats should be on every CISO’s radar in 2025 Read More »

From legacy to SaaS: Why complexity is the enemy of enterprise security

access management, authentication, Bridge IT, CISO, cybersecurity, digital transformation, Don't miss, enterprise, Features, Hot stuff, identity verification, MFA, News, SaaS, security awareness, strategy, tips, zero trust /

From legacy to SaaS: Why complexity is the enemy of enterprise security 2025-08-11 at 08:32 By Mirko Zorz In this Help Net Security interview, Robert Buljevic, Technology Consultant at Bridge IT, discusses how the coexistence of legacy systems and SaaS applications is changing the way organizations approach security. He explains why finding the right balance

From legacy to SaaS: Why complexity is the enemy of enterprise security Read More »

Pentesting is now central to CISO strategy

Artificial Intelligence, CISO, cybersecurity, Data Protection, generative AI, News, penetration testing, report, supply chain /

Pentesting is now central to CISO strategy 2025-08-11 at 07:36 By Anamarija Pogorelec Security leaders are rethinking their approach to cybersecurity as digital supply chains expand and generative AI becomes embedded in critical systems. A recent survey of 225 security leaders conducted by Emerald Research found that 68% are concerned about the risks posed by

Pentesting is now central to CISO strategy Read More »

Third-party partners or ticking time bombs?

CISO, cyber risk, cybersecurity, CyXcel, Don't miss, Hot stuff, News, resilience, Risk Management, strategy, supply chain, third party compromise, tips, Video /

Third-party partners or ticking time bombs? 2025-08-08 at 08:46 By Help Net Security In this Help Net Security video, Ngaire Elizabeth Guzzetti, Technical Director Supply Chain at CyXcel, discusses why a third of U.S. organizations don’t trust third-party vendors to manage critical risks and what that means for supply chain security. She breaks down the

Third-party partners or ticking time bombs? Read More »

Beyond PQC: Building adaptive security programs for the unknown

CISO, Crypto, cybersecurity, Don't miss, Entrust, Features, Hot stuff, News, quantum computing /

Beyond PQC: Building adaptive security programs for the unknown 2025-08-07 at 09:15 By Mirko Zorz In this Help Net Security interview, Jordan Avnaim, CISO at Entrust, discusses how to communicate the quantum computing threat to executive teams using a risk-based approach. He explains why post-quantum cryptography (PQC) is an urgent and long-term priority. Avnaim also

Beyond PQC: Building adaptive security programs for the unknown Read More »

Cybersecurity and the development of software-defined vehicles

automotive security, CIO, CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, supply chain, VicOne /

Cybersecurity and the development of software-defined vehicles 2025-08-06 at 13:18 By Help Net Security In many automotive companies, the same systems-engineering teams are responsible for both safety and security. As a result, cybersecurity is treated as a subset of safety, undergirded by an implicit assumption: “If it’s safe, it must be secure.” But that’s not

Cybersecurity and the development of software-defined vehicles Read More »

Security tooling pitfalls for small teams: Cost, complexity, and low ROI

CISO, cloud security, Compliance, cybersecurity, Don't miss, Features, generative AI, GRC, Hot stuff, News, opinion, Risk Management, Scrut Automation, SMBs, strategy, tips /

Security tooling pitfalls for small teams: Cost, complexity, and low ROI 2025-08-05 at 10:11 By Mirko Zorz In this Help Net Security interview, Aayush Choudhury, CEO at Scrut Automation, discusses why many security tools built for large enterprises don’t work well for leaner, cloud-native teams. He explains how simplicity, integration, and automation are key for

Security tooling pitfalls for small teams: Cost, complexity, and low ROI Read More »

AIBOMs are the new SBOMs: The missing link in AI risk management

Artificial Intelligence, CISO, Compliance, cybersecurity, Don't miss, Features, Hot stuff, Manifest Cyber, News, opinion, risk, strategy, supply chain, tips /

AIBOMs are the new SBOMs: The missing link in AI risk management 2025-08-04 at 09:11 By Mirko Zorz In this Help Net Security interview, Marc Frankel, CEO at Manifest Cyber, discusses how overlooked AI-specific risks, like poisoned training data and shadow AI, can lead to security issues that conventional tools fail to detect. He explains

AIBOMs are the new SBOMs: The missing link in AI risk management Read More »

Average global data breach cost now $4.44 million

Artificial Intelligence, CISO, cybersecurity, data breach, Don't miss, Hot stuff, IBM, News, report, survey /

Average global data breach cost now $4.44 million 2025-08-04 at 08:37 By Anamarija Pogorelec IBM released its Cost of a Data Breach Report, which revealed AI adoption is greatly outpacing AI security and governance. While the overall number of organizations experiencing an AI-related breach is a small representation of the researched population, this is the

Average global data breach cost now $4.44 million Read More »

The surprising truth about identity security confidence

BeyondID, CISO, identity, News, Non Human Identities, report, security practices, survey /

The surprising truth about identity security confidence 2025-08-04 at 07:42 By Help Net Security Organizations most confident in their identity security are often the least prepared, according to a new report from BeyondID. The study reveals a troubling gap between what organizations believe about their identity security programs and how they actually behave. Surprisingly, those

The surprising truth about identity security confidence Read More »

It’s time to sound the alarm on water sector cybersecurity

CISA, CISO, critical infrastructure, cyber risk, cybersecurity, News, Semperis, strategy, tips /

It’s time to sound the alarm on water sector cybersecurity 2025-08-01 at 09:07 By Sinisa Markovic A cyberattack on a water facility can put entire communities and businesses at risk. Even a short disruption in clean water supply can have serious public health and safety consequences, and threat actors know the damage they can cause.

It’s time to sound the alarm on water sector cybersecurity Read More »

AI is changing the vCISO game

CISO, cybersecurity, Cynomi, Don't miss, News, report, risk assessment, SMBs, strategy, survey /

AI is changing the vCISO game 2025-07-31 at 08:02 By Anamarija Pogorelec Virtual CISO (vCISO) services have moved from niche to mainstream, with vCISO services adoption 2025 data showing a more than threefold increase in just one year. According to Cynomi’s 2025 State of the Virtual CISO report, 67% of MSPs and MSSPs now offer

AI is changing the vCISO game Read More »

The food supply chain has a cybersecurity problem

CISO, critical infrastructure, CXO, cyber risk, cybersecurity, Don't miss, Features, Government, News, regulation, strategy, tips /

The food supply chain has a cybersecurity problem 2025-07-30 at 08:30 By Sinisa Markovic It’s unsettling to think that our food supply chain could be targeted or that the safety of our food could be compromised. But this is exactly the challenge the agri-food sector is dealing with right now. Despite agriculture’s importance, cybersecurity in

The food supply chain has a cybersecurity problem Read More »

Why CISOs should rethink identity risk through attack paths

Black Hat USA 2025, CISO, cybersecurity, Don't miss, News, Non Human Identities, report, SpecterOps, strategy, survey, tips /

Why CISOs should rethink identity risk through attack paths 2025-07-30 at 08:00 By Sinisa Markovic Identity-based attack paths are behind most breaches today, yet many organizations can’t actually see how those paths form. The 2025 State of Attack Path Management report from SpecterOps makes the case that traditional tools like identity governance, PAM, and MFA

Why CISOs should rethink identity risk through attack paths Read More »

Scroll to Top