CISO

Low code, high stakes: Addressing SQL injection

Low code, high stakes: Addressing SQL injection 2024-06-17 at 08:01 By Help Net Security Like a bad movie that seems to go on forever, SQL injection (SQLi) attacks have lingered since the late 1990s. Due to various factors, they remain the third most common source of web application vulnerabilities. Reasons include human error, new technologies […]

Low code, high stakes: Addressing SQL injection Read More »

Event Preview: AI Risk Summit + CISO Forum at the Ritz-Carlton, Half Moon Bay | June 25-26, 2024

Event Preview: AI Risk Summit + CISO Forum at the Ritz-Carlton, Half Moon Bay | June 25-26, 2024 2024-06-14 at 10:01 By SecurityWeek News SecurityWeek host its AI Risk Summit + CISO Forum Summer Summit on June 25-26, 2024, at the Ritz-Carlton, Half Moon Bay. The post Event Preview: AI Risk Summit + CISO Forum

Event Preview: AI Risk Summit + CISO Forum at the Ritz-Carlton, Half Moon Bay | June 25-26, 2024 Read More »

Security and privacy strategies for CISOs in a mobile-first world

Security and privacy strategies for CISOs in a mobile-first world 2024-06-12 at 07:01 By Mirko Zorz In this Help Net Security interview, Jim Dolce, CEO at Lookout, discusses securing mobile devices to mitigate escalating cloud threats. He emphasizes that organizations must shift their approach to data security, acknowledging the complexities introduced by mobile access to

Security and privacy strategies for CISOs in a mobile-first world Read More »

Six months of SEC’s cyber disclosure rules

Six months of SEC’s cyber disclosure rules 2024-06-12 at 06:02 By Help Net Security In this Help Net Security video, Mark Millender, Senior Advisor of Global Executive Engagement at Tanium, discusses the overall sentiment from CISOs of large, public companies on the effectiveness and understanding of SEC’s cyber disclosure rules and common misconceptions and gray

Six months of SEC’s cyber disclosure rules Read More »

Cloud migration expands the CISO role yet again

Cloud migration expands the CISO role yet again 2024-06-11 at 07:31 By Help Net Security The CISO role used to be focused primarily on information security — creating and implementing policies to safeguard an organization’s data and IT infrastructure from cybersecurity threats. However, as organizations rapidly migrate to cloud environments, the responsibilities and challenges for

Cloud migration expands the CISO role yet again Read More »

Why CISOs need to build cyber fault tolerance into their business

Why CISOs need to build cyber fault tolerance into their business 2024-06-10 at 07:01 By Help Net Security CISOs who elevate response and recovery to equal status with prevention are generating more value than those who adhere to outdated zero tolerance for failure mindsets, according to Gartner. “Each new cybersecurity disruption exposes the fact that

Why CISOs need to build cyber fault tolerance into their business Read More »

The evolution of security metrics for NIST CSF 2.0

The evolution of security metrics for NIST CSF 2.0 2024-05-28 at 08:03 By Help Net Security CISOs have long been spreadsheet aficionados, soaking up metrics and using them as KPIs for security progress. These metrics have traditionally measured specific systems or single indicators — vulnerabilities detected, percentage of vulnerabilities patched, software and hardware asset inventory

The evolution of security metrics for NIST CSF 2.0 Read More »

Widespread data silos slow down security response times

Widespread data silos slow down security response times 2024-05-28 at 06:31 By Help Net Security Although the goals and challenges of IT and security professionals intersect, 72% report security data and IT data are siloed in their organization, which contributes to corporate misalignment and elevated security risk, according to Ivanti. Leadership plays a crucial role

Widespread data silos slow down security response times Read More »

Human error still perceived as the Achilles’ heel of cybersecurity

Human error still perceived as the Achilles’ heel of cybersecurity 2024-05-27 at 07:31 By Help Net Security While fears of cyber attacks continue to rise, CISOs demonstrate increasing confidence in their ability to defend against these threats, reflecting a significant shift in the cybersecurity landscape, according to Proofpoint. CISOs’ confidence is growing despite fear of

Human error still perceived as the Achilles’ heel of cybersecurity Read More »

CISOs pursuing AI readiness should start by updating the org’s email security policy

CISOs pursuing AI readiness should start by updating the org’s email security policy 2024-05-23 at 08:03 By Anamarija Pogorelec Over the past few years, traditional phishing messages — with their pervasive linguistic errors, thinly-veiled malicious payloads, and often outlandish pretexts — have been on the decline. Easily detected by most of today’s standard email security

CISOs pursuing AI readiness should start by updating the org’s email security policy Read More »

How a GRC consultant passed the CISSP exam in six weeks

How a GRC consultant passed the CISSP exam in six weeks 2024-05-14 at 08:01 By Help Net Security Ask any IT security professional which certification they would consider to be the “gold standard” in terms of prestige, credibility, or difficulty, and almost invariably they will answer: the CISSP. If an organization is seeking some peace

How a GRC consultant passed the CISSP exam in six weeks Read More »

AI’s rapid growth puts pressure on CISOs to adapt to new security risks

AI’s rapid growth puts pressure on CISOs to adapt to new security risks 2024-05-13 at 07:31 By Help Net Security The increased use of AI further complicates CISO role as industries begin to realize the full potential of GenAI and its impact on cybersecurity, according to Trellix. GenAI’s impact on CISO responsibility GenAI has rolled

AI’s rapid growth puts pressure on CISOs to adapt to new security risks Read More »

Security tools fail to translate risks for executives

Security tools fail to translate risks for executives 2024-05-08 at 08:01 By Help Net Security Organizations are struggling with internal communication barriers, which hinder their ability to address cybersecurity threats, according to Dynatrace. The results indicate that CISOs encounter challenges in aligning security teams with the C-suite, resulting in organizational gaps in understanding cyber risk.

Security tools fail to translate risks for executives Read More »

6 tips to implement security gamification effectively

6 tips to implement security gamification effectively 2024-05-07 at 08:01 By Help Net Security There’s not a CISO in the industry who’s not aware of the extremely short median CISO tenure. That’s why the best CISOs are those who constantly seek ways to strengthen their teams. They help members evolve and grow in their roles,

6 tips to implement security gamification effectively Read More »

How to prepare for the CISSP exam: Tips from industry leaders

How to prepare for the CISSP exam: Tips from industry leaders 2024-05-06 at 07:31 By Mirko Zorz The Certified Information Systems Security Professional (CISSP) is the most widely recognized certification in the information security industry. CISSP certifies that an information security professional possesses extensive technical and managerial expertise for designing, engineering, and managing an organization’s

How to prepare for the CISSP exam: Tips from industry leaders Read More »

What is cybersecurity mesh architecture (CSMA)?

What is cybersecurity mesh architecture (CSMA)? 2024-05-03 at 07:01 By Help Net Security Cybersecurity mesh architecture (CSMA) is a set of organizing principles used to create an effective security framework. Using a CSMA approach means designing a security architecture that is composable and scalable with easily extensible interfaces, a common data schema and well-defined interfaces

What is cybersecurity mesh architecture (CSMA)? Read More »

2024 Data Breach Investigations Report: Most breaches involve a non-malicious human element

2024 Data Breach Investigations Report: Most breaches involve a non-malicious human element 2024-05-02 at 08:31 By Help Net Security The exploitation of vulnerabilities as an initial point of entry almost tripled from the previous year, accounting for 14% of all breaches, according to Verizon’s 2024 Data Breach Investigations Report, which analyzed a record-high 30,458 security

2024 Data Breach Investigations Report: Most breaches involve a non-malicious human element Read More »

CISO Conversations: Talking Cybersecurity With LinkedIn’s Geoff Belknap and Meta’s Guy Rosen

CISO Conversations: Talking Cybersecurity With LinkedIn’s Geoff Belknap and Meta’s Guy Rosen 2024-05-01 at 15:31 By Kevin Townsend SecurityWeek interviews Geoff Belknap, CISO at LinkedIn, and Guy Rosen, CISO at Facebook parent company Meta. The post CISO Conversations: Talking Cybersecurity With LinkedIn’s Geoff Belknap and Meta’s Guy Rosen appeared first on SecurityWeek. This article is

CISO Conversations: Talking Cybersecurity With LinkedIn’s Geoff Belknap and Meta’s Guy Rosen Read More »

Security analysts believe more than half of tasks could be automated

Security analysts believe more than half of tasks could be automated 2024-04-30 at 06:01 By Help Net Security Security industry leaders believe that AI and automation technologies are critical to addressing the complexities of modern security operations, according to Anomali. AI expected to boost threat detection In fact, security analysts maintain that up to 57%

Security analysts believe more than half of tasks could be automated Read More »

Should Cybersecurity Leadership Finally be Professionalized?

Should Cybersecurity Leadership Finally be Professionalized? 2024-04-29 at 18:31 By Kevin Townsend The majority opinion is that a cybersecurity professional body is long overdue and would benefit cybersecurity and cybersecurity practitioners. The post Should Cybersecurity Leadership Finally be Professionalized? appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

Should Cybersecurity Leadership Finally be Professionalized? Read More »

Scroll to Top