CISO

Decoding silence: How deaf and hard-of-hearing pros are breaking into cybersecurity

Decoding silence: How deaf and hard-of-hearing pros are breaking into cybersecurity 2026-03-09 at 09:01 By Mirko Zorz Stu Hirst was already a CISO when he started to go deaf. It was 2023, and the hearing loss crept in over months, enough for him to adapt, to lean on hearing aids and captions, to quietly reorganize […]

Decoding silence: How deaf and hard-of-hearing pros are breaking into cybersecurity Read More »

Cybersecurity professionals are burning out on extra hours every week

Cybersecurity professionals are burning out on extra hours every week 2026-03-04 at 08:30 By Mirko Zorz Cybersecurity professionals in the U.S. are working an average of 10.8 extra hours per week beyond their contracted schedules, according to survey data collected from 300 cybersecurity and IT leaders by Sapio Research. That figure effectively adds a sixth

Cybersecurity professionals are burning out on extra hours every week Read More »

Cloudflare tracked 230 billion daily threats and here is what it found

Cloudflare tracked 230 billion daily threats and here is what it found 2026-03-03 at 19:46 By Anamarija Pogorelec Cloudflare’s network blocks over 230 billion threats per day. The volume indicates how routine and automated the attack cycle has become, and the patterns behind that volume point to a shift in how breaches begin and progress.

Cloudflare tracked 230 billion daily threats and here is what it found Read More »

AI went from assistant to autonomous actor and security never caught up

AI went from assistant to autonomous actor and security never caught up 2026-03-03 at 08:35 By Mirko Zorz Enterprise AI deployments have shifted from pilot programs to production systems handling customer data, executing business transactions, and integrating with core infrastructure. That has exposed a significant gap between what AI agents can do and what security

AI went from assistant to autonomous actor and security never caught up Read More »

Healthcare organizations are accepting cyber risk to cut costs

Healthcare organizations are accepting cyber risk to cut costs 2026-03-03 at 08:00 By Anamarija Pogorelec Healthcare organizations are cutting cybersecurity budgets under financial pressure even as the threats targeting their systems intensify. A PwC survey of 381 global healthcare executives, conducted between May and July 2025, puts numbers to the gap between the risks the

Healthcare organizations are accepting cyber risk to cut costs Read More »

Your dependencies are 278 days out of date and your pipelines aren’t protected

Your dependencies are 278 days out of date and your pipelines aren’t protected 2026-03-02 at 09:00 By Mirko Zorz Applications continue to ship with known weaknesses even as development workflows speed up. A new Datadog State of DevSecOps 2026 report examines how dependency management and pipeline practices are influencing exposure across cloud native environments. Across

Your dependencies are 278 days out of date and your pipelines aren’t protected Read More »

Security debt is becoming a governance issue for CISOs

Security debt is becoming a governance issue for CISOs 2026-03-02 at 08:30 By Mirko Zorz Application security backlogs keep expanding across large development portfolios. Veracode’s 2026 State of Software Security Report puts numbers behind a familiar operational pattern, fixes lag discovery, and older weaknesses stay open across release cycles. 2026 findings against the 2025 baseline

Security debt is becoming a governance issue for CISOs Read More »

The CISO role keeps getting heavier

The CISO role keeps getting heavier 2026-02-27 at 08:00 By Anamarija Pogorelec Personal liability is becoming a routine part of the CISO job. In Splunk’s 2026 CISO Report, titled From Risk to Resilience in the AI Era, 78% of CISOs said they are concerned about their own liability for security incidents, up from 56% last

The CISO role keeps getting heavier Read More »

Industrial networks continue to leak onto the internet

Industrial networks continue to leak onto the internet 2026-02-27 at 07:30 By Mirko Zorz Industrial operators continue to run remote access portals, building automation servers, and other operational technology services on public IP address ranges. Palo Alto Networks, Siemens, and Idaho National Laboratory describe the scope of that exposure in the Intelligence-Driven Active Defense Report

Industrial networks continue to leak onto the internet Read More »

Four Risks Boards Cannot Treat as Background Noise

Four Risks Boards Cannot Treat as Background Noise 2026-02-26 at 19:30 By Steve Durbin The goal isn’t about preventing every attack but about keeping the business running when attacks succeed. The post Four Risks Boards Cannot Treat as Background Noise appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Four Risks Boards Cannot Treat as Background Noise Read More »

The $19.5 million insider risk problem

The $19.5 million insider risk problem 2026-02-26 at 09:09 By Mirko Zorz Routine employee activity across corporate systems carries an average annual cost of $19.5 million per organization. That figure comes from the 2026 Cost of Insider Risks Global Report, conducted by the Ponemon Institute and based on data from 354 organizations that experienced one

The $19.5 million insider risk problem Read More »

CISO Conversations: Timothy Youngblood; 4x Fortune 500 CISO/CSO

CISO Conversations: Timothy Youngblood; 4x Fortune 500 CISO/CSO 2026-02-24 at 16:12 By Kevin Townsend Timothy Youngblood was CISO at Dell, CISO at Kimberley-Clark, VP & CISO at McDonald’s, and SVP, CSO & Product Security Officer at T-Mobile. The post CISO Conversations: Timothy Youngblood; 4x Fortune 500 CISO/CSO appeared first on SecurityWeek. This article is an

CISO Conversations: Timothy Youngblood; 4x Fortune 500 CISO/CSO Read More »

United Airlines CISO on building resilience when disruption is inevitable

United Airlines CISO on building resilience when disruption is inevitable 2026-02-09 at 09:09 By Mirko Zorz Aviation runs on complex digital systems built for stability, safety, and long lifecycles. That reality creates a unique cybersecurity challenge for airlines, where disruption can quickly become an operational and public trust crisis. In this Help Net Security interview,

United Airlines CISO on building resilience when disruption is inevitable Read More »

The hidden cost of putting off security decisions

The hidden cost of putting off security decisions 2026-02-06 at 08:01 By Help Net Security In this Help Net Security video, Hanah Darley, Chief AI Officer, Geordie AI, talks about how putting off security risk decisions creates long-term costs that often stay hidden. Drawing on her work with CISOs and security leaders, she shows how

The hidden cost of putting off security decisions Read More »

Cybersecurity planning keeps moving toward whole-of-society models

Cybersecurity planning keeps moving toward whole-of-society models 2026-02-05 at 09:11 By Sinisa Markovic National governments already run cybersecurity through a mix of ministries, regulators, law enforcement, and private operators that own most critical systems. In that environment, guidance circulating among policymakers outlines how national cybersecurity strategies increasingly tie together risk management, workforce planning, technology standards,

Cybersecurity planning keeps moving toward whole-of-society models Read More »

Why boards must prioritize non-human identity governance

Why boards must prioritize non-human identity governance 2026-02-03 at 08:36 By Help Net Security Boards of Directors (BoDs) do three things exceptionally well when cyber is framed correctly. They set risk appetite, they allocate capital, and they demand evidence that the business can withstand disruption without losing momentum. Why cyber keeps becoming a board topic

Why boards must prioritize non-human identity governance Read More »

Where NSA zero trust guidance aligns with enterprise reality

Where NSA zero trust guidance aligns with enterprise reality 2026-02-02 at 09:10 By Sinisa Markovic The NSA has published Phase One and Phase Two of its Zero Trust Implementation Guidelines, providing structured guidance for organizations working to implement zero trust cybersecurity practices. The documents are part of a larger series designed to support adoption of

Where NSA zero trust guidance aligns with enterprise reality Read More »

A practical take on cyber resilience for CISOs

A practical take on cyber resilience for CISOs 2026-01-29 at 08:06 By Help Net Security In this Help Net Security video, Shebani Baweja, CISO for Consumer, Private, Wealth & Business Banking at Standard Chartered, explains how security leaders should think about cyber resilience. She outlines why preparation for extreme events matters as much as day

A practical take on cyber resilience for CISOs Read More »

Why prevention-first secrets security will define enterprise scale: Learnings from a leading telecom

Why prevention-first secrets security will define enterprise scale: Learnings from a leading telecom 2026-01-28 at 08:15 By Help Net Security Once a secret enters Git, it’s expensive to remediate. But the real problem runs deeper than cost. Grégory Maitrallain, Solution Architect at Orange Business, discovered this reality during their implementation: “Once a secret is pushed

Why prevention-first secrets security will define enterprise scale: Learnings from a leading telecom Read More »

When open science meets real-world cybersecurity

When open science meets real-world cybersecurity 2026-01-27 at 09:44 By Mirko Zorz Scientific research environments are built for openness and collaboration, often prioritizing long-term discovery over traditional enterprise security. In this Help Net Security interview, Matthew Kwiatkowski, CISO at Fermilab, America’s particle physics and accelerator laboratory, discusses where cybersecurity blind spots emerge, why availability can

When open science meets real-world cybersecurity Read More »

Scroll to Top