strategy

How cybercriminals are weaponizing AI and what CISOs should do about it

How cybercriminals are weaponizing AI and what CISOs should do about it 2025-07-01 at 08:31 By Mirko Zorz In a recent case tracked by Flashpoint, a finance worker at a global firm joined a video call that seemed normal. By the end of it, $25 million was gone. Everyone on the call except the employee […]

React to this headline:

Loading spinner

How cybercriminals are weaponizing AI and what CISOs should do about it Read More »

Why AI agents could be the next insider threat

Why AI agents could be the next insider threat 2025-06-30 at 07:37 By Help Net Security In this Help Net Security video, Arun Shrestha, CEO of BeyondID, explains how AI agents, now embedded in daily operations, are often over-permissioned, under-monitored, and invisible to identity governance systems. With a special focus on the healthcare sector, Shrestha

React to this headline:

Loading spinner

Why AI agents could be the next insider threat Read More »

Building cyber resilience in always-on industrial environments

Building cyber resilience in always-on industrial environments 2025-06-26 at 09:07 By Mirko Zorz In this Help Net Security interview, Dr. Tim Sattler, CISO at Jungheinrich, discusses the cybersecurity risks tied to smart warehouses and industrial control systems. He explains how to maintain operational continuity while building real cyber resilience in always-on environments. Dr. Sattler also

React to this headline:

Loading spinner

Building cyber resilience in always-on industrial environments Read More »

From posture to prioritization: The shift toward unified runtime platforms

From posture to prioritization: The shift toward unified runtime platforms 2025-06-25 at 08:49 By Mirko Zorz In this Help Net Security interview, Rinki Sethi, Chief Security Officer at Upwind, discusses how runtime platforms help CISOs shift from managing tools to managing risk. She encourages CISOs to position runtime as a practical layer for real-time risk

React to this headline:

Loading spinner

From posture to prioritization: The shift toward unified runtime platforms Read More »

Why should companies or organizations convert to FIDO security keys?

Why should companies or organizations convert to FIDO security keys? 2025-06-25 at 08:09 By Mirko Zorz In this Help Net Security interview, Alexander Summerer, Head of Authentication at Swissbit, explains how FIDO security keys work, what threats they address, and why they’re gaining traction across industries, from healthcare to critical infrastructure. He also shares insights

React to this headline:

Loading spinner

Why should companies or organizations convert to FIDO security keys? Read More »

How CISOs can justify security investments in financial terms

How CISOs can justify security investments in financial terms 2025-06-23 at 09:06 By Mirko Zorz In this Help Net Security interview, John Verry, Managing Director at CBIZ, discusses how insurers and financial risk professionals evaluate cybersecurity maturity through different lenses. He also shows how framing cyber risk in business terms can strengthen investment cases and

React to this headline:

Loading spinner

How CISOs can justify security investments in financial terms Read More »

Employees are using AI where they know they shouldn’t

Employees are using AI where they know they shouldn’t 2025-06-18 at 07:06 By Help Net Security Despite widespread anticipation about AI’s positive impact on workforce productivity, most employees feel they were overpromised on its potential, according to GoTo. In fact, 62% believe AI has been significantly overhyped. However, this is likely because employees aren’t making

React to this headline:

Loading spinner

Employees are using AI where they know they shouldn’t Read More »

Hackers love events. Why aren’t more CISOs paying attention?

Hackers love events. Why aren’t more CISOs paying attention? 2025-06-17 at 09:04 By Mirko Zorz When CISOs think about risk, they usually think about cloud platforms, laptops, and data centers. But live events like conferences, trade shows, product launches, and shareholder meetings bring a different kind of cybersecurity exposure. These events gather people, devices, and

React to this headline:

Loading spinner

Hackers love events. Why aren’t more CISOs paying attention? Read More »

CISOs brace for a surge in domain-based cyber threats

CISOs brace for a surge in domain-based cyber threats 2025-06-17 at 07:32 By Mirko Zorz Cybersecurity threats are growing more complex, and domain-based attacks are at the center of this shift. CSC’s CISO Outlook 2025 report, based on a survey of 300 security leaders, reveals a rising sense of urgency as organizations confront both established

React to this headline:

Loading spinner

CISOs brace for a surge in domain-based cyber threats Read More »

Why banks’ tech-first approach leaves governance gaps

Why banks’ tech-first approach leaves governance gaps 2025-06-16 at 09:06 By Mirko Zorz In this Help Net Security interview, Rich Friedberg, CISO at Live Oak Bank, discusses how banks can better align cybersecurity efforts with broader cyber governance and risk priorities. Banking institutions often falter when cybersecurity is siloed as purely a technical or compliance

React to this headline:

Loading spinner

Why banks’ tech-first approach leaves governance gaps Read More »

Why CISOs need to understand the AI tech stack

Why CISOs need to understand the AI tech stack 2025-06-16 at 07:01 By Mirko Zorz As AI spreads, so do the risks. Security leaders are being asked to protect systems they don’t fully understand yet, and that’s a problem. A new report from the Paladin Global Institute, The AI Tech Stack: A Primer for Tech

React to this headline:

Loading spinner

Why CISOs need to understand the AI tech stack Read More »

19 ways to build zero trust: NIST offers practical implementation guide

19 ways to build zero trust: NIST offers practical implementation guide 2025-06-13 at 07:32 By Sinisa Markovic The National Institute of Standards and Technology (NIST) has released a new guide that offers practical help for building zero trust architectures (ZTA). The guidance, titled Implementing a Zero Trust Architecture (SP 1800‑35), includes 19 example setups using

React to this headline:

Loading spinner

19 ways to build zero trust: NIST offers practical implementation guide Read More »

Want fewer security fires to fight? Start with threat modeling

Want fewer security fires to fight? Start with threat modeling 2025-06-12 at 09:01 By Mirko Zorz CISOs understand that threat modeling helps teams identify risks early and build safer systems. But outside the security org, the value isn’t always clear. When competing for budget or board attention, threat modeling often loses out to more visible

React to this headline:

Loading spinner

Want fewer security fires to fight? Start with threat modeling Read More »

CISOs call for operational threat intelligence integration

CISOs call for operational threat intelligence integration 2025-06-12 at 08:05 By Help Net Security 98% of CISOs face challenges when using threat intelligence, according to Trellix. The biggest problems are keeping up with changing threats, integration difficulties, and regulatory rules. As a result, threat intelligence defaults to a reactive function within a workstream, rather than

React to this headline:

Loading spinner

CISOs call for operational threat intelligence integration Read More »

The path to better cybersecurity isn’t more data, it’s less noise

The path to better cybersecurity isn’t more data, it’s less noise 2025-06-11 at 08:31 By Sinisa Markovic In cybersecurity, there’s an urge to collect as much data as possible. Logs, alerts, metrics, everything. But more data doesn’t necessarily translate to better security. SOCs deal with tens of thousands of alerts every day. It’s more than

React to this headline:

Loading spinner

The path to better cybersecurity isn’t more data, it’s less noise Read More »

How to build AI into your business without breaking compliance

How to build AI into your business without breaking compliance 2025-06-11 at 08:02 By Mirko Zorz AI is supposed to make businesses faster, smarter, and more competitive, but most projects fall short. The Cloud Security Alliance (CSA) says the real issue is companies cramming AI into old, rigid processes that just can’t keep up. “AI

React to this headline:

Loading spinner

How to build AI into your business without breaking compliance Read More »

The legal questions to ask when your systems go dark

The legal questions to ask when your systems go dark 2025-06-10 at 09:16 By Mirko Zorz At Span Cyber Security Arena, I sat down with Iva Mišković, Partner at the ISO-certified Mišković & Mišković law firm, to discuss the role of legal teams during cyber incidents. She shared why lawyers should assume the worst, coordinate

React to this headline:

Loading spinner

The legal questions to ask when your systems go dark Read More »

Securing agentic AI systems before they go rogue

Securing agentic AI systems before they go rogue 2025-06-10 at 08:24 By Help Net Security In this Help Net Security video, Eoin Wickens, Director of Threat Intelligence at HiddenLayer, explores the security risks posed by agentic AI. He breaks down how agentic AI functions, its potential to revolutionize business operations, and the vulnerabilities it introduces,

React to this headline:

Loading spinner

Securing agentic AI systems before they go rogue Read More »

CISOs, are you ready for cyber threats in biotech?

CISOs, are you ready for cyber threats in biotech? 2025-06-09 at 08:35 By Mirko Zorz The threat landscape in the bioeconomy is different from what most CISOs are used to. It includes traditional risks like data breaches, but the consequences are more complex. A compromise of genomic databases, for example, does not just expose personal

React to this headline:

Loading spinner

CISOs, are you ready for cyber threats in biotech? Read More »

Why SAP security updates are a struggle for large enterprises

Why SAP security updates are a struggle for large enterprises 2025-06-05 at 07:33 By Help Net Security In this Help Net Security video, Jonathan Stross, SAP Security Analyst at Pathlock, examines why managing SAP security updates is so complex for enterprises. From highly customized, interconnected environments to the pressure of real-time patching, Strauss highlights why

React to this headline:

Loading spinner

Why SAP security updates are a struggle for large enterprises Read More »

Scroll to Top