Tag: cio
-
10 best practices for vulnerability management according to CISOs
by
in SecurityNews
Tags: api, attack, automation, best-practice, business, ceo, cio, ciso, control, cybersecurity, data, detection, framework, group, incident response, metric, mitre, penetration-testing, programming, ransomware, risk, risk-management, service, software, strategy, technology, threat, tool, update, vulnerability, vulnerability-management1. Culture Achieving a successful vulnerability management program starts with establishing a cybersecurity-minded culture across the organization. Many CISOs admitted to facing historical cultural problems, with one summing it up well. “Our cybersecurity culture was pretty laissez-faire until we got hit with Log4J and then a ransomware attack,” he told CSO. “These events were an…
-
CIOs and CISOs need a common strategy around AI copilots
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/perspective/cios-and-cisos-need-a-common-strategy-around-ai-copilots
-
How CISOs can balance business continuity with other responsibilities
by
in SecurityNews
Tags: attack, backup, breach, business, cio, ciso, compliance, cyber, cyberattack, cybersecurity, data, data-breach, finance, framework, healthcare, incident, incident response, metric, nist, ransomware, resilience, risk, service, strategy, supply-chain, technology, threat, usa, vulnerabilityCIO-CISO divide: Who owns business continuity?: While CISOs may find that their remit is expanding to cover business continuity, a lack of clear delineation of roles and responsibilities can spell trouble.To effectively handle business continuity, cybersecurity leaders need a framework to collaborate with IT leadership.Responding to events requires a delicate balance between thoroughness of investigation…
-
How CISOs can balance business continuity with other responsibilities
by
in SecurityNews
Tags: attack, backup, breach, business, cio, ciso, compliance, cyber, cyberattack, cybersecurity, data, data-breach, finance, framework, healthcare, incident, incident response, metric, nist, ransomware, resilience, risk, service, strategy, supply-chain, technology, threat, usa, vulnerabilityCIO-CISO divide: Who owns business continuity?: While CISOs may find that their remit is expanding to cover business continuity, a lack of clear delineation of roles and responsibilities can spell trouble.To effectively handle business continuity, cybersecurity leaders need a framework to collaborate with IT leadership.Responding to events requires a delicate balance between thoroughness of investigation…
-
Wichtig für CIOs: Der Weg zum passenden Incident-Management-Tool
by
in SecurityNewsIT-Systeme müssen jederzeit verfügbar sein Ausfälle kosten schnell Millionen und schaden dem Vertrauen. CIOs brauchen ein Incident-Management-Tool, das schnell reagiert und sich nahtlos integrieren lässt. Doch worauf kommt es bei der Auswahl wirklich an? First seen on itsicherheit-online.com Jump to article: www.itsicherheit-online.com/news/security-management/wichtig-fuer-cios-der-weg-zum-passenden-incident-management-tool/
-
Aufgabe des CIO: Mehr nur die Aufrechterhaltung des IT-Betriebs
by
in SecurityNews
Tags: cioFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/cio-rolle-it-betrieb-strategie-ziele
-
Trump shifts cyberattack readiness to state and local governments in wake of info-sharing cuts
by
in SecurityNews
Tags: advisory, cio, cisa, ciso, communications, cyber, cyberattack, cybersecurity, election, government, group, infrastructure, intelligence, Internet, metric, office, resilience, risk, russia, strategy, technology, threatCreating a national resilience strategy The EO requires the assistant to the President for national security affairs (APNSA), in coordination with the assistant to the President for economic policy and the heads of relevant executive departments and agencies, to publish within 90 days (by June 17) a National Resilience Strategy that articulates the priorities, means,…
-
CISOs are taking on ever more responsibilities and functional roles has it gone too far?
by
in SecurityNews
Tags: ai, business, cio, ciso, cloud, compliance, computing, control, corporate, cyber, cybersecurity, data, defense, framework, fraud, governance, healthcare, infosec, intelligence, international, Internet, jobs, law, mitigation, nist, privacy, regulation, resilience, risk, risk-management, service, skills, software, supply-chain, technology, threatth century alongside technology and internet-enabled threats, morphing to meet the demands of the moment. But the position hasn’t just matured; in many cases it has expanded, taking on additional domains.”The CISO role has expanded significantly over the years as companies realize that information security has a unique picture of what is going on across…
-
White House exempts cyber pros from mass layoffs; Judge reinstates CISA firings
by
in SecurityNewsCISA document process raises security concerns: It’s unclear why CISA posted its request for fired employees to send a password-protected attachment containing personally identifiable information to a publicly promoted email address. It’s also unclear how the password-protected document process would work. CISA did not respond to CSO’s request for clarification.Some cybersecurity professionals cast doubt on…
-
CIOs and CISOs take on NIS2: Key challenges, security opportunities
by
in SecurityNews
Tags: access, cio, ciso, compliance, cybersecurity, data, GDPR, group, healthcare, ISO-27001, jobs, monitoring, nis-2, office, organized, privacy, regulation, risk, skills, software, strategy, supply-chain, technology, trainingCompliance will be easier for some: There are CIOs and CISOs who have found NIS2 compliance relatively easy: those who have worked toward ISO/IEC 27001:2022 certification, whether they remained in the preparation phase or actually got certified.Those who have the certification report having found themselves with “80% of the work done”: the company is ready…
-
CISOs and CIOs forge vital partnerships for business success
by
in SecurityNews
Tags: advisory, ai, attack, breach, business, ceo, cio, ciso, cloud, communications, corporate, cybersecurity, data, data-breach, finance, firewall, framework, ibm, infrastructure, resilience, risk, risk-management, service, strategy, technology, threatVikram Nafde, EVP and CIO, Webster Bank Webster BankAs is the case at many companies, Webster Bank’s CISO Patty Voight reports into the CIO. While there is a direct line between the executive functions, Nafde says the structure is collaborative, not hierarchical, a significant evolution as the intensity of threats escalate, raising the bar for…
-
What is risk management? Quantifying and mitigating uncertainty
by
in SecurityNews
Tags: breach, business, cio, ciso, compliance, control, cyber, cyberattack, data, finance, flaw, framework, governance, healthcare, infosec, infrastructure, insurance, international, jobs, mitigation, monitoring, nist, risk, risk-analysis, risk-assessment, risk-management, software, strategy, technology, tool, vulnerabilityHow do organizations structure risk management operations?: Risk management has in some organizations traditionally been multicentric, with different departments or individuals within the org implementing risk management techniques in their work: Risk management is a component of good project management, for instance. IT leaders in particular must be able to integrate risk management philosophies and…
-
CISOs und CIOs auf dem Weg zur Cyber-Resilienz durch Data-Governance-Strategien leiten
by
in SecurityNewsData Governance ebnet den Weg für Data Resilience. Durch die Datenklassifizierung können Unternehmen Lücken in ihren Business-Continuity-Plänen aufdecken und als zusätzlichen Vorteil ihre laufenden Tagesabläufe verbessern First seen on infopoint-security.de Jump to article: www.infopoint-security.de/cisos-und-cios-auf-dem-weg-zur-cyber-resilienz-durch-data-governance-strategien-leiten/a40058/
-
CISO vs. CIO: Where security and IT leadership clash (and how to fix it)
by
in SecurityNewsThe dynamic between CISOs and CIOs has always been complex. While both roles are essential to an organization’s success, their priorities often put them at odds. The CIO … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/04/ciso-vs-cio/
-
Beyond Compliance: Why CIOs CISOs Must Lead with AI-Driven Strategic Performance Intelligence
by
in SecurityNewsCompliance isn’t enough. Learn why CIOs & CISOs must lead with AI-driven Strategic Performance Intelligence to enhance security, governance, and resilience. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/beyond-compliance-why-cios-cisos-must-lead-with-ai-driven-strategic-performance-intelligence/
-
IT 2025: Im Spannungsfeld zwischen Nachhaltigkeit, Sicherheit, KI und Geopolitik
by
in SecurityNewsNeben den Themen IT-Security und künstliche Intelligenz (KI) müssen sich Unternehmen in der IT im Jahr 2025 mit den aktuellen geopolitischen Entwicklungen und Nachhaltigkeit auseinandersetzen. Für seinen jährlich erscheinenden Digital Infrastructure Report hat der Netzwerkanbieter Colt Technology Services 1.500 CIOs und IT-Verantwortliche in Europa, Nord- und Südamerika, Asien und dem Nahen Osten befragt. Der… First…
-
CIO des Jahres 2025 Wettbewerb startet
by
in SecurityNewsSiegerinnen und Sieger des vergangenen Jahres jubeln über ihre CIO des Jahres Awards. Machen Sie mit und bewerben Sie sich dann stehen Sie vielleicht im Oktober 2025 auf der großen Gala-Bühne und dürfen sich über die renommierteste IT-Auszeichnung Deutschlands freuen. cio.de / Tobias TschepeEs ist wieder so weit: Der renommierteste IT-Award Deutschlands ist startklar. Bis…
-
The Technology Blueprint for CIOs: Expectations and Concerns
by
in SecurityNewsProtiviti-CII CIO Insights Reveal AI and Cybersecurity as Top Priorities for CIOs. AI, security and sustainable technology are set to be the defining trends for the digital future. This technological evolution is fueled by rapid advancements in AI-powered automation, the adoption of zero trust security frameworks and a growing focus on ESG integration in digital…
-
CISO success story: How LA County trains (and retrains) workers to fight phishing
by
in SecurityNews
Tags: ai, awareness, breach, business, chatgpt, cio, ciso, cloud, compliance, computing, control, corporate, cybersecurity, data, dos, election, email, endpoint, government, hacker, healthcare, incident response, jobs, law, lessons-learned, malicious, marketplace, network, phishing, privacy, regulation, risk, risk-management, service, software, strategy, supply-chain, tactics, technology, threat, tool, training, vulnerability(The following interview has been edited for clarity and length.)At first glance, LA County’s reporting structure who reports to whom seems, well, fairly complex.We have a federated model: I report to the county CIO. Each department acts as an independent business and has its own department CIO and information security officer. Their job is to…
-
CIO Cloud Summit: Best Practices von Anwendern für Anwender
by
in SecurityNews
Tags: ai, best-practice, business, cio, cloud, computing, finance, germany, group, infrastructure, sap, service, strategy, technology, toolsrcset=”https://b2b-contenthub.com/wp-content/uploads/2025/02/CIO_Cloud_Summit.jpg?quality=50&strip=all 1682w, b2b-contenthub.com/wp-content/uploads/2025/02/CIO_Cloud_Summit.jpg?resize=300%2C168&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2025/02/CIO_Cloud_Summit.jpg?resize=768%2C432&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2025/02/CIO_Cloud_Summit.jpg?resize=1024%2C576&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2025/02/CIO_Cloud_Summit.jpg?resize=1536%2C864&quality=50&strip=all 1536w, b2b-contenthub.com/wp-content/uploads/2025/02/CIO_Cloud_Summit.jpg?resize=1240%2C697&quality=50&strip=all 1240w, b2b-contenthub.com/wp-content/uploads/2025/02/CIO_Cloud_Summit.jpg?resize=150%2C84&quality=50&strip=all 150w, b2b-contenthub.com/wp-content/uploads/2025/02/CIO_Cloud_Summit.jpg?resize=854%2C480&quality=50&strip=all 854w, b2b-contenthub.com/wp-content/uploads/2025/02/CIO_Cloud_Summit.jpg?resize=640%2C360&quality=50&strip=all 640w, b2b-contenthub.com/wp-content/uploads/2025/02/CIO_Cloud_Summit.jpg?resize=444%2C250&quality=50&strip=all 444w” width=”1024″ height=”576″ sizes=”(max-width: 1024px) 100vw, 1024px”>Erfahren Sie auf dem CIO Cloud Summit, wie Sie die nächste Cloud-Welle am besten reiten. IDC FoundryFlexibilität, Agilität und Skalierbarkeit sind die entscheidenden Parameter für das Gelingen der Transformation von…
-
AI Security is API Security: What CISOs and CIOs Need to Know
by
in SecurityNewsJust when CIOs and CISOs thought they were getting a grip on API security, AI came along and shook things up. In the past few years, a huge number of organizations have adopted AI, realizing innumerable productivity, operational, and efficiency benefits. However, they’re also having to deal with unprecedented API security challenges. Wallarm’s Annual 2025…
-
CIOs and CISOs grapple with DORA: Key challenges, compliance complexities
by
in SecurityNews
Tags: access, automation, banking, business, cio, ciso, communications, compliance, control, country, cyber, cybersecurity, data, dora, finance, framework, GDPR, governance, jobs, law, monitoring, network, nis-2, penetration-testing, privacy, regulation, resilience, risk, risk-management, service, skills, supply-chain, technology, threat, tool, training, vulnerabilityIn force since January, the Digital Operational Resilience Act (DORA) has required considerable effort from CIOs and CISOs at 20 types of financial entities to achieve compliance. For many, the journey is not complete.”In the past months, financial entities targeted by DORA have been busy internally defining roles and responsibilities related to ICT security, identifying…
-
Musk’s DOGE effort could spread malware, expose US systems to threat actors
by
in SecurityNews
Tags: access, ai, api, attack, authentication, ceo, cio, computer, computing, control, cyber, cybercrime, cybersecurity, data, defense, email, exploit, governance, government, hacking, infection, infosec, international, jobs, malicious, malware, network, office, privacy, ransomware, risk, service, technology, threat, toolOver the past 10 days, an astonishing series of actions by Elon Musk via his Department of Government Efficiency (DOGE) project has elevated the cybersecurity risk of some of the most sensitive computing systems in the US government. Musk and his team of young, inexperienced engineers, at least one of whom is not a US…
-
39% of IT leaders fear major incident due to excessive workloads
by
in SecurityNewsEnterprise security operations teams find themselves stretched thin and contending with an escalating cyber threat landscape today. Many are understaffed and underfunded, leaving CISOs on edge about the consequences for the enterprise, and their careers.A recent survey from Adaptavist about fallout from last summer’s CrowdStrike outage found that two out of five (39%) IT leaders…
-
Download the Agentic AI Enterprise Spotlight
by
in SecurityNewsDownload the February 2025 issue of the Enterprise Spotlight from the editors of CIO, Computerworld, CSO, InfoWorld, and Network World. First seen on us.resources.csoonline.com Jump to article: us.resources.csoonline.com/resources/form
-
Want to be an effective cybersecurity leader? Learn to excel at change management
by
in SecurityNews
Tags: authentication, awareness, business, cio, ciso, cloud, compliance, corporate, cybersecurity, finance, fraud, group, guide, Hardware, identity, jobs, password, privacy, risk, risk-management, service, skills, software, strategy, technology, threat, vulnerability, zero-trustIf there’s one thing that’s inevitable in cybersecurity, it’s change. Ever-evolving technology requires new protections, threats seem to multiply and morph on a daily basis, and even the humblest pieces of software and hardware demand constant updating to stay secure.That work has been increasing as the importance, visibility, and impact of security initiatives have ramped…
-
The cybersecurity skills gap reality: We need to face the challenge of emerging tech
by
in SecurityNewsThe cybersecurity skills shortage remains a controversial topic. Research from ISC2 states that the current global workforce of cybersecurity professionals stands at 5.5 million, but the workforce currently needs 10.2 million, a gap of 4.8 million people.Skeptics (and there are lots of them) say hogwash! They claim that these numbers are purely self-serving for ISC2,…
-
Inside CyberArk’s security strategy
CyberArk CIO Omer Grossman talks up the company’s security-first ethos, the importance of an assumed breach mentality and how the company is addressing threats from the growing use of AI First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366618330/Inside-CyberArks-security-strategy
-
CISOs’ top 12 cybersecurity priorities for 2025
by
in SecurityNews
Tags: access, ai, api, attack, authentication, automation, awareness, business, cio, ciso, cloud, compliance, control, corporate, cybersecurity, data, detection, framework, governance, identity, incident response, infrastructure, intelligence, jobs, mitigation, monitoring, mssp, oracle, penetration-testing, privacy, risk, risk-management, service, strategy, technology, threat, training, usa, zero-trustSecurity chief Andrew Obadiaru’s to-do list for the upcoming year will be familiar to CISOs everywhere: advance a zero-trust architecture in the organization; strengthen identity and access controls as part of that drive; increase monitoring of third-party risks; and expand the use of artificial intelligence in security operations.”Nothing is particularly new, maybe AI is newer,…