Tag: ciso
-
Why security culture is crypto’s strongest asset
by
in SecurityNewsIn this Help Net Security interview, Norah Beers, CISO at Grayscale, discusses key security challenges in managing crypto assets, adversary tactics, private key management, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/11/norah-beers-grayscale-crypto-asset-management/
-
Google bets on unifying security tools to ease CISO pain
At Google Cloud Next in Las Vegas, Google launches its Unified Security platform with the goal of bringing together disparate security solutions to help cyber leaders and practitioners address their most keenly felt pain points First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366622474/Google-bets-on-unifying-security-tools-to-ease-CISO-pain
-
Google Cloud: CISOs Demand Simplified Security Tools Amid Growing Tech Complexity
by
in SecurityNewsGoogle Cloud announced a number of security products designed to reduce complexity for security leaders First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/google-cloud-cisos-demand/
-
Targeted phishing gets a new hook with real-time email validation
by
in SecurityNews
Tags: api, authentication, awareness, ciso, credentials, data-breach, defense, email, infosec, mail, password, phishing, sans, service, spam, spear-phishing, threat, training‘A little bit of hype’: David Shipley, head of Canadian-based security awareness training firm Beauceron Security, said “there’s a little bit of hype” in giving the tactic a fancy name for what is in fact spear phishing, although, he admitted, it’s “rapid-fire spear phishing.”The reason, he said, is that “spray-and-pray” mass phishing campaigns today are…
-
AI is Reshaping Cyber Threats: Here’s What CISOs Must Do Now
Assess the risks posed by AI-powered attacks and adopt AI-driven defense capabilities to match. Automate where possible. Use AI to prioritise what matters. Invest in processes and talent that enable real-time response and build long-term trust. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/ai-is-reshaping-cyber-threats-heres-what-cisos-must-do-now/
-
Precision-validated phishing: The rise of sophisticated credential theft
by
in SecurityNews
Tags: api, authentication, awareness, ciso, credentials, data-breach, defense, email, infosec, mail, password, phishing, sans, service, spam, spear-phishing, theft, threat, training‘A little bit of hype’: David Shipley, head of Canadian-based security awareness training firm Beauceron Security, said “there’s a little bit of hype” in giving the tactic a fancy name for what is in fact spear phishing, although, he admitted, it’s “rapid-fire spear phishing.”The reason, he said, is that “spray-and-pray” mass phishing campaigns today are…
-
Is HR running your employee security training? Here’s why that’s not always the best idea
by
in SecurityNews
Tags: attack, awareness, best-practice, breach, business, ciso, communications, compliance, cyber, cybersecurity, data, finance, guide, healthcare, privacy, resilience, risk, security-incident, service, threat, training, vulnerabilityHR doesn’t have specialized security knowledge: Another limitation is that an organization’s security training can be a component in maintaining certain certifications, compliance, contractual agreements, and customer expectations, according to Hughes.”If that’s important to your organization, then security, IT, and compliance teams will know the subjects to cover and help guide in the importance of…
-
Why CISOs are doubling down on cyber crisis simulations
by
in SecurityNewsCyber threats aren’t going away, and CISOs know prevention isn’t enough. Being ready to respond is just as important. Cyber crisis simulations offer a way to test that … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/09/ciso-cyber-crisis-simulations/
-
Transforming cybersecurity into a strategic business enabler
by
in SecurityNewsIn this Help Net Security interview, Kevin Serafin, CISO at Ecolab, discusses aligning security strategy with long-term business goals, building strong partnerships across the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/09/kevin-serafin-ecolab-cybersecurity-strategy-business/
-
Governance or bust: CISOs grapple with AI’s double-edged sword
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/resource/governance-or-bust-cisos-grapple-with-ais-double-edged-sword
-
The Secret Weapon CISOs May Be Overlooking In the Fight Against Cyberattacks
by
in SecurityNewsWhile often relegated to a purely functional role, DNS offers unparalleled opportunities for preemptive defense against cyberattacks. The post DNS: The Secret Weapon CISOs May Be Overlooking In the Fight Against Cyberattacks appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/dns-the-secret-weapon-cisos-may-be-overlooking-in-the-fight-against-cyberattacks/
-
What Microsoft Knows About AI Security That Most CISOs Don’t?
by
in SecurityNewsTraditional security fails with AI systems. Discover Microsoft’s RAI Maturity Model and practical steps to advance from Level 1 to Level 5 in AI security governance. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/what-microsoft-knows-about-ai-security-that-most-cisos-dont/
-
10 things you should include in your AI policy
by
in SecurityNews
Tags: access, ai, best-practice, breach, business, ceo, ciso, compliance, cybersecurity, data, data-breach, finance, framework, gartner, GDPR, governance, incident response, insurance, law, monitoring, privacy, regulation, risk, software, strategy, switch, technology, tool, training, updateInput from all stakeholders: At Aflac, the security team took the initial lead on developing the company’s AI policy. But AI is not just a security concern. “And it’s not just a legal concern,” Ladner says. “It’s not just a privacy concern. It’s not just a compliance concern. You need to bring all the stakeholders…
-
Observability is security’s way back into the cloud conversation
by
in SecurityNewsIn this Help Net Security interview, Esteban Gutierrez, CISO and VP of Information Security at New Relic, discusses how the adoption of cloud infrastructure is outpacing … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/08/esteban-gutierrez-new-relic-cloud-infrastructure-risks/
-
The Convergence of IAM, Cybersecurity, Fraud and Compliance
by
in SecurityNewsGartner’s Pete Redshaw on Why the CISO or CRO Should Take the Lead. Cybersecurity, IAM, fraud and compliance will converge across financial institutions in the next five to six years. This transformation will follow a phased path, beginning with data integration, followed by tool alignment and eventually team restructuring. First seen on govinfosecurity.com Jump to…
-
Tariff Wars: The Technology Impact
by
in SecurityNewsHow CIOs and CISOs Can Navigate With Balance Tariff wars may hit technology leaders hard in 2025 as the Trump administration’s 10% import tax, plus reciprocal tariffs, spikes costs. CIOs and CISOs face supply chain disruption and heightened cyber risks. But they can adapt with cloud shifts, smart deals and better advocacy. First seen on…
-
CISOs battle security platform fatigue
by
in SecurityNewsIt starts with good intentions. A tool to stop phishing. Another to monitor endpoints. One more for cloud workloads. Soon, a well-meaning CISO finds themselves managing dozens … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/07/ciso-security-platform-fatigue/
-
The risks of entry-level developers over relying on AI
by
in SecurityNews
Tags: ai, attack, awareness, best-practice, cio, ciso, compliance, cybersecurity, exploit, jobs, law, malicious, open-source, programming, resilience, risk, skills, software, technology, threat, tool, training, update, vulnerabilityThe risks of blind spots, compliance and license violation: As generative AI becomes more embedded in software development and security workflows, cybersecurity leaders are raising concerns about the blind spots it can potentially introduce. “AI can produce secure-looking code, but it lacks contextual awareness of the organization’s threat model, compliance needs, and adversarial risk environment,”…
-
Speaking the Board’s Language: A CISO’s Guide to Securing Cybersecurity Budget
by
in SecurityNewsThe biggest challenge CISOs face isn’t just securing budget it’s making sure decision-makers understand why they need it. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/speaking-the-boards-language-a-cisos-guide-to-securing-cybersecurity-budget/
-
Get Excited About Innovations in IAM
by
in SecurityNewsWhy Should You Be Excited About Innovations in Identity and Access Management (IAM)? If you’re a Cybersecurity professional or CISO, you understand the value of Non-Human Identities (NHI) and Secrets Management. The burning question, then, is “Why should you be excited about innovations in IAM?” IAM, or Identity and Access Management, is a critical piece……
-
AI programming copilots are worsening code security and leaking more secrets
by
in SecurityNews
Tags: access, ai, api, application-security, attack, authentication, best-practice, breach, ceo, ciso, container, control, credentials, cybersecurity, data, data-breach, github, government, incident response, injection, least-privilege, LLM, monitoring, open-source, openai, password, programming, risk, skills, software, strategy, tool, training, vulnerabilityOverlooked security controls: Ellen Benaim, CISO at enterprise content mangement firm Templafy, said AI coding assistants often fail to adhere to the robust secret management practices typically observed in traditional systems.”For example, they may insert sensitive information in plain text within source code or configuration files,” Benaim said. “Furthermore, because large portions of code are…
-
Too little budget for OT security despite rising threats
by
in SecurityNewsWhy OT cybersecurity should be every CISO’s concernOT security becoming a mainstream concern First seen on csoonline.com Jump to article: www.csoonline.com/article/3951163/too-little-budget-for-ot-security.html
-
Forward-thinking CISOs are shining a light on shadow IT
by
in SecurityNewsIn this Help Net Security interview, Curtis Simpson, CISO and Chief Advocacy Officer at Armis, discusses how CISOs can balance security and innovation while managing the risks … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/04/curtis-simpson-armis-shadow-it-risks/
-
CISO Transformation: It’s Time for a New Mental Model
by
in SecurityNewsCISO mind maps are helpful, but they reinforce a tactical view of security. Learn why modern CISOs need a new mental model focused on strategy, value, and board-level impact. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/ciso-transformation-its-time-for-a-new-mental-model/
-
AI Adoption in the Enterprise: Breaking Through the Security and Compliance Gridlock
by
in SecurityNewsAI holds the promise to revolutionize all sectors of enterpriseーfrom fraud detection and content personalization to customer service and security operations. Yet, despite its potential, implementation often stalls behind a wall of security, legal, and compliance hurdles.Imagine this all-too-familiar scenario: A CISO wants to deploy an AI-driven SOC to handle the overwhelming volume of security…
-
Veterans are an obvious fit for cybersecurity, but tailored support ensures they succeed
by
in SecurityNewsSecurity is built into just about any military role: “Veterans make great cybersecurity specialists, because they’ve had security-focused roles, whether physical or information security, no matter what branch of the service they were in,” says Bryan Radliff, a 31-year veteran of the US Army who now serves as the CyberVets program manager in the Onward…
-
Redefining Insider Risk in a Perimeterless World
by
in SecurityNewsOFX CISO Santanu Lodh on the Changing Nature of Insider Threats. The profile of insider risk has changed over a period of time, said Santanu Lodh, CISO at OFX. It is no longer confined to malicious intent. He explains how shifting workforce models, third-party engagement and evolving technology demand continuous monitoring and rethinking of security…