Tag: resilience
-
Data Connect announces vSOC Assure to streamline cyber risk assessments and increase cyber resilience
by
in SecurityNewsData Connect, a leading cyber security services provider underpinned by elite cyber practitioners and technology, today announced the launch of vSOC Assure. The platform has been developed in response to the growing need for robust, ongoing security assessments and it goes beyond traditional cyber security audits, offering a structured, year-round approach to risk identification, remediation…
-
Cyber Risks Drive CISOs to Surf AI Hype Wave
by
in SecurityNewsGartner Says Hype Can Benefit Organizations That Harness It for Business Advantage. Organizations haven’t yet drawn business value from AI investments, and many feel AI is overhyped. Gartner analysts said encouraging intelligent risk-taking and investing in cybersecurity can improve an organization’s resilience, giving businesses confidence to embrace technologies like AI. First seen on govinfosecurity.com Jump…
-
Despite challenges, the CVE program is a public-private partnership that has shown resilience
by
in SecurityNewsIn 1999, Dave Mann and Steve Christey, two researchers from the nonprofit R&D corporation MITRE, debuted a concept for security vulnerabilities that laid the groundwork for the common vulnerability and exposures framework (CVE) that organizes information around computer vulnerabilities. Twenty-five years later, the CVE program, which assigns a unique record to each reported vulnerability, is…
-
Trump shifts cyberattack readiness to state and local governments in wake of info-sharing cuts
by
in SecurityNews
Tags: advisory, cio, cisa, ciso, communications, cyber, cyberattack, cybersecurity, election, government, group, infrastructure, intelligence, Internet, metric, office, resilience, risk, russia, strategy, technology, threatCreating a national resilience strategy The EO requires the assistant to the President for national security affairs (APNSA), in coordination with the assistant to the President for economic policy and the heads of relevant executive departments and agencies, to publish within 90 days (by June 17) a National Resilience Strategy that articulates the priorities, means,…
-
CISOs are taking on ever more responsibilities and functional roles has it gone too far?
by
in SecurityNews
Tags: ai, business, cio, ciso, cloud, compliance, computing, control, corporate, cyber, cybersecurity, data, defense, framework, fraud, governance, healthcare, infosec, intelligence, international, Internet, jobs, law, mitigation, nist, privacy, regulation, resilience, risk, risk-management, service, skills, software, supply-chain, technology, threatth century alongside technology and internet-enabled threats, morphing to meet the demands of the moment. But the position hasn’t just matured; in many cases it has expanded, taking on additional domains.”The CISO role has expanded significantly over the years as companies realize that information security has a unique picture of what is going on across…
-
Why Cyber Quality Is the Key to Security
by
in SecurityNewsThe time to secure foundations, empower teams, and make cyber resilience the standard is now, because the cost of waiting is far greater than the investment in proactive security. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/why-cyber-quality-key-security
-
Insider-Ansichten zum Cyber Resilience Act: Vom Verhandlungstisch in Brüssel
by
in SecurityNewsFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/cyber-resilience-act-eu-gesetzgebung-2025
-
11 hottest IT security certs for higher pay today
by
in SecurityNews
Tags: access, attack, automation, business, cloud, container, control, corporate, credentials, cyber, cybersecurity, data, defense, encryption, exploit, finance, fortinet, google, governance, incident response, infosec, intelligence, Internet, jobs, linux, malicious, malware, monitoring, network, penetration-testing, remote-code-execution, resilience, reverse-engineering, risk, risk-assessment, risk-management, skills, software, technology, threat, tool, training, vulnerability, windowsOffensive Security Certified Expert (OSCE): OffSec’s Offensive Security Certified Expert consists of three courses: Advanced Web Attacks and Exploitation, Advanced Evasion Techniques and Breaching Defenses, and Windows User Mode Exploit Development. The format for each course exam is the same: Candidates have 48 hours to compromise a given target using various techniques. No formal prerequisites exist for any of the…
-
Public-private partnerships: A catalyst for industry growth and maturity
by
in SecurityNews
Tags: ceo, crypto, cyber, cybercrime, cybersecurity, data, defense, fortinet, framework, government, guide, infrastructure, intelligence, interpol, lessons-learned, mitre, resilience, software, threat, vulnerabilitySuccessful partnerships offer a blueprint for effective collaboration Numerous cybersecurity-focused partnerships are underway, involving successful collaboration across all sectors. These examples can help take public-private partnership efforts from abstract ideas to impactful execution and provide valuable insights and lessons learned.One example is the work being done by the Cyber Threat Alliance (CTA) and its members.…
-
The State of Digital Trust in 2025 Consumers Still Shoulder the Responsibility
by
in SecurityNews
Tags: access, ai, authentication, banking, breach, captcha, cloud, compliance, control, cyber, data, deep-fake, encryption, finance, fintech, framework, GDPR, government, healthcare, identity, india, insurance, law, login, malicious, metric, mfa, mitigation, password, privacy, regulation, resilience, risk, service, software, strategy, switch, technology, threat, toolThe State of Digital Trust in 2025 – Consumers Still Shoulder the Responsibility madhav Thu, 03/20/2025 – 04:52 Trust remains the cornerstone of digital interactions, yet its foundations are increasingly fragile in an era of sophisticated cyber threats and evolving consumer expectations. The 2024 Digital Trust Index gave us extremely important insights into the expectations…
-
How CISOs are approaching staffing diversity with DEI initiatives under pressure
by
in SecurityNewsStaffing diversity can help avoid homogenous thinking: Similarly, Sam McMahon, senior manager of IT and security at Valimail, underscores the necessity of representing different backgrounds and mindsets.”In my experience, even small security teams benefit greatly from the variety of perspectives that come with different backgrounds and skill sets,” he says. “We know that the majority…
-
Moving beyond checkbox security for true resilience
by
in SecurityNewsIn this Help Net Security interview, William Booth, director, ATTCK Evaluations at MITRE, discusses how CISOs can integrate regulatory compliance with proactive risk … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/19/william-booth-mitre-proactive-security-measures/
-
7 misconceptions about the CISO role
by
in SecurityNews
Tags: api, attack, breach, business, ceo, ciso, compliance, control, corporate, cyber, cyberattack, cybersecurity, defense, exploit, finance, firewall, governance, infrastructure, insurance, jobs, network, password, phishing, resilience, risk, risk-assessment, risk-management, saas, software, startup, strategy, technology, threat, tool, training, update, vulnerabilityKatie Jenkins, EVP and CISO, Liberty Mutual Insurance Liberty Mutual InsuranceThe field is changing so rapidly, Jenkins adds, she needs to commit time to keeping up on research and connecting with other CISOs for knowledge exchange.In addition to securing infrastructure, an effective CISO focuses on securing the business, experts say. This requires understanding how security…
-
European tech industry coalition calls for ‘radical action’ on digital sovereignty, starting with buying local
by
in SecurityNewsA broad coalition drawn from across the ranks of Europe’s tech industry is calling for >>radical action
-
5 proactive steps towards cyber resilience
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/perspective/five-proactive-steps-towards-cyber-resilience
-
Cybersecurity in Kommunen: Eigeninitiative gefragt
by
in SecurityNews
Tags: awareness, best-practice, ciso, cyber, cybersecurity, cyersecurity, DSGVO, germany, resilienceDeutsche Kommunen erscheinen in Sachen Cybersicherheit eine leichte Beute zu sein.Das cyberintelligence.institute hat in Zusammenarbeit mit dem Cybersicherheitsunternehmen NordPass in einer Studie die kommunale Cybersicherheit in Deutschland aus juristischer und organisatorischer Sicht analysiert. Demnach befinden sich Städte und Gemeinden in einer Zwickmühle.Auf der einen Seite sind die Kommunen der Studie zufolge ein interessantes Ziel. Locken…
-
Salt Typhoon: A Wake-up Call for Critical Infrastructure
by
in SecurityNewsThe Salt Typhoon attacks underscored the need for unity, innovation, and resilience in the face of an increasingly sophisticated cyber-threat landscape. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/salt-typhoon-wake-up-call-critical-infrastructure
-
Australian financial firm hit with lawsuit after massive data breach
by
in SecurityNews
Tags: access, awareness, breach, ciso, cyber, cybersecurity, data, data-breach, finance, firewall, infrastructure, malware, monitoring, network, resilience, risk, risk-management, software, threat, training, updateproperly configuring and monitoring firewalls to protect against cyber-attacksupdating and patching software and operating systems consistently and in a timely mannerproviding regular, mandatory cybersecurity awareness training to staffallocating inadequate human, technological, and financial resources to manage cybersecurity.As a result of those failures, ASIC said in its court filing, “A FIIG employee inadvertently downloaded a .zip…
-
At Ukraine’s major cyber conference, Europe takes center stage over US
by
in SecurityNewsThe 2025 Kyiv International Cyber Resilience Forum looked and sounded different as European governments and cyber companies filled a void left by the Trump administration. First seen on therecord.media Jump to article: therecord.media/kyiv-cyber-conference-europe-center-stage-over-us
-
Continuous Compliance: Automatisierte Compliance für den Finanzsektor
by
in SecurityNewsFinanzunternehmen stehen vor neuen Herausforderungen: Strenge Regulatorik wie die EU-Verordnung DORA (Digital Operational Resilience Act) setzt hohe Standards, um die IT-Sicherheit zu stärken. Doch wie lassen sich diese Anforderungen effizient umsetzen und gleichzeitig die Wettbewerbsfähigkeit steigern? Das EU-Forschungsprojekt »EMERALD« liefert Antworten. EMERALD verfolgt das Ziel, die automatisierte Einhaltung von Compliance-Anforderungen durch innovative Technologien zu… First…
-
Hiring privacy experts is tough, here’s why
by
in SecurityNews
Tags: ai, business, ciso, compliance, cybersecurity, data, framework, jobs, privacy, resilience, skills, technology, trainingWhy it is difficult to hire privacy experts: Finding a highly skilled privacy professional can feel like chasing a unicorn, Kazi describes. “Yes, privacy is important, but they want somebody who’s a lawyer, an expert in technology, knowledgeable about user interface and user experience, and ideally, they know a lot about ethics and are an…
-
The CISO as Business Resilience Architect
by
in SecurityNewsTo truly become indispensable in the boardroom, CISOs need to meet the dual demands of defending against sophisticated adversaries while leading resilience strategies. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/ciso-business-resilience-architect
-
Rubrik expands cyber-resilience capabilities with new security features
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/rubrik-expands-cyber-resilience-capabilities-with-new-security-features
-
UK government under-prepared for catastrophic cyber attack, hears PAC
by
in SecurityNewsThe Commons Public Accounts Committee heard government IT leaders respond to recent National Audit Office findings that the government’s cyber resilience is under par First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366620361/UK-government-under-prepared-for-catastrophic-cyber-attack-hears-PAC
-
15 Prozent der PCs im Gesundheitswesen fallen beim Security-Test durch
by
in SecurityNewsDie Studie »Resilience Obstacles in the Healthcare Industry« untersuchte die Telemetriedaten von über einer Million im Gesundheitswesen eingesetzten PCs. Dabei fanden die Analysten von Absolute Security heraus, dass den Endgeräten viel zu oft stabile Sicherheitsstrukturen fehlen, was Cyberkriminellen buchstäblich Tür und Tor zu den Infrastrukturen im Healthcare-Bereich öffnet. Warum ist das so? Die Resilienz-Studie… First…
-
Digitale Resilienz für Innovationskraft, Wettbewerbsfähigkeit und Zusammenhalt
by
in SecurityNewsDie neue Bundesregierung steht vor vielen Herausforderungen: Wirtschaft stärken, Fachkräfte sichern, gesellschaftliche Spaltung überwinden und digitale Bildung fördern. Doch wie digital ist Deutschland? Antworten gibt die jetzt veröffentlichte Studie D21-Digital-Index 2024/2025. First seen on itsicherheit-online.com Jump to article: www.itsicherheit-online.com/news/security-management/digitale-resilienz-fuer-innovationskraft-wettbewerbsfaehigkeit-und-zusammenhalt/
-
Companies are drowning in high-risk software security debt, and the breach outlook is getting worse
by
in SecurityNewsFlaw prevalence: Leading organizations have flaws in fewer than 43% of applications, while lagging organizations exceed 86%.Fix capacity: Leaders resolve over 10% of flaws monthly, whereas laggards address less than 1%.Fix speed: Top performers remediate half of flaws in five weeks; lower-performing organizations take longer than a year.Security debt prevalence: Less than 17% of applications…