Infosecurity News
CISO Confidence in AI Security Grows as GenAI Adoption Rises
Nearly six out of ten surveyed ClubCISO members are confident AI is used securely in their organizations
Cyber Security News
Top 10 Best Managed Service Providers (MSP) for CISO, CTO & IT Managers - 2024
Best MSP for CISO, CTO & IT Managers - 1. Perimeter 812. Secureworks 3. IBM 4. Trustwave 5. Wipro 6. Verizon 7. Sophos 8. Symantec.
DarkReading
Scammers Fake DocuSign Templates to Blackmail & Steal From Companies
Cybercriminals are trafficking DocuSign assets that allow for easy extortion and business email compromise.
The Cyber Express
The Cybersecurity Guardians: Meet the Top 30 cybersecurity Influencers to Follow in 2024
The ever-evolving landscape of cybersecurity is shaped by a dedicated group of individuals. These pioneers, through their research, entrepreneurship, and
Infosecurity News
A Third of CISOs Have Been Dismissed “Out of Hand” By the Board
Trend Micro research claims CISOs are often ignored or dismissed as “nagging” by their board
DarkReading
Microsoft Windows DWM Zero-Day Poised for Mass Exploit
CVE-2024-30051 is the most concerning out of this month's Patch Tuesday offerings, and is already under active exploit by several QakBot actors.
DarkReading
As the FBI Closes In, Scattered Spider Attacks Finance, Insurance Orgs
Scattered Spider is as active as ever, despite authorities claiming that they're close to nailing its members.
The Cyber Express
The Cyber Express Sets the Stage to Host World CyberCon META Edition 2024 in Dubai
This May, the heartbeat of the cybersecurity industry will resonate through Dubai, where The Cyber Express is set to host
CyberSecurity Dive
Cyber pros weigh an intel-sharing quandary: What to share when attacks hit close to home
The detail and speed with which companies share information after an attack can prevent future pain. But businesses aren’t always keen on transparency.
DarkReading
Is CISA's Secure by Design Pledge Toothless?
CISA's agreement is voluntary and, frankly, basic. Signatories say that's a good thing.
Security Magazine
25% of CISOs in tech are not satisfied with their compensation
A report detailing tech CISO compensation, mobility and job position satisfaction shows that a quarter of CISOs are unhappy with their compensation.
CyberSecurity Dive
Officials see a real change in Microsoft’s security plans: financial accountability
CISA Director Jen Easterly pointed to Microsoft’s decision to link security to executive compensation as a meaningful signal of its priorities.
The Record
Okta’s security chief on the company’s own cyberattack and how the ‘battleground’ has shifted
Okta Chief Security Officer David Bradbury discusses lessons from the incident, how nation-state threats are evolving, and how AI is already influencing identity-based attacks.
Infosecurity News
Why Cybersecurity Professionals Have a Duty to Secure AI
Experts at the RSA Conference urged cyber professionals to lead the way in securing AI systems today and pave the way for AI to solve huge societal challenges
Infosecurity News
RSAC: How CISOs Should Protect Themselves Against Indictments
Experts at the RSA Conference discussed what CISOs can do to protect themselves against legal pressure
The Hacker News
New Guide: How to Scale Your vCISO Services Profitably
Looking to grow your MSP business? Consider offering vCISO services to meet the critical needs of SMEs. It’s a game changer for recurring revenue and
CyberSecurity Dive
CISA explains why it doesn’t call out tech vendors by name
Federal officials rarely criticize tech companies when their mistakes result in attacks. The stinging conclusions CSRB levied at Microsoft are an exception, not the norm.
Infosecurity News
Three Strategies to Boost Open-Source Security
Experts at the RSA Conference discussed how governments, the open-source community and end users can work together to drastically improve the security of open-source software
DarkReading
CISOs Are Worried About Their Jobs & Dissatisfied With Their Incomes
The research shows a significant drop in the number of tech CISOs that got a base salary increase in the past year — roughly 18% year over year.
DarkReading
Microsoft Will Hold Execs Accountable for Cybersecurity
At least a portion of executive compensation going forward will be tied to meeting security goals and metrics.
Infosecurity News
Stephen Khan Receives Infosecurity Europe Hall of Fame Award
The award recognises Khan's outstanding contributions to the field and his role in shaping the cybersecurity industry
Infosecurity News
A Third of Tech CISOs Are Unhappy With Their Income
New IANS Research data finds many tech CISOs are concerned about their compensation as salaries stagnate
DarkReading
What's the Future Path for CISOs?
A panel of former CISOs will lead the closing session of this week's RSA Conference to discuss challenges and opportunities.
Infosecurity News
Three Battle-Tested Tips for Surviving a Cyber-Attack
CISOs share their experience of managing real-life cyber incidents provide their recommendations to survive cyber-attacks
CSO
Google launches Google Threat Intelligence at RSA Conference
The new addition to Google Cloud Security is designed to give security teams information to inform approaches to protecting against external threats, managing attack surfaces, and mitigating digital risks.
DarkReading
LLMs & Malicious Code Injections: 'We Have to Assume It's Coming'
Large language models promise to enhance secure software development life cycles, but there are unintended risks as well, CISO warns at RSAC.
.png)
Cyber Security News
Internal Communication Gaps Exposes Organizations to Cyber Attacks
However, a significant communication gap within organizations is increasingly a vulnerability, exposing to sophisticated cyber threats.
SC Magazine
RSAC 2024: How to use AI without getting in trouble
For more real-time RSAC coverage from SC Media please visit here.
DarkReading
CISO Corner: Verizon DBIR Lessons; Workplace Microaggression; Shadow APIs
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: a Tech Tip on setting up DMARC, a DNS mystery from Muddling Meerkat, and a cybersecurity checklist for M&A transitions.
DarkReading
GAO: NASA Faces 'Inconsistent' Cybersecurity Across Spacecraft
The space agency needs to implement stricter policies and standards when it comes to its cybersecurity practices, but doing so the wrong way would put machinery at risk, a federal review found.
SecurityWeek
Microsoft Overhauls Cybersecurity Strategy After Scathing CSRB Report
Microsoft security chief Charlie Bell pledges significant reforms and a strategic shift to put security above all other product features.
CyberSecurity Dive
Microsoft restructures security governance, aligning deputy CISOs and engineering teams
The company will enhance management roles under the CISO and partially tie compensation to security performance.
Security Magazine
Verizon 2024 Data Breach Report shows the risk of the human element
The 2024 Data Breach Investigations Report reveals the role that the human element plays in cyber threats, and security leaders are weighing in.
CSO
Microsoft continues to add, shuffle security execs in the wake of security incidents
The company has appointed new product security chiefs as well as a customer-facing CISO as it continues to respond to high-profile attacks on its products and own network.
Infosecurity News
Three-Quarters of CISOs Admit App Security Incidents
Dynatrace research claims global CISOs are concerned AI is driving advanced app security threats and poor developer practices
SecurityWeek
CISO Conversations: Talking Cybersecurity With LinkedIn's Geoff Belknap and Meta's Guy Rosen
SecurityWeek discusses cybersecurity leadership with Geoff Belknap, CISO at LinkedIn, and Guy Rosen, CISO at Facebook parent company Meta.
DarkReading
Verizon DBIR: Basic Security Gaffes Cause Breach Surge
MOVEit drove a big chunk of the increase, but social engineering and failure to patch led to a doubling of data breaches since 2023, said Verizon Business.
Security Magazine
Security’s Top 5 – March 2024
In this edition of Security’s Top 5 from Security magazine, we showcase the top stories and new developments from across the security industry throughout March.
CyberSecurity Dive
At Microsoft, years of security debt come crashing down
Critics say negligence, misguided investments and hubris have left the enterprise giant on its back foot.
SecurityWeek
Should Cybersecurity Leadership Finally be Professionalized?
Professionalization could be a solution to the increased cybersecurity risk for corporate and national security; and the mental health and even physical liberty of CISOs. But it’s not easy.
DarkReading
Philippines Pummeled by Cyberattacks & Misinformation Tied to China
Volume of malicious cyber activity against the Philippines quadrupled in the first quarter of 2024 compared to the same period in 2023.
SC Magazine
Ten years of Heartbleed: Lessons learned
A look back at the Heartbleed bug and measuring its’ legacy, impact and how some view one of cybersecurity’s biggest headaches as an important learning moment.
The Record
Standard Chartered CEO on why cybersecurity has become a 'disproportionately huge topic' at board meetings
The CEO of one of the largest banks in the world discusses cryptocurrency and artificial intelligence, as well as how he's been able to influence cybersecurity culture.
The Cyber Express
TCE Cyberwatch: From Ransomware to Deepfakes, This Week’s Top Cybersecurity Threats
This week's TCE Cyberwatch delves into a range of pressing cybersecurity issues impacting the world today. From the rise of
DarkReading
CISO Corner: Evil SBOMs; Zero-Trust Pioneer Slams Cloud Security
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: security license mandates; a move to four-day remediation requirements; lessons on OWASP for LLMs.
CyberSecurity Dive
What is success in cybersecurity? Failing less.
Defenders aren’t measured by pure wins or losses. Intrusions will happen, and their job is to keep a bad situation from getting worse.
Infosecurity News
Leeds Talent Pool Attracts BlueVoyant’s First UK SOC
The proximity of organizations’ headquarters, like Asda’s and NHS England’s, prompted BlueVoyant to choose Leeds as the location for its first UK SOC
The Cyber Express
Dinesh Kumar Shrimali Takes on Dual Role as CISO and DPO at Tata Steel
Dinesh Kumar Shrimali has become the Chief Information Security Officer (CISO) and Data Protection Officer (DPO) of Tata Steel Ltd.,
The Cyber Express
AHAD Appoints New CISO to Elevate Cybersecurity Offerings in META & APAC
AHAD, a cybersecurity, digital transformation, and risk management company, has announced the appointment of Somnath Sarkar as its Chief Information
The Cyber Express
PayPal Appoints Shaun Khalfan as Chief Information Security Officer
In today's digital age, where data breaches and cyber threats loom large, the role of Chief Information Security Officer (CISO)
CyberSecurity Dive
Cyber insurance gaps stick firms with millions in uncovered losses
A CYE analysis of 101 breaches across various sectors revealed insurance gaps resulting in an average of $27.3 million in uncovered losses per incident.
CyberSecurity Dive
Majority of businesses worldwide are implementing zero trust, Gartner finds
Programs are typically sponsored by C-suite executives, while the CISO is often tasked with execution, according to Gartner.
CyberSecurity Dive
Preparing for CISA’s Secure Software Development Attestation and PCI compliance updates with ASPM
With increased expectations and a prime position in the spotlight, AppSec teams need reliable tools that can act as a force multiplier for their AppSec programs.
The Cyber Express
TCE Cyberwatch: A Look at This Week’s Top Cybersecurity Incidents
The digital landscape continues to be a battleground, with cyber threats evolving and attackers targeting an ever-wider range of victims.
DarkReading
CISO Corner: Breaking Staff Burnout, GPT-4 Exploits, Rebalancing NIST
SecOps highlights this week include the executive role in "cyber readiness;" Cisco's Hypershield promise; and Middle East cyber ops heat up.
The Cyber Express
Bill Dunnion Appointed as New CISO of Mitel to Lead Security Enhancements
Mitel, a leading provider of business communications solutions worldwide, has announced the appointment of Bill Dunnion as its new Chief
DarkReading
Break Security Burnout: Combining Leadership With Neuroscience
Industry leaders aim to solve the threat to both the mental health of workers and security of organizations with solutions that recognize the enormous pressures facing cybersecurity professionals.
SecurityWeek
Miggo Security Gets $7.5 Million Seed Funding to Build ADR Technology
YL Ventures leads a seed funding round for Miggo Security, a Tel Aviv startup working on application detection and response technology.
The Cyber Express
Cybersecurity Veteran Kim Larsen Appointed CISO of Keepit
Keepit, a global leader in SaaS data backup and recovery, has announced the appointment of Kim Larsen as its new
Infosecurity News
Report Suggests 93% of Breaches Lead to Downtime and Data Loss
According to Pentera, firms are allocating 13% of their total IT security budgets to pentesting
The Cyber Express
Benjamin Ambrose Appointed as Chief Information Security Officer at NPCI
In a strategic move aimed at fortifying cybersecurity measures in India's burgeoning digital payments landscape, Benjamin Ambrose assumes the role
Cyber Security News
Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)
The weekly cybersecurity news wrap-up provides readers with the latest information on emerging risks, vulnerabilities, ways to reduce them, and harmful schemes to help make defensive measures proactive.
DarkReading
CISO Corner: AI Supply Chain; AI Security Platforms; Cyber Awareness
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: facing hard truths in software security, and the latest guidance from NSA.
SecurityWeek
Wiz Acquires Gem Security, Pushes Security Tools Consolidation
Financial terms of the translation were not disclosed but reports out of Tel Aviv valued the deal in the range of $350 million.
Infosecurity News
CISA Urges Immediate Credential Reset After Sisense Breach
The breach affecting business analytics provider Sisense could lead to a wide-scale supply chain attack
CSO
ISC2 study pegs average US cybersecurity salary at $147K, up from $119K in 2021
Gender and ethnicity gaps persist, but female executives and middle managers earned more on average than male counterparts, according to the survey.
The Record
Sisense customers seek answers after breach announcement
“I was hoping for a more informative notification message than basically ‘reset your passwords,’” one Sisense customer said.
CSO
Customers of Sisense data analytics service urged to change credentials
Sisense customers told to update credentials following a compromise that is under investigation.
Bleeping Computer
CISA says Sisense hack impacts critical infrastructure orgs
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is investigating the recent breach of data analytics company Sisense, an incident that also impacted critical infrastructure organizations.
SC Magazine
Sisense customers told to reset credentials amid supply chain attack fears
While details of the breach are limited, CISA sends alert after security researchers discover compromise.
Krebs on Security
Why CISA is Warning CISOs About a Breach at Sisense
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense, whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard.…
The Hacker News
Hands-on Review: Cynomi AI-powered vCISO Platform
Need to scale vCISO services without draining your resources? Cynomi's AI-driven platform automates security assessments, compliance readiness, policy
CyberSecurity Dive
CISO role shows significant gains amid corporate recognition of cyber risk
A report from Moody’s Ratings shows CISOs and other senior-level cyber executives have become key decision makers within the C-suite.
SecurityWeek
CISO Conversations: Nick McKenzie (Bugcrowd) and Chris Evans (HackerOne)
SecurityWeek discusses the CISO role with CISOs from crowdsourced hacking firms: Nick McKenzie at Bugcrowd and Chris Evans at HackerOne.
Infosecurity News
Why Identity Management is Key in a Cyber Resilience Strategy
For the fourth edition of Identity Management Day, the Identity Defined Security Alliance shared staggering numbers on the boom of identity-related cyber incidents
The Cyber Express
Leveraging Defensive AI to Safeguard Organizations against Data Corruption
by Vaibhav Tare, Chief Information Security Officer, Fulcrum Digital Dependency on data has vastly increased in recent years, amidst accelerated
DarkReading
Software-Defined Vehicle Fleets Face a Twisty Road on Cybersecurity
As manufacturers sprint to add software-defined features for vehicles, the ability for third-party maintenance and repair falls behind, leaving businesses with few choices to manage their cybersecurity.
The Record
‘They’re lying’: Palau denies claims by ransomware gang over recent cyberattack
The government of Palau denied several new claims by a ransomware gang that the two sides were in contact following an attack last month.
The Cyber Express
Inclusivity Matters: CISO Saloni Vijay’s Insights on Women in Cybersecurity and Leadership
In the dynamic arena of cybersecurity, few figures resonate as profoundly as Saloni Vijay, the Vice President and Chief Information
DarkReading
CISO Corner: Ivanti's Mea Culpa; World Cup Hack; CISOs & Cyber-Awareness
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: Dealing with a Ramadan cyber spike; funding Internet security; and Microsoft's Azure AI changes.
The Hacker News
CISO Perspectives on Complying with Cybersecurity Regulations
Navigating cybersecurity compliance just got easier. Our latest blog taps into the wisdom of CISOs to share strategies for managing data security requ
Infosecurity News
Jackson County IT Systems Hit By Ransomware Attack
A state of emergency was declared, caused by operational inconsistencies across digital infrastructure
SecurityWeek
Microsoft's Security Chickens Have Come Home to Roost
SecurityWeek editor-at-large Ryan Naraine says findings of CSRB report on China's hack of Microsoft’s Exchange Online are no surprise.
The Record
‘An attack on the reputation of Palau’: officials question who was really behind ransomware incident
The cybercriminals supposedly behind a cyberattack on the island nation left notes but never followed up. So who carried it out — and why?
Cyber Security News
Aembit Selected as Finalist for RSA Conference 2024 Innovation Sandbox Contest
The Leading Company for Securing Access Between Workloads Recognized for the Aembit Workload IAM Platform Aembit, the Workload Identity and Access Management (IAM) Company, has been named one of the Top 10 Finalists for the RSA Conference™ 2024 Innovation Sandbox contest for its platform that manages and secures access between critical software resources, like applications […]
HACKRead
Aembit Selected as Finalist for RSA Conference 2024 Innovation Sandbox Contest
Silver Spring, United States / Maryland, April 3rd, 2024, CyberNewsWire
SecurityWeek
Heartbleed is 10 Years Old – Farewell Heartbleed, Hello QuantumBleed!
Quantum decryption will make all certificates and everything else using RSA encryption vulnerable to everyone.
CyberSecurity Dive
What’s missing for SMBs? A solid cybersecurity culture
Small businesses can be especially vulnerable to cyberattacks because of their limited resources, and few have employees on staff who truly understand the value of secure business operations.
DarkReading
CISO Corner: Cyber-Pro Swindle; New Faces of Risk; Cyber Boosts Valuation
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: Australia gets its cyber-groove back, and 2023's zero-day field day.
The Cyber Wire
Reflections on Women's History Month 2024.
Just as we started off the month celebrating International Women's Day with our Thoughts on International Women's Day 2024 article, we are topping off March with this Reflections on Women's History Month piece sharing quotes from women in the industry offering advice and words of wisdom. Please enjoy these words from women in our industry as we all work to inspire inclusion in the work we do.
SecurityWeek
The Complexity and Need to Manage Mental Well-Being in the Security Team
Avoiding burnout in cybersecurity: Mental well-being is essential but is under constant threat from stress in the cybersecurity profession.
CyberSecurity Dive
Boards need to brush up on cybersecurity governance, survey finds
SEC cyber disclosure rules are calling attention to corporate boards’ need to enhance their approach to cybersecurity oversight and compliance.
DarkReading
Corporations With Cyber Governance Create 4X More Value
Those with special committees that include a cyber expert rather than relying on the full board more likely to improve security and financial performance.
The Hacker News
New Webinar: Avoiding Application Security Blind Spots with OPSWAT and F5
oin us for an exclusive webinar with experts from F5 DevCentral, OPSWAT, and THN. Dive deep into the current security landscape, compliance, threat de
CyberSecurity Dive
How CISO salaries are faring as businesses ask more of security
As CISOs become more welcomed as full members of the C-suite, they are enjoying the compensation and perks that come with the status.
CSO
Report suggests cybersecurity investment, board involvement linked to better shareholder returns
The study by Diligent and Bitsight points to advanced security and strong risk or audit committees as good predictors of an enterprise’s financial success.
Security Affairs
The DDR Advantage: Real-Time Data Defense
This is the advantage of Data Detection and Response (DDR) for organizations aiming to build a real-time data defense.
SecurityWeek
Organizations Informed of 10 Vulnerabilities in Rockwell Automation Products
In the past week Rockwell Automation addressed 10 vulnerabilities found in its FactoryTalk, PowerFlex and Arena Simulation products.
DarkReading
Australian Government Doubles Down On Cybersecurity in Wake of Major Attacks
Government proposes more modern and comprehensive cybersecurity regulations for businesses, government, and critical infrastructures providers Down Under.
SecurityWeek
UK Firm Think Cyber Raises $3.8 Million for Staff Security Nudging
Think Cyber focuses on reducing "bad" staff behavior with a solution designed to increase secure behavior through the concept of ‘nudging’.
Loading more articles....