The ever-expanding threat landscape and the continued talent shortage mean defenders increasingly need to be ready with the skilled talent to face the onslaught of cybercriminals who are gaining momentum by employing new tactics, according to Pamela Nigro, ISACA board chair.
As a CISO, your mission is to keep your organization ready to handle rising threats and build a strong security culture, but staying ahead of threat actors and risks can be a challenge.
Understanding the current threat landscape is crucial to preparing for today's most significant risks. To help you stay ahead, "5...
The guilty verdict against Joe Sullivan, former chief security officer of Uber, has generated much discussion about CISO accountability for disclosures of breaches. How should CISOs be preparing to deal with this responsibility? Kirsten Davies, CISO at Unilever, said communication is crucial.
Much of the friction between CISOs and their general counsels, according to Ron Raether, partner at Troutman Pepper, is the result of ignorance. General counsels don't understand the full extent of IT and information security and often pin the blame on the CISOs, who become the scapegoats.
Cybercriminals have been launching attacks against our people, networks, and services for decades with varying success. So, the need to realign our defences to meet the demands of evolving threats is nothing new.
CISOs have faced a broad and varied set of challenges in recent years. Remote environments, increasingly sophisticated threats and expanding supply chains are just some of the many concerns keeping them up at night.
It’s become more and more evident to organizations that new-school security awareness training is an absolute requirement for managing the ongoing problem of social engineering. But how do you develop a program that will deliver the goods without doubling your workload or costing an arm and a leg?
In this episode of "Cybersecurity Unplugged," Craig Box, vice president of open source and community at ARMO, discusses the complexity of using Kubernetes in a hybrid cloud environment, the need to understand "how these moving parts work together" and potential use of Kubernetes with 5G.
How effective are your cybersecurity awareness programs—and do your employees agree?
This central question was the cornerstone of this research project which assessed the efficacy of cybersecurity
awareness programs from both perspectives—the security professional
and the non-security employee.
Governance issues for public sector CISOs tend to focus more on shifting culture rather than maximizing efficiency for shareholders, as is expected from private sector security leaders. City of Phoenix CISO Shannon Lawson shares why good communication is crucial when a city council is involved.
Cyber risk quantification (CRQ) is the measure of an organization’s cyber risk expressed in monetary terms, like dollars. CRQ has many benefits, but few security professionals understand how to implement it.
Join Paul Kelly, former head of risk at HSBC, and Chris Griffith, chief product officer at Balbix, as they...
Tell people not to click a link, pat each other on the back, and ride off into the sunset. If only security awareness training was that simple.
The discipline of security awareness training is chock-full of assumptions and misconceptions. As a side-effect, it is often felt that their programs are ineffective and...
Every industry has unique jargon and buzzwords, and cybersecurity is no different. The challenge faced by IT professionals across the globe is how to engage employees effectively in their role in making better online decisions. Breaking down the technical elements into non-technical elements is not as easy as you...
From SolarWinds to Kaseya, Accellion, Log4j and Okta, third-party security breaches are among the most devastating for organizations affected. Tony Morbin of ISMG dives into the story behind the results of a global survey with Demi Ben-Ari, the co-founder, CTO and head of security at Panorays.