Archive for the ‘vCISO’ Category

Former Uber CISO Conviction Affirmed by Trial Court

On January 11, 2023, presiding United States District Judge William Orrick in San Francisco denied the motion of Joe Sullivan, the former CISO of Uber, for a judgment of acquittal. The conviction arose from Sullivan’s agreement to pay attackers who breached the security of the online ride-sharing service and obtained personal information about thousands of […]

Leave a Comment

vCISO Services – value added benefits of vCISO

Most small-to medium-sized business (SMBs) hiring a CISO may be challenging business decision to find a suitable and affordablee candidate and the impacts of cyber breach to the SMBs can be devastating since many of those businesses are unable to sustain the costs of breach. A vCISO can provide the expertise needed to ensure your […]

Leave a Comment

How virtual CISOs can efficiently extend their services into compliance readiness

Compliance services are emerging as one of the hottest areas of cybersecurity. While compliance used to be mainly the province of large enterprises, times have changed, and it is now a day-to-day concern for a growing number of small and medium businesses. Even when these organizations are not regulated, SMEs often aim to follow compliance […]

Leave a Comment

CISO roles continue to expand beyond technical expertise

The research shows the CISO seat to be relatively industry-agnostic—with 84% of CISOs having a career history of working across multiple sectors—with today’s CISOs expected to bring more breadth of leadership to their role as they move away from being technical experts. “Today’s CISOs are taking up the mantle of responsibilities that have traditionally fallen solely […]

Leave a Comment

Preventing a ransomware attack with intelligence: Strategies for CISOs

Knowledge is power More good news: We know how ransomware “gangs” work and, for the most part, what they’re after. Ransomware is opportunistic and the barriers to entry for operators are relatively low as the tools, infrastructure, and access that enables these attacks have proliferated across various online illicit communities through the ransomware-as-a-service (RaaS) model. […]

Leave a Comment

Survey Reveals Limits of CISOs’ Management Experience

A global survey from recruitment firm Marlin Hawk that polled 470 CISOs at organizations with more than 10,000 employees found nearly half (45%) have been in their current role for two years or less. James Larkin, managing partner for Marlin Hawk, said that rate is slightly lower than the previous year when the same survey found 53% […]

Leave a Comment

14 lessons CISOs learned in 2022

The coming new year is a good moment for chief information security officers to reflect upon what they’ve learned this year and how to apply this knowledge going forward. “If companies are not going to learn these lessons and mature their security practices, we will see increased scrutiny in audits and third-party risk assessments, and […]

Leave a Comment

CISOs in investment firms help fast-track cybersecurity startups

In this Help Net Security video, Frank Kim, CISO-in-Residence at YL Ventures, discusses the growing role of CISOs in investment firms and how their role as advisors helps drive cybersecurity startups. Frank works closely with cybersecurity startup founders on ideation, product-market-fit, and value realization, on an in-house and regular basis. He provides them with what can […]

Leave a Comment

Strategies for closing the cybersecurity skills & leadership gap

As organizations begin to address the risks of an increasingly complex digital landscape, they are recognizing that cybersecurity challenges are compounded by a lack of available talent and skills to mount a necessary defense. The digital skills shortage in the U.S. is at a critical point, highlighting a need for increased investment in workforce training. The […]

Leave a Comment

How can CISOs catch up with the security demands of their ever-growing networks?

Vulnerability management has always been as much art as science. However, the rapid changes in both IT networks and the external threat landscape over the last decade have made it exponentially more difficult to identify and remediate the vulnerabilities with the greatest potential impact on the enterprise. With a record of 18,378 vulnerabilities reported by the […]

Leave a Comment

CISOs, Security Leaders Eyeing Other Job Options

Nearly a third of CISOs or IT security leaders in the United States and the United Kingdom are considering leaving their current role, according to research by BlackFog. Of those considering leaving their current role, a third of those would do so within the next six months, according to the survey, which polled more than 500 IT […]

Leave a Comment

How to deal with burnout when you’re the CISO

CISOs are working overtime and can’t always switch off from work, according to a recent Tessian report. Recent headlines have shown that security stakes have never been higher, and it’s likely this high level of pressure that’s causing 18% of security leaders to work 25 extra hours a week. That’s double the amount of overtime that they […]

Leave a Comment

Want to be a CISO? Being technical is just one of the requirements

As data breaches’ financial and reputational costs continue to reach new heights, cybersecurity should be on top of mind for leadership across every industry. Recent Proofpoint research found that 65% of board members believe their organization is at risk of material cyber attack in the next 12 months. Worryingly, 47% feel their organization is unprepared to cope […]

Leave a Comment

Cost-effective steps healthcare CISOs can take to mitigate damaging attacks

Cybersecurity measures are increasingly failing to close gaps, and the healthcare industry, in particular, has become a high-dollar target due to limited budgets and quick ransom pay-offs. In this Help Net Security video, Maureen Kaplan, Chief Revenue Officer at SilverSky, discusses how attackers are now narrowing their focus from larger healthcare systems to smaller hospitals and specialty […]

Leave a Comment

6 Things Every CISO Should Do the First 90 Days on the Job

Not too long ago, the role of chief information security officer was a purely technical position designed to help an organization overcome cybersecurity challenges. Today, however, the CISO role has evolved â€” growing both in responsibility and stature within a company. The CISO is now a critical member of the executive team, responsible for tying not only […]

Leave a Comment

IMPLEMENT ISO 27001 AND ISO 22301 EFFORTLESSLY

DISC InfoSec #InfoSecTools and #InfoSectraining #InfoSecLatestTitles #InfoSecServices Follow DISC #InfoSec blog Ask DISC an InfoSec & compliance related question

Comments (1)

US-based CISOs get nearly $1 million per year

The role of the Chief Information Security Officer (CISO) is a relatively new senior-level executive position within most organizations, and is still evolving. To find out how current CISOs landed in that role, their aspirations, the compensation they receive, and which risks they face and responsibilities they shoulder, analysts with international executive search firm Heidrick & Struggles have asked 327 […]

Leave a Comment

Virtual CISOs Are the Best Defense Against Accelerating Cyber-Risks

A poor, permanent hire can be a very expensive error, whereas a mis-hire on a virtual CISO can be rapidly corrected. The cybersecurity challenges that companies are facing today are vast, multidimensional, and rapidly changing. Exacerbating the issue is the relentless evolution of threat actors and their ability to outmaneuver security controls effortlessly. As technology […]

Leave a Comment

The CISO MindMap

The CISO MindMap (with Rafeeq Rehman) This episode features Rafeeq Rehman.  He discusses the need for a CISO Mindmap and 6 Focus Areas for 2022-2023: 1.  Re-evaluate ransomware defenses, detection and response capabilities, perform a business impact analysis and identify critical processes, applications and data. 2.  Reduce/consolidate security tools/technologies and vendors. More tools don’t necessarily reduce risk […]

Leave a Comment

Questions a CISO should be able to answer

“Wise is not the one who knows all the answers but the one who knows what questions to ask” More than an article, this is a conversation starter for the CISO and his/her team: What are your answers for this list of essential question that any information security department must deal with? Obviously there are […]

Leave a Comment