Archive for the ‘vCISO’ Category

7 threat detection challenges CISOs face and what they can do about it

Security operations (SecOps) teams continue to be under a constant deluge of new attacks and malware variants. In fact, according to recent research, there were over 170 million new malware variants in 2021 alone. As a result, the burden on CISOs and their teams to identify and stop these new threats has never been higher. But in […]

Leave a Comment

The CISO as brand enabler, customer advocate, and product visionary

Just over a quarter-century ago, the first Chief Information Security Officer (CISO) was minted in the financial vertical, and everyone lived happily ever after. The End. If only this story was that simple and straightforward! The CISO role has never been cut-and-dry. Despite its longevity, this role is still in its adolescence – full of promise, mostly […]

Leave a Comment

CISO mind map

Rafeeq Rehman CISO MindMap 2021: What do InfoSec professionals really do?  The CISO Evolution: Business Knowledge for Cybersecurity Executives

Leave a Comment

How the CISO has adapted to protect the hybrid workforce

Many organisations have been considering a network transformation initiative to support the adoption of SaaS, cloud-based applications, and an increasingly remote workforce. Given the connectivity needs of a remote workforce – and knowing a hybrid workforce is here to stay – many IT teams have had to make sudden changes in the way workers connect […]

Leave a Comment

CISO guide to bolstering cyber defenses

Why CIOs Should Report to CISOs – If the CISO is responsible for the security of the organization, then that same person also should be responsible for both security and IT infrastructure. CISO Desk Reference Guide: A Practical Guide for CISOs

Leave a Comment

A CISO’s guide to discussing cybersecurity with the board

To get the assets needed for CISOs to properly do their jobs, business leaders need to invest time, attention, and money in cybersecurity. Here are helpful ways that CISOs can discuss cybersecurity with their C-suite and board members. Work your way to the table As a newer role within organizations, CISOs may not yet be […]

Leave a Comment

vCISO as a service

Virtual CISO

Leave a Comment

Most CIOs and CISOs underestimate the risk of an OT breach

“Not only do enterprises rely on OT, the public at large relies on this technology for vital services including energy and water. Unfortunately, cybercriminals are all too aware that critical infrastructure security is generally weak. As a result, threat actors believe ransomware attacks on OT are highly likely to pay off,” said Skybox Security CEO Gidi Cohen. “Just as evil […]

Leave a Comment

A ransomware reality check for CISOs

The dilemmas organizations must deal with are dizzying: To pay a ransom or not? Will cyber insurance provide adequate shelter? What’s the role of government? Are new mandates and penalties on the horizon? How are adversaries evolving their tactics? To make sense of it all, let’s first focus on the adversaries and their playbook. Cyber […]

Leave a Comment

CISO Interview Series: Investing in Frameworks, Humans, and Your Technical Skills

The journey for someone to the role of Chief Information Security Officer (CISO) isn’t often straightforward. Take Sandy Dunn, for example. Per SailPoint, Sandy started as a paper delivery kid at 10 years old. She then worked her way through software sales, insurance, and even horses before becoming the CISO of a health insurance provider in Idaho. All […]

Leave a Comment

Questions that help CISOs and boards have each other’s back

The ransomware threat posed by organized crime groups is considerable, and its impact can be devastating and threaten the entire business. This makes it imperative for boards to ensure the company has taken necessary cybersecurity precautions to resist the threat. Additionally, executives have seen the value of efficient infosec firsthand over the last eighteen months. […]

Leave a Comment

CISO implementation guide: 10 ways to ensure a cybersecurity partnership will work

Capitalizing on the urgency companies have to launch new digital businesses, cybersecurity vendors create partnerships to close product gaps quickly. An understanding of how the new alliances can deliver results must be part of every CISO’s purchasing decision process. But partnerships can be something of a slippery slope. Today, CISOs face the conflicting problem of […]

Leave a Comment

Certified Information Systems Security Professional (CISSP) training course

Certified Information Systems Security Professional (CISSP) training course If you’re building a career in information security the Certified Information Systems Security Professional (CISSP) is the must-have qualification to help you progress. It is a globally recognized standard that demonstrates your competence as an IT professional. This course will prepare you with the knowledge and skills […]

Comments (1)

The evolution of the modern CISO

The modern CISO The role of CISO first emerged as organizations embraced digital revolutions and began relying on new data streams to help inform business decisions. As technology continued to advance and became more complex, so too did threat actors who saw new opportunities to disrupt businesses, by stealing or holding that data hostage for […]

Leave a Comment

ISO 27002 major revision

ISO is shaking up the familiar structure of the ISO 27001/27002 control framework after over 20 years of stability.  Originally published as British Standard BS 7799 Part 1 and 2 in the late 1990s, adopted as the ISO 17799 standard in 2000, and then renumbered as ISO 27001/27002, the name has changed a few times […]

Comments (1)

With ISO27001 how you should choose the controls needed to manage the risks

Introduction and Background As required by ISO27001 the risks identified in the risk assessment need to be ones that if they happened would result in the loss of Confidentiality Integrity and/or Availability (CIA) of information in the scope of the ISMS. As also required by ISO27001 those controls that are necessary to modify each risk […]

Comments (1)

Five signs a virtual CISO makes sense for your organization

Here are five signs that a virtual CISO may be right for your organization. 1. You have a lot to protect Companies produce more data than ever, and keeping track of it all is the first step to securing it. A virtual CISO can identify what data needs to be protected and determine the negative […]

Leave a Comment

Boards: 5 Things about Cyber Risk Your CISO Isn’t Telling You

As Jack Jones, co-founder of RiskLens, tells the story, he started down the road to creating the FAIR™ model for cyber risk quantification because of “two questions and two lame answers.” As CISO at Nationwide insurance, he presented his pitch for cybersecurity investment and was asked: “How much risk do we have?” “How much less […]

Leave a Comment

Steps to implement ISMS (ISO 27001)

Download pdf: Steps to implement ISMS Distance Learning Training Courses

Comments (1)

6 free cybersecurity tools CISOs need to know about

6 free cybersecurity tools for 2021 1: Infection Monkey Infection Monkey is an open source Breach and Attack Simulation tool that lets you test the resilience of private and public cloud environments to post-breach attacks and lateral movement, using a range of RCE exploiters. Infection Monkey was created by Israeli cybersecurity firm Guardicore to test its […]

Leave a Comment