On January 11, 2023, presiding United States District Judge William Orrick in San Francisco denied the motion of Joe Sullivan, the former CISO of Uber, for a judgment of acquittal. The conviction arose from Sullivan’s agreement to pay attackers who breached the security of the online ride-sharing service and obtained personal information about thousands of […]
Most small-to medium-sized business (SMBs) hiring a CISO may be challenging business decision to find a suitable and affordablee candidate and the impacts of cyber breach to the SMBs can be devastating since many of those businesses are unable to sustain the costs of breach. A vCISO can provide the expertise needed to ensure your […]
Compliance services are emerging as one of the hottest areas of cybersecurity. While compliance used to be mainly the province of large enterprises, times have changed, and it is now a day-to-day concern for a growing number of small and medium businesses. Even when these organizations are not regulated, SMEs often aim to follow compliance […]
The research shows the CISO seat to be relatively industry-agnostic—with 84% of CISOs having a career history of working across multiple sectors—with today’s CISOs expected to bring more breadth of leadership to their role as they move away from being technical experts. “Today’s CISOs are taking up the mantle of responsibilities that have traditionally fallen solely […]
Knowledge is power More good news: We know how ransomware “gangs” work and, for the most part, what they’re after. Ransomware is opportunistic and the barriers to entry for operators are relatively low as the tools, infrastructure, and access that enables these attacks have proliferated across various online illicit communities through the ransomware-as-a-service (RaaS) model. […]
A global survey from recruitment firm Marlin Hawk that polled 470 CISOs at organizations with more than 10,000 employees found nearly half (45%) have been in their current role for two years or less. James Larkin, managing partner for Marlin Hawk, said that rate is slightly lower than the previous year when the same survey found 53% […]
The coming new year is a good moment for chief information security officers to reflect upon what they’ve learned this year and how to apply this knowledge going forward. “If companies are not going to learn these lessons and mature their security practices, we will see increased scrutiny in audits and third-party risk assessments, and […]
In this Help Net Security video, Frank Kim, CISO-in-Residence at YL Ventures, discusses the growing role of CISOs in investment firms and how their role as advisors helps drive cybersecurity startups. Frank works closely with cybersecurity startup founders on ideation, product-market-fit, and value realization, on an in-house and regular basis. He provides them with what can […]
As organizations begin to address the risks of an increasingly complex digital landscape, they are recognizing that cybersecurity challenges are compounded by a lack of available talent and skills to mount a necessary defense. The digital skills shortage in the U.S. is at a critical point, highlighting a need for increased investment in workforce training. The […]
Vulnerability management has always been as much art as science. However, the rapid changes in both IT networks and the external threat landscape over the last decade have made it exponentially more difficult to identify and remediate the vulnerabilities with the greatest potential impact on the enterprise. With a record of 18,378 vulnerabilities reported by the […]
Nearly a third of CISOs or IT security leaders in the United States and the United Kingdom are considering leaving their current role, according to research by BlackFog. Of those considering leaving their current role, a third of those would do so within the next six months, according to the survey, which polled more than 500 IT […]
CISOs are working overtime and can’t always switch off from work, according to a recent Tessian report. Recent headlines have shown that security stakes have never been higher, and it’s likely this high level of pressure that’s causing 18% of security leaders to work 25 extra hours a week. That’s double the amount of overtime that they […]
As data breaches’ financial and reputational costs continue to reach new heights, cybersecurity should be on top of mind for leadership across every industry. Recent Proofpoint research found that 65% of board members believe their organization is at risk of material cyber attack in the next 12 months. Worryingly, 47% feel their organization is unprepared to cope […]
Cybersecurity measures are increasingly failing to close gaps, and the healthcare industry, in particular, has become a high-dollar target due to limited budgets and quick ransom pay-offs. In this Help Net Security video, Maureen Kaplan, Chief Revenue Officer at SilverSky, discusses how attackers are now narrowing their focus from larger healthcare systems to smaller hospitals and specialty […]
Not too long ago, the role of chief information security officer was a purely technical position designed to help an organization overcome cybersecurity challenges. Today, however, the CISO role has evolved — growing both in responsibility and stature within a company. The CISO is now a critical member of the executive team, responsible for tying not only […]
DISC InfoSec #InfoSecTools and #InfoSectraining #InfoSecLatestTitles #InfoSecServices Follow DISC #InfoSec blog Ask DISC an InfoSec & compliance related question
The role of the Chief Information Security Officer (CISO) is a relatively new senior-level executive position within most organizations, and is still evolving. To find out how current CISOs landed in that role, their aspirations, the compensation they receive, and which risks they face and responsibilities they shoulder, analysts with international executive search firm Heidrick & Struggles have asked 327 […]
A poor, permanent hire can be a very expensive error, whereas a mis-hire on a virtual CISO can be rapidly corrected. The cybersecurity challenges that companies are facing today are vast, multidimensional, and rapidly changing. Exacerbating the issue is the relentless evolution of threat actors and their ability to outmaneuver security controls effortlessly. As technology […]
The CISO MindMap (with Rafeeq Rehman) This episode features Rafeeq Rehman. He discusses the need for a CISO Mindmap and 6 Focus Areas for 2022-2023: 1. Re-evaluate ransomware defenses, detection and response capabilities, perform a business impact analysis and identify critical processes, applications and data. 2. Reduce/consolidate security tools/technologies and vendors. More tools don’t necessarily reduce risk […]
“Wise is not the one who knows all the answers but the one who knows what questions to ask” More than an article, this is a conversation starter for the CISO and his/her team: What are your answers for this list of essential question that any information security department must deal with? Obviously there are […]
