Articles about CISO

Today’s digital-first economy has transformed the role of the modern CISO, increasing threats and changing security priorities. New research from Salt Security shows that 89 percent of CISOs report that the rapid deployment of digital services has generated unforeseen risks to securing critical business data.

The study of 300 CSOs and CISOs around the world reveals the top risk as being personal liability and litigation resulting from security breaches, with 48 percent of CISOs citing that challenge.

Continue reading →

The latest Security Maturity Report, published today by ClubCISO, shows 76 percent of CISOs reported no material breaches over the past year, up from 68 percent in 2022.

Despite the difficult economic climate, heightened global tensions and the onset of new technology making cybercrime easier, 60 percent of those surveyed say that no material cyber security incident had occurred in their organization over the past 12 months.

Continue reading →

The Great Resignation and tech layoffs have pushed staff turnover to an all-time high. And with every personnel change, years of institutional knowledge are lost in the transition. That information can be critically important for security executives, like CISOs, who must be the ultimate stewards of organizational security across an ever-changing attack surface.

Organizational environments today are increasingly complex and constantly evolving, making it challenging to understand exactly what is at risk at any given moment. For CISOs joining an organization, it is vital to understand exactly what is on their environment to effectively secure it.

Continue reading →

In 2023, Chief Information Security Officer (CISO) continues to be an important role with a broad reach for securing every aspect of a business, their people and systems. The security team reporting to the CISO is responsible for protecting thousands of IT devices and systems dispersed across broad geographic areas from attackers who also may be anywhere on the planet. Additionally, modern infrastructures are dependent on sophisticated security technologies to monitor traffic and distinguish between normal, everyday activities and potentially malicious activity due to the ongoing threat of attacks.

The security information and event management (SIEM) tool is one of the security team’s most crucial. With a large market of SIEM vendors, the type of SIEM that CISOs decide to deploy is highly flexible and must be aligned to the business that the CISO protects. It’s important for CISOs to fully evaluate the business and their unique goals to develop the criteria they need in a SIEM.

Continue reading →

According to a new study, 86 percent of software developers and AppSec managers surveyed have or know someone who has knowingly deployed vulnerable code.

What's more the study from Checkmarx shows 88 percent of AppSec managers surveyed have experienced at least one breach in the last year as a direct result of vulnerable application code.

Continue reading →

As a report last year showed, the change to working habits over the last few years has gone hand-in-hand with a rise in the theft of data.

We spoke to Cyberhaven CSO, Chris Hodson, to find out how enterprise CISOs can meet this challenge and keep their data safe.

Continue reading →

Although more than 70 percent of companies say they have an insider risk management (IRM) program in place, the same companies experienced a year-on-year increase in data loss incidents of 32 percent, according to a new report from Code42 Software.

Based on a survey of 700 cybersecurity leaders, cybersecurity managers and cybersecurity practitioners in the US, conducted by Vanson Bourne, the report shows 71 percent expect data loss from insider events to increase in the next 12 months.

Continue reading →

A new survey of over a thousand CISOs from large enterprises in the US and UK, finds that 93 percent are concerned about dark web threats and 72 percent believe that intelligence on cybercriminals is critical to defending their organization.

The report from Searchlight Cyber looks at how CISOs are gathering data from the dark web to improve their security posture.

Continue reading →

A new study from extended detection and response platform Cynet finds 94 percent of CISOs in small to mid-sized companies report being stressed at work.

What's more 65 percent admit work-related stress issues are compromising their ability to protect their organization. Among the CISOs surveyed, 100 percent say they need additional resources to adequately cope with current IT security challenges.

Continue reading →

Thanks to improved security technology, most cyberattacks now rely on some element of social engineering in order to exploit the weakest link, the human.

Phillip Wylie, hacker in residence at CyCognito, believes CISOs now need to take a step back and focus on the overall picture when it comes to security. This includes securing internal and external attack surfaces, and testing the security of these environments, as well as educating employees about the risks.

Continue reading →

The role of the CISO has always been a somewhat secondary one in terms of the overall big picture of running a business.

However, a new study from cybersecurity company Coalfire shows that the CISO role is maturing quickly, and gaining more of a voice in the boardroom.

Continue reading →

The current economic downturn has meant significant budget cuts for many enterprises. But cyberthreats continue to escalate and businesses need to take them seriously.

This means that more than ever CISOs must prove the value of their cybersecurity programs to senior management. But how can they do this effectively? We spoke with Tim Erlin, VP of product innovation at SecurityScorecard to find out.

Continue reading →

The number of use cases for Kubernetes is expanding as an increasing number of enterprises across a wide array of industries are adopting it as their platform of choice. However, this also expands the enterprise attack surface and business risk as a result.

We spoke to William, Morgan CEO of Buoyant, about how CISOs are coming face-to-face with the insecurity that can arise from managing Kubernetes platforms. They are beginning to see the risks that can unfold as well as how a service mesh can support a security stack.

Continue reading →

As cyber threats intensify and the human and financial resources available to deal with them remain limited, there is a growing need for automation in cybersecurity.

The intelligent automation of key cybersecurity processes can significantly improve an organization's posture and at the same time support under-pressure employees by reducing reliance on manual processes. But in what is a relatively new approach, how far have organizations progressed along the cybersecurity automation maturity curve and is everyone on the same journey?

Continue reading →

A new survey reveals that while CISOs are still experiencing challenges around visibility, intelligence and control, nearly half (47 percent) are proactively focused on digital transformation and cloud migration.

The study of 600 UK CISOs from BlueFort Security finds most have moved beyond the challenges of a widespread shift to remote working and are now focused on digital transformation and migration to the cloud, despite an uncertain world picture and bleak economic environment.

Continue reading →