The Assumed Breach conundrum
Breaches are inevitable due to the asymmetry of attacks – carpet checks versus guerilla warfare. Companies – regardless of size – have been breached. For years, security leaders have spoken about the...
View ArticleThe rise in CISO job dissatisfaction – what’s wrong and how can it be fixed?
More CISOs are dissatisfied with the role today than ever before, with studies showing that a high number of security chiefs (75%) are interested in a job change. What gives? Researchers, advisors and...
View ArticleWhat is biometrics? 10 physical and behavioral identifiers that can be used...
Biometrics definition Biometrics are physical or behavioral human characteristics to that can be used to digitally identify a person to grant access to systems, devices, or data. Examples of these...
View ArticleNew OT security service can help secure against critical systems attacks
To help secure the operational technology (OT) systems within industrial organizations against growing targeted attacks, cybersecurity solutions provider Critical Start has launched a managed...
View ArticleHow the ToddyCat threat group sets up backup traffic tunnels into victim...
ToddyCat, a Chinese advanced persistent threat (APT) group that has been targeting Asian and European government and military organizations over the past four years, is using several different traffic...
View ArticleWhat will cyber threats look like in 2024?
2023 was a big year for threat intelligence. The sheer volume of threats and attacks revealed through Microsoft’s analysis of 78 trillion daily security signals indicates a shift in how threat actors...
View ArticleCisco urges immediate software upgrade after state-sponsored attack
Cisco has urged its customers to upgrade their software after disclosing that state-sponsored hackers have compromised some of its security devices. In a blog post, the company said hackers exploited...
View ArticleSalt Security adds defense against OAuth attacks
Salt Security has added a new OAuth security offering to its API protection platform to help organizations detect attempts to exploit OAuth and fix vulnerabilities associated with the protocol. OAuth...
View ArticleCloud security teams: What to know as M&A activity rebounds in 2024
As we near the halfway point of the year, organizations are under tremendous pressure to grow businesses across all industries. It’s no secret: bottom lines must rise and 2024 has been earmarked as a...
View ArticleLooking outside: How to protect against non-Windows network vulnerabilities
Because of its ubiquity as a network platform, Windows all too often gets blamed as the source of a host of network security vulnerabilities. But recent events have shown the truth — that all sorts of...
View ArticleTop cybersecurity product news of the week
Amplifier launches copilot to guide teams through security protocols April 24: Amplifier Security is coming into the market and has announced a product that promises to connect the dots between an...
View ArticleNew CISO appointments 2024
The upper ranks of corporate security are seeing a high rate of change as companies try to adapt to the evolving threat landscape. Many companies are hiring a chief security officer (CSO) or chief...
View ArticleThe biggest data breach fines, penalties, and settlements so far
Sizable fines assessed for data breaches in recent years suggest that regulators are getting more serious about cracking down on organizations that don’t properly protect consumer data. Hit with a $...
View Article2024 CSO30 ASEAN Awards: Call for nominations
CSO ASEAN is proud to launch the fourth edition of the CSO30 ASEAN Awards in 2024 – recognising the top 30 cybersecurity executives driving innovation, strengthening resilience, and influencing...
View ArticleFinding the perfect match: What CISOs should ask before saying ‘yes’ to a job
When people go through the recruitment process for a new job, it’s common to forget it’s a two-way street. Not only is it an opportunity for a company to figure out whether they should hire a...
View ArticleNavigating personal liability: post data-breach recommendations for CISOs
The key to minimize personal liability for CSOs and CISOs after a data breach is to act responsibly and reasonably. The current state of the law is that those involved in an organization that is...
View ArticleUK’s revamped surveillance rules become law despite industry opposition
The UK’s Investigatory Powers (Amendment) Act (IPAA) received royal assent on Friday, making it law and broadening the government’s ability to collect bulk communications data. The Act raises concerns...
View ArticleIs your hybrid/multicloud strategy putting your organization at risk?
When an organization’s assets span multiple public – and private – clouds, it can be exceedingly difficult to achieve consistency with how workloads are deployed and managed and how policies are...
View ArticleMarriott admits it falsely claimed for five years it was using encryption...
For more than five years, Marriott has defended a massive 2018 data breach by arguing that its encryption level (AES-128) was so strong that the case against it should be dismissed. But attorneys for...
View ArticleWant to drive more secure GenAI? Try automating your red teaming
Although 55% of organizations are currently piloting or using a generative AI (GenAI) solution, securely deploying the technology remains a significant focus for cyber leaders. A recent ISMG poll of...
View Article