Security News

He outlines the critical skills for CISOs in 2024, addresses the challenges they face, and underscores the importance of aligning enterprise expectations with information protection demands. ' One of the most painful realities for CISOs today is a continuing disconnect between enterprise/agency expectations for their CISO, and, what the CISO is actually tasked and funded to deliver.

In this Help Net Security video, Bindu Sundaresan, Director at AT&T Cybersecurity, discusses the ongoing changes we'll see from the CISO role as digital transformation efforts continue. It is now a position that leads cross-functional teams to match the speed and boldness of digital transformations with agile, forward-thinking security and privacy strategies, investments, and plans.

CISOs should also look at the business strategy and where the business intends to go and find ways to turn cybersecurity into a competitive advantage. While businesses aim for different outcomes, one goal that the business typically prescribes for cybersecurity is business continuity.

The Clorox Company's chief security officer has left her job in the wake of a corporate network breach that cost the manufacturer hundreds of millions of dollars. Amy Bogac held the title of chief information security officer and VP of enterprise security and infrastructure at Clorox since June 2021, per her LinkedIn profile.

There is a clear disconnect and even some distrust between CISOs and developers related to how security-conscious each department is within the organization, who is responsible for preventing and mitigating security issues, how well CISOs understand developers' day-to-day tools, and how well developers understand the risk associated with aspects of their job and the tools they use. Only 43% of developers believe that CISOs are "Very familiar" with how container images fit into their work, which is low when compared to other aspects of how developers perceive their security team to understand their work: open-source software libraries and projects, source code repositories and source code management systems, and software build tools.

Two groups in particular play a key and critical role in ensuring data governance and security: the CISO and the CDO. CISOs are responsible for identifying and managing risks associated with data security, while CDOs are responsible for ensuring data accuracy, quality, and consistency. Together, they can establish a framework for managing data risks and provide a clear understanding of data ownership and accountability - but they must be speaking the same language.

The Securities and Exchange Commission brought charges against both Austin, TX-based information security software company SolarWinds and its CISO Timothy G. Brown on October 30. The SEC alleges that between SolarWinds' October 2018 initial public offering and the December 2020 announcement of the large-scale cyberattack, SolarWinds and Brown specifically " defrauded investors by overstating SolarWinds' cybersecurity practices and understating or failing to disclose known risks.

The Securities and Exchange Commission announced charges against SolarWinds and its CISO, Timothy G. Brown, for fraud and internal control failures relating to allegedly known cybersecurity risks and vulnerabilities. The complaint alleges that, from at least its October 2018 initial public offering through at least its December 2020 announcement that it was the target of a massive, nearly two-year long cyberattack, dubbed SUNBURST, SolarWinds and Brown defrauded investors by overstating SolarWinds' cybersecurity practices and understating or failing to disclose known risks.

TechRepublic Premium Hiring Kit: Cloud Engineer Regardless of what business or what industry you are in, the potential benefits of cloud computing and cloud computing services are self-evident. With so many businesses flooding .... TechRepublic Premium Hiring Kit: Data Architect To make their best decisions, businesses need the best actionable information.

Many CISOs are grappling with the conundrum of the purpose and value of security controls data in supporting critical business decisions, according to Panaseer. Only 36% of security leaders are totally confident in their security data and use it for all strategic decision making.