Security News

Meatbag errors are keeping CISOs awake at night, according to Proofpoint's "Cybersecurity: The 2023 Board Perspective" report, with 78 percent tapping it as the most significant risk. Global board members remained jittery - researchers found 73 percent felt at risk of cyber-attack.

The role of the CISO keeps taking center stage as a business enabler: CISOs need to navigate the complex landscape of digital threats while fostering innovation and ensuring business continuity. Three CISOs; Troy Wilkinson, CISO at IPG; Rob Geurtsen, former Deputy CISO at Nike; and Tammy Moskites, Founder of CyAlliance and former CISO at companies like Warner Brothers and Home Depot - shared their perspectives on how to run an effective SOC in 2023.

"The most effective CISOs stay apprised of existing and emerging risks so they can provide leadership with context around the most significant threats facing the business, to influence investments and risk decisions accordingly." 63% of top-performing CISOs proactively engage in securing emerging technologies like artificial intelligence, machine learning and blockchain, compared with just 38% of bottom-performing CISOs.

While replacing legacy technologies can be costly, those costs may pale in comparison to a breach - both in terms of immediate financial impact and reputational damage. Here are three ways you can communicate risk to your leadership team as you work to replace legacy infrastructure.

A new State of SaaS Security Posture Management Report from SaaS cybersecurity provider AppOmni indicates that Cybersecurity, IT, and business leaders alike recognize SaaS cybersecurity as an increasingly important part of the cyber threat landscape. When asked to rate the SaaS cybersecurity maturity level of their organizations, 71% noted that their organizations' SaaS cybersecurity maturity has achieved either a mid-high level or the highest level.

In this Help Net Security interview, Kevin Paige, CISO at Uptycs, provides insights into how he navigates the complex cybersecurity landscape, striking a balance between technical expertise, effective communication, risk management, and adaptive leadership. As a CISO, how do you balance maintaining technical prowess with the need to communicate complex issues to stakeholders in simple terms?

In this Help Net Security interview, we delve into the world of cybersecurity with Michael Adams, the CISO at Zoom. In addition to adopting appropriate technologies, it's important to provide a comprehensive security training program.

In this Help Net Security interview, Attila Török, CISO at GoTo, discusses how to balance technical expertise and leadership and how he navigates the rapidly evolving technological landscape. In your opinion, what are the key characteristics of an effective CISO? How do you balance technical expertise and leadership skills?

Smart CISOs are tapping into that enthusiasm and providing developers with the education pathways they want and need, with the payoff being a reduction in common vulnerabilities. The best CISOs know that upskilling is critical to success.

The majority of organizations are on the road to implementing a zero trust framework to increase their overall security risk posture, according to PlainID. However, only 50% said that authorization makes up their zero trust program - potentially exposing their infrastructure to threat actors. Historically, a zero trust framework was focused on solving the challenges associated with authentication, end point and network access security.