Security News

There is a disconnect between the boardroom and CISOs when evaluating the risk posed by today's sophisticated cybercriminals: 65% of board members believe that their organization is at risk of material cyber attack in the next 12 months, compared to 48% of CISOs. Board members and CISOs have similar concerns about the threats they face: board members ranked email fraud/business email compromise as their top concern, followed by cloud account compromise, and ransomware.

The relationship between boards of directors and CISOs could be better these days. According to a report from cyber security firm ProofPoint in collaboration with Cybersecurity at MIT Sloan, while 69% of board members report seeing eye-to-eye with their CISO, only 51% of CISOs say the same thing.

Splunk has appointed Jason Lee as the Company's Chief Information Security Officer, effective immediately. Lee will oversee all facets of global security to protect Splunk employees and customers, including cloud and application security, operations, threat management, penetration testing, risk, and customer trust.

US-based CISOs get nearly $1 million per yearThe role of the Chief Information Security Officer is a relatively new senior-level executive position within most organizations, and is still evolving. Patch critical flaw in Atlassian Bitbucket Server and Data Center!A critical vulnerability in Atlassian Bitbucket Server and Data Center could be exploited by unauthorized attackers to execute malicious code on vulnerable instances.

To find out how current CISOs landed in that role, their aspirations, the compensation they receive, and which risks they face and responsibilities they shoulder, analysts with international executive search firm Heidrick & Struggles have asked 327 CISOs to participate in their 2022 Global CISO Survey. Who reports to CISOs and to whom do the CISOs report?

Whether you're on the way out of - or back to - the office, our Security Validation Checklist can help make sure your security posture is in good shape. Check for any new security vulnerabilities that were identified on your vacation.

DevOps does not mesh well with traditional security protocols, and this creates a sticky situation for CISOs to counter. How can CISOs facilitate this integration and create an agile security mechanism that complements agile development?

Nearly half of enterprises have fallen victim to a ransomware attack, of which nearly all have had little choice but to heed their attackers, according to the Q2 CISO Circuit report from YL Ventures. The financial disruption, privacy implications and operational failure danger caused by ransomware are often too critical to suffer.

In this interview for Help Net Security, Dan Tucker, Senior VP at Booz Allen, and leader of the firm's cloud and data engineering solutions for citizen services, talks about government digital transformation efforts, security challenges, and offers tips for CISOs. The ability for government to rapidly share data, derive insights, and convert that into decision-making continues to improve, but the expansion of data volume and transfer methods also increases our nation's digital attack surface.

As the CISO role continues evolving from a back office IT function to taking on a larger enterprise focus, CISOs are assuming more strategic and risk-related responsibilities. Though 77% had been in their role for at least three years, almost two-thirds of those who have been in their role for less than a year came from a previous CISO role, while those who've been in their current role for five or more years were more likely to have come from a role other than CISO. SEE: Hiring kit: Data scientist.