Security News

Vendors are at the heart of many companies’ processes and activities, and their numbers are increasing. But the process of onboarding vendors has become complicated because of concerns about...

73% of security and IT executives are concerned about new vulnerabilities and risks introduced by the distributed workforce, Skybox Security reveals. Surveying 295 global executives, the report found that organizations are overconfident in their security posture, and new strategies are needed to secure a long-term distributed workforce.

This issue of SecurityWeek's CISO Conversations with leading CISOs from the critical industries looks at the healthcare sector. In this feature we talk to Cris Ewell, CISO at the University of Washington Medical Center, and Dan Bowden, VP and CISO of Sentara Healthcare.

CISOs are conflicted about how their companies can best reposition themselves to address the sudden and rapid shift to remote work caused by the pandemic, Hysolate research reveals. 36 percent deploy VDI or DaaS. However, of those CISOs that utilize VDI or DaaS, only 18 percent say their employees are happy with their company's VDI or DaaS solution.

American financial regulators in New York have demanded Twitter be subject to harsher rules following the July hacks of prominent users' accounts - as CEO Jack Dorsey furiously backpedals after his website censored a news article from a US newspaper. The New York State Department of Financial Services demanded that Twitter be subject to more "Cybersecurity protections", controlled and overseen, naturally, by itself.

This is the rider in the Boards' willingness to invest - all three of these investment triggers are reactive; that is, they are tactical responses rather than strategic plans. "The fact Boards mainly approve investments after a security incident or through fear of regulatory penalties for non-compliance," comments Terence Jackson, CISO for the privilege management firm Thycotic, "Shows that cybersecurity investment decisions are more about insurance than about any desire to lead the field which, in the long run, limits the industry's ability to keep pace with the cybercriminals."

Cyral has received a strategic investment from Silicon Valley CISO Investments, an angel syndicate of more than 50 practicing CISOs that invests in a small number of innovative cybersecurity startups each year. Cyral is only the fifth company to receive an investment from SVCI, which was founded in late 2019, following a rigorous due diligence process that included multiple presentations to SVCI members and insight into the company's growth plans.

Bandos will bring more than 15 years of experience to the position including his five years as VP of Cybersecurity at Digital Guardian. Prior to joining Digital Guardian, Bandos was Director of Cybersecurity for Dupont where he was responsible for overseeing internal controls, incident response and threat intelligence.

A survey of business leaders by PwC finds the pandemic is causing rapid changes in the roles CISOs play, and offers five tips for ensuring that security remains stable as we enter a new normal. Ninety-six percent of respondents said they're adjusting their cybersecurity plans due to COVID-19, and the biggest evolution in security strategies seems to be baking security and privacy into every business decision.

The CISO’s Guide to Third-Party Security Management provides the instructions you need to make your organization’s third-party security program effective and scalable. In particular, it covers how...