Security News

Google has snapped up Goldman Sachs cybersecurity veteran Phil Venables to manage security and risk for the important Google Cloud franchise. Venables, a cybersecurity leader with a storied career in the financial services sector, will be Google Cloud's first Chief Information Security Officer.

CISOs with small security teams hold an intensive juggling act. All the while, they're doing this with a small security team, trying to get the most out of existing resources, preventing team burnout, and most likely taking an active, hands-on approach to ensure that all the goals are met.

In this interview, Matt Cooke, cybersecurity strategist, EMEA at Proofpoint, discusses the cybersecurity challenges for retail organizations and the main areas CISOs need to focus on. What areas should a CISO of a retail organization be particularly worried about?

Vendors are at the heart of many companies’ processes and activities, and their numbers are increasing. But the process of onboarding vendors has become complicated because of concerns about...

73% of security and IT executives are concerned about new vulnerabilities and risks introduced by the distributed workforce, Skybox Security reveals. Surveying 295 global executives, the report found that organizations are overconfident in their security posture, and new strategies are needed to secure a long-term distributed workforce.

This issue of SecurityWeek's CISO Conversations with leading CISOs from the critical industries looks at the healthcare sector. In this feature we talk to Cris Ewell, CISO at the University of Washington Medical Center, and Dan Bowden, VP and CISO of Sentara Healthcare.

CISOs are conflicted about how their companies can best reposition themselves to address the sudden and rapid shift to remote work caused by the pandemic, Hysolate research reveals. 36 percent deploy VDI or DaaS. However, of those CISOs that utilize VDI or DaaS, only 18 percent say their employees are happy with their company's VDI or DaaS solution.

American financial regulators in New York have demanded Twitter be subject to harsher rules following the July hacks of prominent users' accounts - as CEO Jack Dorsey furiously backpedals after his website censored a news article from a US newspaper. The New York State Department of Financial Services demanded that Twitter be subject to more "Cybersecurity protections", controlled and overseen, naturally, by itself.

This is the rider in the Boards' willingness to invest - all three of these investment triggers are reactive; that is, they are tactical responses rather than strategic plans. "The fact Boards mainly approve investments after a security incident or through fear of regulatory penalties for non-compliance," comments Terence Jackson, CISO for the privilege management firm Thycotic, "Shows that cybersecurity investment decisions are more about insurance than about any desire to lead the field which, in the long run, limits the industry's ability to keep pace with the cybercriminals."

Cyral has received a strategic investment from Silicon Valley CISO Investments, an angel syndicate of more than 50 practicing CISOs that invests in a small number of innovative cybersecurity startups each year. Cyral is only the fifth company to receive an investment from SVCI, which was founded in late 2019, following a rigorous due diligence process that included multiple presentations to SVCI members and insight into the company's growth plans.