Security News

Every CISO knows that cybersecurity is an increasingly hot topic for executives and board members alike. Only 5% of CISOs report directly to the CEO, indicating a potential lack of high-level influence, and 2⁄3 's of CISOs are two levels down from the CEO in the reporting structure.

In this Help Net Security video, Nick McKenzie, CISO of Bugcrowd, discusses the key findings from their recent report, which comes at a crucial time as security leaders' roles are being discussed more with the current risk landscape and the increasing need to prioritize security first over operational resilience in almost all verticals. Most CISOs believe AI makes the threat landscape impossible to secure.

Contradicting legacy stereotypes of the CISO as inherently risk averse, only 16% of today's CISOs classified their current risk appetite as low. CISOs see their CEOs as much more risk averse than themselves, with twice as many respondents perceiving their CEO as having a low-risk appetite.

Qualys CyberSecurity Asset Management 3.0 consolidates asset discovery and risk assessment into a single solution. A key differentiator of Qualys CyberSecurity Asset Management 3.0 is in the way its External Attack Surface Management technology works.

A Panaseer investigation into organizations’ annual 10-K filings reported to the SEC shows that from January-May 2024, at least 1,327 filings mentioned NIST – a key indicator that cybersecurity...

Please turn on your JavaScript for this page to function normally. Password security has seen dramatic shifts driven by the escalation of cyber threats and technological advancements.

Action1 researchers found an alarming increase in the total number of vulnerabilities across all enterprise software categories. "With the NVD's delay in associating Common Vulnerabilities and Exposures identifiers with CPE data, our report comes at a critical moment, providing much-needed insights into the evolving vulnerability landscape for enterprise software," said Mike Walters, President of Action1.

Seventy percent of enterprises are prioritizing investment in SaaS security by establishing dedicated teams to secure SaaS applications, as part of a growing trend of maturity in this field of...

First, there needs to be a shift in thinking when it comes to data security and an acknowledgment that the threat landscape has become much more complex with the majority of sensitive corporate data now residing in the cloud rather than in dedicated private data centers, multiple servers, network equipment, and storage devices. Instead, organizations must think about adopting a defense-in-depth approach to their security strategy - one that provides continuous insights into what's happening to their mobile devices, and an ability to detect and respond with AI-driven automation to protect sensitive data in the cloud no matter where it goes.

The CISO role used to be focused primarily on information security - creating and implementing policies to safeguard an organization's data and IT infrastructure from cybersecurity threats. As organizations rapidly migrate to cloud environments, the responsibilities and challenges for CISOs have expanded significantly.