Security News

How CISOs tackle business payment fraud
2024-03-28 05:00

In this Help Net Security video, Shai Gabay, CEO of Trustmi, discusses why payments are a source of cyber worry for CISOs. CISOs are worried about Business Email Compromise, cyber attackers' use of AI, and securing the supply chain.

3 Things CISOs Achieve with Cato
2024-03-14 10:24

Being a CISO is a balancing act: ensuring organizations are secure without compromising users’ productivity. This requires taking multiple elements into consideration, like cost, complexity,...

The CISO’s guide to reducing the SaaS attack surface
2024-02-29 03:55

Please turn on your JavaScript for this page to function normally. SaaS sprawl introduces security risks, operational headaches, and eye-popping subscription costs.

Google Cloud’s Nick Godfrey Talks Security, Budget and AI for CISOs
2024-02-12 14:51

As senior director and global head of the office of the chief information security officer at Google Cloud, Nick Godfrey oversees educating employees on cybersecurity as well as handling threat detection and mitigation. We conducted an interview with Godfrey via video call about how CISOs and other tech-focused business leaders can allocate their finite resources, getting buy-in on security from other stakeholders, and the new challenges and opportunities introduced by generative AI. Since Godfrey is based in the United Kingdom, we asked his perspective on UK-specific considerations as well.

How CISOs navigate policies and access across enterprises
2024-02-06 06:00

How do security validations contribute to an organization's understanding of its security posture and risk profile? Third party security validation is a helpful tool, but typically is only part of the analysis required to understand the entire posture and effectiveness of a security program.

The SEC Won't Let CISOs Be: Understanding New SaaS Cybersecurity Rules
2024-01-31 11:02

The SEC isn’t giving SaaS a free pass. Applicable public companies, known as “registrants,” are now subject to cyber incident disclosure and cybersecurity readiness requirements for data stored in...

CISOs’ role in identifying tech components and managing supply chains
2024-01-25 05:00

In this Help Net Security interview, Nate Warfield, Director of Threat Research and Intelligence at Eclypsium, outlines the crucial tasks for CISOs in protecting supply chains and achieving comprehensive visibility. Auditing a hardware supply chain is exponentially more difficult, as vendors may or may not choose to disclose what their underlying operating systems are, what open source software they use, where they source the hardware components of their devices, what firmware runs both the device itself and its subcomponents - for example a router may run a Linux distribution, with an open source routing daemon, a motherboard from Supermicro, with high-speed NICs from Mellanox, a baseboard management controller from ASPEED with BMC code from AMI which itself is another version of Linux with its own SBOM. With the apparent disconnect between security and development teams in software supply chain security, what strategies do you recommend to enhance collaboration?

CISOs’ crucial role in aligning security goals with enterprise expectations
2024-01-17 05:00

He outlines the critical skills for CISOs in 2024, addresses the challenges they face, and underscores the importance of aligning enterprise expectations with information protection demands. ' One of the most painful realities for CISOs today is a continuing disconnect between enterprise/agency expectations for their CISO, and, what the CISO is actually tasked and funded to deliver.

The expanding scope of CISO duties in 2024
2024-01-11 04:30

In this Help Net Security video, Bindu Sundaresan, Director at AT&T Cybersecurity, discusses the ongoing changes we'll see from the CISO role as digital transformation efforts continue. It is now a position that leads cross-functional teams to match the speed and boldness of digital transformations with agile, forward-thinking security and privacy strategies, investments, and plans.

CISOs can marry security and business success
2023-11-22 05:30

CISOs should also look at the business strategy and where the business intends to go and find ways to turn cybersecurity into a competitive advantage. While businesses aim for different outcomes, one goal that the business typically prescribes for cybersecurity is business continuity.