Security News

In the digital realm, secrets (API keys, private keys, username and password combos, etc.) are the keys to the kingdom. But what if those keys were accidentally left out in the open in the very...

Cybersecurity professionals are experiencing high levels of stress, which can have both business and personal implications. Here’s how they can improve their mental health.

Researchers found that 73% of CISOs expressed concern over cybersecurity becoming unwieldy, requiring risk-laden tradeoffs, compared to only 58% of both CIOs and CTOs. 73% of CISOs feel more pressure to implement AI strategies versus just 58% of CIOs and CTOs.

A new eBook by Cynomi, "What does it take to be a full-fledged Virtual CISO?" lays out exactly how service providers can easily, rapidly, and economically expand their vCISO service offerings to cover the entire range of duties. To operate successfully at a C-level and under - and stand the interplay between IT and business, a knowledge of business is essential - some CISOs even possess an MBA. CISO shortage fuels SMB demand for vCISO services.

In this Help Net Security interview, Christos Tulumba, CISO at Veritas Technologies, discusses the key factors contributing to increased personal liability risks for CISOs. What key factors have contributed to increased personal liability risks for CISOs?

Former Uber CISO Joe Sullivan, who was convicted for attempting to cover up a data breach Uber suffered in 2016, recently posited that in the very near future, CEOs might find themselves held directly responsible for cybersecurity breaches. While cybersecurity budget growth slowed in 2022 and 2023 due to economic concerns, recent surveys of CISOs have reported strong growth in cybersecurity spending in enterprises.

67% of CISOs report feeling unprepared for these new compliance regulations, while 52% admit to needing more knowledge on reporting cyber attacks to the government. "As cyber threats escalate and regulations impose heavy penalties for non-compliance, it's imperative for CISOs to reassess and strengthen their security programs in a data-driven way. Our survey reveals critical industry benchmarks, highlighting areas of strength and significant gaps that need urgent attention," said Sivan Tehila, CEO of Onyxia.

At the core of effective IDTR is the principle of least privilege, which scrutinizes who has access to systems and assets and for how long. Let's take a closer look at what comprises an ITDR approach and the basics of least privilege, then explore how least privilege enables CISOs to implement and manage successful ITDR strategies.

In this Help Net Security interview, Ava Chawla, Head of Cloud Security at AlgoSec, discusses the most significant cloud security threats CISOs must be aware of in 2024. These threats include data...

How should CISOs approach AI adoption? When weighing new AI tools, CISOs must examine the risk of a few key factors. These considerations apply to all tools that may leverage AI across all business departments, not just security tools that use AI. The first is data handling practices, from collection and processing to storage and encryption, ensuring robust access controls are in place.